diff options
-rw-r--r-- | metadata/pkg_desc_index | 2 | ||||
-rw-r--r-- | sys-apps/less/files/less-643-LESSOPEN-escape.patch | 61 | ||||
-rw-r--r-- | sys-apps/less/less-643-r3.ebuild (renamed from sys-apps/less/less-643-r1.ebuild) | 3 |
3 files changed, 64 insertions, 2 deletions
diff --git a/metadata/pkg_desc_index b/metadata/pkg_desc_index index b8826e7b..5dc1e912 100644 --- a/metadata/pkg_desc_index +++ b/metadata/pkg_desc_index @@ -98,7 +98,7 @@ net-print/foo2zjs 20200221: Support for printing to ZjStream-based printers sci-geosciences/googleearth 7.1.8.3036-r4 7.3.0.3832-r4 7.3.4-r2 7.3.6: A 3D interface to the planet sci-mathematics/reduce 20141130-r3 20190413: A general-purpose computer algebra system sys-apps/cpi 3.2: A wrapper for cp -i -a, making use of diff -sys-apps/less 643-r1: Excellent text file viewer, optionally with additional selection feature +sys-apps/less 643-r3: Excellent text file viewer, optionally with additional selection feature sys-apps/man 1.6g-r4: Standard commands to read man pages sys-apps/openrc-wrapper 2.4: Use openrc init scripts with systemd or other init systems sys-apps/paxopen 1.2: A wrapper script to set PAX kernel variables to an insecure/safe state diff --git a/sys-apps/less/files/less-643-LESSOPEN-escape.patch b/sys-apps/less/files/less-643-LESSOPEN-escape.patch new file mode 100644 index 00000000..f3fe50fc --- /dev/null +++ b/sys-apps/less/files/less-643-LESSOPEN-escape.patch @@ -0,0 +1,61 @@ +https://openwall.com/lists/oss-security/2024/04/12/5 +https://bugs.gentoo.org/929210 +https://github.com/gwsw/less/commit/007521ac3c95bc76e3d59c6dbfe75d06c8075c33 + +Upstream provided this version via email as a backport to 643. +--- a/filename.c ++++ b/filename.c +@@ -134,6 +134,15 @@ + } + + /* ++ * Must use quotes rather than escape char for this metachar? ++ */ ++static int must_quote(char c) ++{ ++ /* {{ Maybe the set of must_quote chars should be configurable? }} */ ++ return (c == '\n'); ++} ++ ++/* + * Insert a backslash before each metacharacter in a string. + */ + public char * shell_quote(char *s) +@@ -164,6 +173,9 @@ + * doesn't support escape chars. Use quotes. + */ + use_quotes = 1; ++ } else if (must_quote(*p)) ++ { ++ len += 3; /* open quote + char + close quote */ + } else + { + /* +@@ -193,15 +205,22 @@ + { + while (*s != '\0') + { +- if (metachar(*s)) ++ if (!metachar(*s)) + { +- /* +- * Add the escape char. +- */ ++ *p++ = *s++; ++ } else if (must_quote(*s)) ++ { ++ /* Surround the char with quotes. */ ++ *p++ = openquote; ++ *p++ = *s++; ++ *p++ = closequote; ++ } else ++ { ++ /* Insert an escape char before the char. */ + strcpy(p, esc); + p += esclen; ++ *p++ = *s++; + } +- *p++ = *s++; + } + *p = '\0'; + } diff --git a/sys-apps/less/less-643-r1.ebuild b/sys-apps/less/less-643-r3.ebuild index 0156255e..62013910 100644 --- a/sys-apps/less/less-643-r1.ebuild +++ b/sys-apps/less/less-643-r3.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors and Martin V\"ath +# Copyright 1999-2024 Gentoo Authors and Martin V\"ath # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -38,6 +38,7 @@ BDEPEND="test? ( virtual/pkgconfig )" PATCHES=( "${FILESDIR}"/${PN}-643-lesstest-pkg-config.patch + "${FILESDIR}"/${PN}-643-LESSOPEN-escape.patch ) pkg_setup() { |