diff options
author | bsiegert <bsiegert@pkgsrc.org> | 2015-12-18 19:50:32 +0000 |
---|---|---|
committer | bsiegert <bsiegert@pkgsrc.org> | 2015-12-18 19:50:32 +0000 |
commit | bd52e7e8063fe48ecf407b801b41519cd5158d6f (patch) | |
tree | 59e23b194b4285e6e4290fd26992f8a1b63e4d4a | |
parent | 4365bf8676b31644f01d2b07d8d1810ae6c0e211 (diff) | |
download | pkgsrc-bd52e7e8063fe48ecf407b801b41519cd5158d6f.tar.gz |
Pullup ticket #4873 - requested by cyber
devel/nbpatch: security fix
Revisions pulled up:
- devel/nbpatch/Makefile 1.10
- devel/nbpatch/files/backupfile.c 1.3
- devel/nbpatch/files/common.h 1.5
- devel/nbpatch/files/inp.c 1.7
- devel/nbpatch/files/nbpatch.1 1.2
- devel/nbpatch/files/nbpatch.cat1 1.2
- devel/nbpatch/files/patch.c 1.3
- devel/nbpatch/files/pch.c 1.2
---
Module Name: pkgsrc
Committed By: joerg
Date: Sat Nov 7 18:29:50 UTC 2015
Modified Files:
pkgsrc/devel/nbpatch: Makefile
pkgsrc/devel/nbpatch/files: backupfile.c common.h inp.c nbpatch.1
nbpatch.cat1 patch.c pch.c
Log Message:
nbpatch-20151107: Merge various changes from NetBSD:
(1) Allow "-V none" to disable backups.
(2) Stricter control about valid ed-style patches.
(3) Avoid shell use when looking for RCS, remove SCCS support.
-rw-r--r-- | devel/nbpatch/Makefile | 4 | ||||
-rw-r--r-- | devel/nbpatch/files/backupfile.c | 6 | ||||
-rw-r--r-- | devel/nbpatch/files/common.h | 7 | ||||
-rw-r--r-- | devel/nbpatch/files/inp.c | 113 | ||||
-rw-r--r-- | devel/nbpatch/files/nbpatch.1 | 79 | ||||
-rw-r--r-- | devel/nbpatch/files/nbpatch.cat1 | 140 | ||||
-rw-r--r-- | devel/nbpatch/files/patch.c | 4 | ||||
-rw-r--r-- | devel/nbpatch/files/pch.c | 117 |
8 files changed, 255 insertions, 215 deletions
diff --git a/devel/nbpatch/Makefile b/devel/nbpatch/Makefile index 6b848b1031f..7b995aebf25 100644 --- a/devel/nbpatch/Makefile +++ b/devel/nbpatch/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.9 2013/02/10 13:06:43 obache Exp $ +# $NetBSD: Makefile,v 1.9.22.1 2015/12/18 19:50:32 bsiegert Exp $ # -DISTNAME= nbpatch-20100124 +DISTNAME= nbpatch-20151107 CATEGORIES= devel MASTER_SITES= # empty DISTFILES= # empty diff --git a/devel/nbpatch/files/backupfile.c b/devel/nbpatch/files/backupfile.c index 822fa2b343c..34b73d2ff4b 100644 --- a/devel/nbpatch/files/backupfile.c +++ b/devel/nbpatch/files/backupfile.c @@ -1,7 +1,7 @@ /* * $OpenBSD: backupfile.c,v 1.19 2006/03/11 19:41:30 otto Exp $ * $DragonFly: src/usr.bin/patch/backupfile.c,v 1.5 2008/08/11 00:05:06 joerg Exp $ - * $NetBSD: backupfile.c,v 1.2 2008/09/10 18:48:01 joerg Exp $ + * $NetBSD: backupfile.c,v 1.2.60.1 2015/12/18 19:50:32 bsiegert Exp $ */ /* @@ -229,11 +229,11 @@ invalid_arg(const char *kind, const char *value, int problem) } static const char *backup_args[] = { - "never", "simple", "nil", "existing", "t", "numbered", 0 + "none", "never", "simple", "nil", "existing", "t", "numbered", 0 }; static enum backup_type backup_types[] = { - simple, simple, numbered_existing, + none, simple, simple, numbered_existing, numbered_existing, numbered, numbered }; diff --git a/devel/nbpatch/files/common.h b/devel/nbpatch/files/common.h index 329fd8484f4..625e74a7fd5 100644 --- a/devel/nbpatch/files/common.h +++ b/devel/nbpatch/files/common.h @@ -1,7 +1,7 @@ /* * $OpenBSD: common.h,v 1.26 2006/03/11 19:41:30 otto Exp $ * $DragonFly: src/usr.bin/patch/common.h,v 1.5 2008/08/10 23:50:12 joerg Exp $ - * $NetBSD: common.h,v 1.4 2014/03/14 22:13:09 ryoon Exp $ + * $NetBSD: common.h,v 1.4.14.1 2015/12/18 19:50:32 bsiegert Exp $ */ /* @@ -49,14 +49,15 @@ #define INITHUNKMAX 125 /* initial dynamic allocation size */ #define MAXLINELEN 8192 #define BUFFERSIZE 1024 +#define LINENUM_MAX LONG_MAX #define SCCSPREFIX "s." #define GET "get -e %s" #define SCCSDIFF "get -p %s | diff - %s >/dev/null" #define RCSSUFFIX ",v" -#define CHECKOUT "co -l %s" -#define RCSDIFF "rcsdiff %s > /dev/null" +#define CHECKOUT "/usr/bin/co" +#define RCSDIFF "/usr/bin/rcsdiff" #define ORIGEXT ".orig" #define REJEXT ".rej" diff --git a/devel/nbpatch/files/inp.c b/devel/nbpatch/files/inp.c index d4720be41ff..e5dc6d36d3d 100644 --- a/devel/nbpatch/files/inp.c +++ b/devel/nbpatch/files/inp.c @@ -1,7 +1,7 @@ /* * $OpenBSD: inp.c,v 1.34 2006/03/11 19:41:30 otto Exp $ * $DragonFly: src/usr.bin/patch/inp.c,v 1.6 2007/09/29 23:11:10 swildner Exp $ - * $NetBSD: inp.c,v 1.6 2009/10/21 17:17:04 joerg Exp $ + * $NetBSD: inp.c,v 1.6.48.1 2015/12/18 19:50:32 bsiegert Exp $ */ /* @@ -39,8 +39,10 @@ #include <sys/file.h> #include <sys/stat.h> #include <sys/mman.h> +#include <sys/wait.h> #include <ctype.h> +#include <errno.h> #include <fcntl.h> #include <libgen.h> #include <limits.h> @@ -61,6 +63,8 @@ #define MAP_FAILED (void *)(-1) #endif +#undef __UNCONST +#define __UNCONST(a) ((void *)(size_t)(const void *)(a)) /* Input-file-with-indexable-lines abstract type */ @@ -147,12 +151,14 @@ reallocate_lines(size_t *lines_allocated) static bool plan_a(const char *filename) { - int ifd, statfailed; + int ifd, statfailed, devnull, pstat; char *p, *s, lbuf[MAXLINELEN]; struct stat filestat; off_t i; ptrdiff_t sz; size_t iline, lines_allocated; + pid_t pid; + char *argp[4] = {NULL}; #ifdef DEBUGGING if (debug & 8) @@ -175,18 +181,18 @@ plan_a(const char *filename) if (check_only) return true; makedirs(filename, true); - close(open(filename, O_CREAT | O_TRUNC | O_WRONLY, 0666)); + close(creat(filename, 0666)); statfailed = stat(filename, &filestat); } if (statfailed && check_only) fatal("%s not found, -C mode, can't probe further\n", filename); - /* For nonexistent or read-only files, look for RCS or SCCS versions. */ + /* For nonexistent or read-only files, look for RCS versions. */ if (statfailed || /* No one can write to it. */ (filestat.st_mode & 0222) == 0 || /* I can't write to it. */ ((filestat.st_mode & 0022) == 0 && filestat.st_uid != getuid())) { - const char *cs = NULL, *filebase, *filedir; + char *filebase, *filedir; struct stat cstat; char *tmp_filename1, *tmp_filename2; @@ -194,43 +200,26 @@ plan_a(const char *filename) tmp_filename2 = strdup(filename); if (tmp_filename1 == NULL || tmp_filename2 == NULL) fatal("strdupping filename"); - filebase = basename(tmp_filename1); - filedir = dirname(tmp_filename2); - - /* Leave room in lbuf for the diff command. */ - s = lbuf + 20; - + + filebase = basename(tmp_filename1); + filedir = dirname(tmp_filename2); + #define try(f, a1, a2, a3) \ - (snprintf(s, sizeof lbuf - 20, f, a1, a2, a3), stat(s, &cstat) == 0) - - if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || - try("%s/RCS/%s%s", filedir, filebase, "") || - try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { - snprintf(buf, buf_len, CHECKOUT, filename); - snprintf(lbuf, sizeof lbuf, RCSDIFF, filename); - cs = "RCS"; - } else if (try("%s/SCCS/%s%s", filedir, SCCSPREFIX, filebase) || - try("%s/%s%s", filedir, SCCSPREFIX, filebase)) { - snprintf(buf, buf_len, GET, s); - snprintf(lbuf, sizeof lbuf, SCCSDIFF, s, filename); - cs = "SCCS"; - } else if (statfailed) - fatal("can't find %s\n", filename); - - free(tmp_filename1); - free(tmp_filename2); + (snprintf(lbuf, sizeof lbuf, f, a1, a2, a3), stat(lbuf, &cstat) == 0) /* * else we can't write to it but it's not under a version * control system, so just proceed. */ - if (cs) { + if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || + try("%s/RCS/%s%s", filedir, filebase, "") || + try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { if (!statfailed) { if ((filestat.st_mode & 0222) != 0) /* The owner can write to it. */ fatal("file %s seems to be locked " - "by somebody else under %s\n", - filename, cs); + "by somebody else under RCS\n", + filename); /* * It might be checked out unlocked. See if * it's safe to check out the default version @@ -238,21 +227,59 @@ plan_a(const char *filename) */ if (verbose) say("Comparing file %s to default " - "%s version...\n", - filename, cs); - if (system(lbuf)) + "RCS version...\n", filename); + + switch (pid = fork()) { + case -1: + fatal("can't fork: %s\n", + strerror(errno)); + case 0: + devnull = open("/dev/null", O_RDONLY); + if (devnull == -1) { + fatal("can't open /dev/null: %s", + strerror(errno)); + } + (void)dup2(devnull, STDOUT_FILENO); + argp[0] = __UNCONST(RCSDIFF); + argp[1] = __UNCONST(filename); + execvp(RCSDIFF, argp); + exit(127); + } + pid = waitpid(pid, &pstat, 0); + if (pid == -1 || WEXITSTATUS(pstat) != 0) { fatal("can't check out file %s: " - "differs from default %s version\n", - filename, cs); + "differs from default RCS version\n", + filename); + } } + if (verbose) - say("Checking out file %s from %s...\n", - filename, cs); - if (system(buf) || stat(filename, &filestat)) - fatal("can't check out file %s from %s\n", - filename, cs); + say("Checking out file %s from RCS...\n", + filename); + + switch (pid = fork()) { + case -1: + fatal("can't fork: %s\n", strerror(errno)); + case 0: + argp[0] = __UNCONST(CHECKOUT); + argp[1] = __UNCONST("-l"); + argp[2] = __UNCONST(filename); + execvp(CHECKOUT, argp); + exit(127); + } + pid = waitpid(pid, &pstat, 0); + if (pid == -1 || WEXITSTATUS(pstat) != 0 || + stat(filename, &filestat)) { + fatal("can't check out file %s from RCS\n", + filename); + } + } else if (statfailed) { + fatal("can't find %s\n", filename); } + free(tmp_filename1); + free(tmp_filename2); } + filemode = filestat.st_mode; if (!S_ISREG(filemode)) fatal("%s is not a normal file--can't patch\n", filename); @@ -262,7 +289,7 @@ plan_a(const char *filename) out_of_mem = false; return false; /* force plan b because plan a bombed */ } - if (i_size > SIZE_MAX) { + if ((uintmax_t)i_size > (uintmax_t)SIZE_MAX) { say("block too large to mmap\n"); return false; } diff --git a/devel/nbpatch/files/nbpatch.1 b/devel/nbpatch/files/nbpatch.1 index 71f94eb724c..daeae783d10 100644 --- a/devel/nbpatch/files/nbpatch.1 +++ b/devel/nbpatch/files/nbpatch.1 @@ -1,6 +1,6 @@ .\" $OpenBSD: patch.1,v 1.22 2008/06/06 20:44:00 jmc Exp $ .\" $DragonFly: src/usr.bin/patch/patch.1,v 1.10 2008/08/18 19:15:55 joerg Exp $ -.\" $NetBSD: nbpatch.1,v 1.1.1.1 2008/09/10 11:03:22 joerg Exp $ +.\" $NetBSD: nbpatch.1,v 1.1.1.1.60.1 2015/12/18 19:50:32 bsiegert Exp $ .\" Copyright 1986, Larry Wall .\" .\" Redistribution and use in source and binary forms, with or without @@ -21,7 +21,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd August 18, 2008 +.Dd November 7, 2015 .Dt PATCH 1 .Os .Sh NAME @@ -29,7 +29,6 @@ .Nd apply a diff file to an original .Sh SYNOPSIS .Nm -.Bk -words .Op Fl bCcEeflNnRstuv .Op Fl B Ar backup-prefix .Op Fl D Ar symbol @@ -39,12 +38,11 @@ .Op Fl o Ar out-file .Op Fl p Ar strip-count .Op Fl r Ar rej-name -.Op Fl V Cm t | nil | never +.Op Fl V Cm t | nil | never | none .Op Fl x Ar number .Op Fl z Ar backup-ext .Op Fl Fl posix .Op Ar origfile Op Ar patchfile -.Ek .Nm .Pf \*(Lt Ar patchfile .Sh DESCRIPTION @@ -87,10 +85,7 @@ below). .Pp The options are as follows: .Bl -tag -width Ds -.It Xo -.Fl B Ar backup-prefix , -.Fl Fl prefix Ar backup-prefix -.Xc +.It Fl B Ar backup-prefix , Fl Fl prefix Ar backup-prefix Causes the next argument to be interpreted as a prefix to the backup file name. If this argument is specified, any argument to @@ -113,10 +108,7 @@ Checks that the patch would apply cleanly, but does not modify anything. Forces .Nm to interpret the patch file as a context diff. -.It Xo -.Fl D Ar symbol , -.Fl Fl ifdef Ar symbol -.Xc +.It Fl D Ar symbol , Fl Fl ifdef Ar symbol Causes .Nm to use the @@ -126,10 +118,7 @@ The argument following will be used as the differentiating symbol. Note that, unlike the C compiler, there must be a space between the .Fl D and the argument. -.It Xo -.Fl d Ar directory , -.Fl Fl directory Ar directory -.Xc +.It Fl d Ar directory , Fl Fl directory Ar directory Causes .Nm to interpret the next argument as a directory, @@ -145,10 +134,7 @@ Forces to interpret the patch file as an .Xr ed 1 script. -.It Xo -.Fl F Ar max-fuzz , -.Fl Fl fuzz Ar max-fuzz -.Xc +.It Fl F Ar max-fuzz , Fl Fl fuzz Ar max-fuzz Sets the maximum fuzz factor. This option only applies to context diffs, and causes .Nm @@ -170,12 +156,9 @@ and assume that patches are not reversed even if they look like they are. This option does not suppress commentary; use .Fl s for that. -.It Xo -.Fl i Ar patchfile , -.Fl Fl input Ar patchfile -.Xc +.It Fl i Ar patchfile , Fl Fl input Ar patchfile Causes the next argument to be interpreted as the input file name -(i.e. a patchfile). +(i.e., a patchfile). This option may be specified multiple times. .It Fl l , Fl Fl ignore-whitespace Causes the pattern matching to be done loosely, in case the tabs and @@ -194,15 +177,9 @@ See also Forces .Nm to interpret the patch file as a normal diff. -.It Xo -.Fl o Ar out-file , -.Fl Fl output Ar out-file -.Xc +.It Fl o Ar out-file , Fl Fl output Ar out-file Causes the next argument to be interpreted as the output file name. -.It Xo -.Fl p Ar strip-count , -.Fl Fl strip Ar strip-count -.Xc +.It Fl p Ar strip-count , Fl Fl strip Ar strip-count Sets the pathname strip count, which controls how pathnames found in the patch file are treated, in case you keep your files in a different directory than the person who sent @@ -263,21 +240,15 @@ If it can, you will be asked if you want to have the option set. If it can't, the patch will continue to be applied normally. (Note: this method cannot detect a reversed patch if it is a normal diff -and if the first command is an append (i.e. it should have been a delete) +and if the first command is an append (i.e., it should have been a delete) since appends always succeed, due to the fact that a null context will match anywhere. Luckily, most patches add or change lines rather than delete them, so most reversed normal diffs will begin with a delete, which will fail, triggering the heuristic.) -.It Xo -.Fl r Ar rej-name , -.Fl Fl reject-file Ar rej-name -.Xc +.It Fl r Ar rej-name , Fl Fl reject-file Ar rej-name Causes the next argument to be interpreted as the reject file name. -.It Xo -.Fl s , Fl Fl quiet , -.Fl Fl silent -.Xc +.It Fl s , Fl Fl quiet , Fl Fl silent Makes .Nm do its work silently, unless an error occurs. @@ -295,10 +266,7 @@ and assume that patches are reversed if they look like they are. Forces .Nm to interpret the patch file as a unified context diff (a unidiff). -.It Xo -.Fl V Cm t | nil | never , -.Fl Fl version-control Cm t | nil | never -.Xc +.It Fl V Cm t | nil | never | none , Fl Fl version-control Cm t | nil | never | none Causes the next argument to be interpreted as a method for creating backup file names. The type of backups made can also be given in the @@ -328,22 +296,18 @@ Make numbered backups of files that already have them, simple backups of the others. .It Cm never , simple Always make simple backups. +.It Cm none +No backups are created. .El .It Fl v , Fl Fl version Causes .Nm to print out its revision header and patch level. -.It Xo -.Fl x Ar number , -.Fl Fl debug Ar number -.Xc +.It Fl x Ar number , Fl Fl debug Ar number Sets internal debugging flags, and is of interest only to .Nm patchers. -.It Xo -.Fl z Ar backup-ext , -.Fl Fl suffix Ar backup-ext -.Xc +.It Fl z Ar backup-ext , Fl Fl suffix Ar backup-ext Causes the next argument to be interpreted as the backup extension, to be used in place of .Qq .orig . @@ -483,9 +447,8 @@ the shortest basename, and the shortest total file name length (in that order). .It If no file exists, .Nm -checks for the existence of the files in an SCCS or RCS directory -(using the appropriate prefix or suffix) using the criteria specified -above. +checks for the existence of the files in an RCS directory using the criteria +specified above. If found, .Nm will attempt to get or check out the file. diff --git a/devel/nbpatch/files/nbpatch.cat1 b/devel/nbpatch/files/nbpatch.cat1 index 418e2ddb483..b8d5d5669e9 100644 --- a/devel/nbpatch/files/nbpatch.cat1 +++ b/devel/nbpatch/files/nbpatch.cat1 @@ -1,20 +1,21 @@ -PATCH(1) NetBSD General Commands Manual PATCH(1) +PATCH(1) General Commands Manual PATCH(1) NNAAMMEE - ppaattcchh -- apply a diff file to an original + ppaattcchh - apply a diff file to an original SSYYNNOOPPSSIISS ppaattcchh [--bbCCccEEeeffllNNnnRRssttuuvv] [--BB _b_a_c_k_u_p_-_p_r_e_f_i_x] [--DD _s_y_m_b_o_l] [--dd _d_i_r_e_c_t_o_r_y] [--FF _m_a_x_-_f_u_z_z] [--ii _p_a_t_c_h_f_i_l_e] [--oo _o_u_t_-_f_i_l_e] [--pp _s_t_r_i_p_-_c_o_u_n_t] - [--rr _r_e_j_-_n_a_m_e] [--VV tt | nniill | nneevveerr] [--xx _n_u_m_b_e_r] [--zz _b_a_c_k_u_p_-_e_x_t] - [----ppoossiixx] [_o_r_i_g_f_i_l_e [_p_a_t_c_h_f_i_l_e]] + [--rr _r_e_j_-_n_a_m_e] [--VV tt | nniill | nneevveerr | nnoonnee] [--xx _n_u_m_b_e_r] + [--zz _b_a_c_k_u_p_-_e_x_t] [----ppoossiixx] [_o_r_i_g_f_i_l_e [_p_a_t_c_h_f_i_l_e]] ppaattcchh <_p_a_t_c_h_f_i_l_e DDEESSCCRRIIPPTTIIOONN - ppaattcchh will take a patch file containing any of the four forms of differ- - ence listing produced by the diff(1) program and apply those differences - to an original file, producing a patched version. If _p_a_t_c_h_f_i_l_e is omit- - ted, or is a hyphen, the patch will be read from the standard input. + ppaattcchh will take a patch file containing any of the four forms of + difference listing produced by the diff(1) program and apply those + differences to an original file, producing a patched version. If + _p_a_t_c_h_f_i_l_e is omitted, or is a hyphen, the patch will be read from the + standard input. ppaattcchh will attempt to determine the type of the diff listing, unless over-ruled by a --cc, --ee, --nn, or --uu option. Context diffs (old-style, new- @@ -54,9 +55,9 @@ DDEESSCCRRIIPPTTIIOONN --DD _s_y_m_b_o_l, ----iiffddeeff _s_y_m_b_o_l Causes ppaattcchh to use the "#ifdef...#endif" construct to mark - changes. The argument following will be used as the differenti- - ating symbol. Note that, unlike the C compiler, there must be a - space between the --DD and the argument. + changes. The argument following will be used as the + differentiating symbol. Note that, unlike the C compiler, there + must be a space between the --DD and the argument. --dd _d_i_r_e_c_t_o_r_y, ----ddiirreeccttoorryy _d_i_r_e_c_t_o_r_y Causes ppaattcchh to interpret the next argument as a directory, and @@ -71,25 +72,26 @@ DDEESSCCRRIIPPTTIIOONN Forces ppaattcchh to interpret the patch file as an ed(1) script. --FF _m_a_x_-_f_u_z_z, ----ffuuzzzz _m_a_x_-_f_u_z_z - Sets the maximum fuzz factor. This option only applies to con- - text diffs, and causes ppaattcchh to ignore up to that many lines in - looking for places to install a hunk. Note that a larger fuzz + Sets the maximum fuzz factor. This option only applies to + context diffs, and causes ppaattcchh to ignore up to that many lines + in looking for places to install a hunk. Note that a larger fuzz factor increases the odds of a faulty patch. The default fuzz factor is 2, and it may not be set to more than the number of lines of context in the context diff, ordinarily 3. --ff, ----ffoorrccee Forces ppaattcchh to assume that the user knows exactly what he or she - is doing, and to not ask any questions. It assumes the follow- - ing: skip patches for which a file to patch can't be found; patch - files even though they have the wrong version for the "Prereq:" - line in the patch; and assume that patches are not reversed even - if they look like they are. This option does not suppress com- - mentary; use --ss for that. + is doing, and to not ask any questions. It assumes the + following: skip patches for which a file to patch can't be found; + patch files even though they have the wrong version for the + "Prereq:" line in the patch; and assume that patches are not + reversed even if they look like they are. This option does not + suppress commentary; use --ss for that. --ii _p_a_t_c_h_f_i_l_e, ----iinnppuutt _p_a_t_c_h_f_i_l_e Causes the next argument to be interpreted as the input file name - (i.e. a patchfile). This option may be specified multiple times. + (i.e., a patchfile). This option may be specified multiple + times. --ll, ----iiggnnoorree--wwhhiitteessppaaccee Causes the pattern matching to be done loosely, in case the tabs @@ -132,10 +134,10 @@ DDEESSCCRRIIPPTTIIOONN Not specifying --pp at all just gives you _b_l_u_r_f_l_._c, unless all of the directories in the leading path (_u_/_h_o_w_a_r_d_/_s_r_c_/_b_l_u_r_f_l) exist - and that path is relative, in which case you get the entire path- - name unmodified. Whatever you end up with is looked for either - in the current directory, or the directory specified by the --dd - option. + and that path is relative, in which case you get the entire + pathname unmodified. Whatever you end up with is looked for + either in the current directory, or the directory specified by + the --dd option. --RR, ----rreevveerrssee Tells ppaattcchh that this patch was created with the old and new @@ -151,7 +153,7 @@ DDEESSCCRRIIPPTTIIOONN asked if you want to have the --RR option set. If it can't, the patch will continue to be applied normally. (Note: this method cannot detect a reversed patch if it is a normal diff and if the - first command is an append (i.e. it should have been a delete) + first command is an append (i.e., it should have been a delete) since appends always succeed, due to the fact that a null context will match anywhere. Luckily, most patches add or change lines rather than delete them, so most reversed normal diffs will begin @@ -175,9 +177,9 @@ DDEESSCCRRIIPPTTIIOONN Forces ppaattcchh to interpret the patch file as a unified context diff (a unidiff). - --VV tt | nniill | nneevveerr, ----vveerrssiioonn--ccoonnttrrooll tt | nniill | nneevveerr - Causes the next argument to be interpreted as a method for creat- - ing backup file names. The type of backups made can also be + --VV tt | nniill | nneevveerr | nnoonnee, ----vveerrssiioonn--ccoonnttrrooll tt | nniill | nneevveerr | nnoonnee + Causes the next argument to be interpreted as a method for + creating backup file names. The type of backups made can also be given in the PATCH_VERSION_CONTROL or VERSION_CONTROL environment variables, which are overridden by this option. The --BB option overrides this option, causing the prefix to always be used for @@ -198,6 +200,8 @@ DDEESSCCRRIIPPTTIIOONN nneevveerr, ssiimmppllee Always make simple backups. + nnoonnee No backups are created. + --vv, ----vveerrssiioonn Causes ppaattcchh to print out its revision header and patch level. @@ -206,24 +210,24 @@ DDEESSCCRRIIPPTTIIOONN patchers. --zz _b_a_c_k_u_p_-_e_x_t, ----ssuuffffiixx _b_a_c_k_u_p_-_e_x_t - Causes the next argument to be interpreted as the backup exten- - sion, to be used in place of ".orig". + Causes the next argument to be interpreted as the backup + extension, to be used in place of ".orig". ----ppoossiixx Enables strict IEEE Std 1003.1-2004 (``POSIX.1'') conformance, specifically: - 1. Backup files are not created unless the --bb option is speci- - fied. + 1. Backup files are not created unless the --bb option is + specified. 2. If unspecified, the file name used is the first of the old, new and index files that exists. PPaattcchh AApppplliiccaattiioonn ppaattcchh will try to skip any leading garbage, apply the diff, and then skip - any trailing garbage. Thus you could feed an article or message contain- - ing a diff listing to ppaattcchh, and it should work. If the entire diff is - indented by a consistent amount, this will be taken into account. + any trailing garbage. Thus you could feed an article or message + containing a diff listing to ppaattcchh, and it should work. If the entire + diff is indented by a consistent amount, this will be taken into account. With context diffs, and to a lesser extent with normal diffs, ppaattcchh can detect when the line numbers mentioned in the patch are incorrect, and @@ -234,18 +238,18 @@ DDEESSCCRRIIPPTTIIOONN of lines matching the context given in the hunk. First ppaattcchh looks for a place where all lines of the context match. If no such place is found, and it's a context diff, and the maximum fuzz factor is set to 1 or more, - then another scan takes place ignoring the first and last line of con- - text. If that fails, and the maximum fuzz factor is set to 2 or more, + then another scan takes place ignoring the first and last line of + context. If that fails, and the maximum fuzz factor is set to 2 or more, the first two and last two lines of context are ignored, and another scan is made. (The default maximum fuzz factor is 2.) If ppaattcchh cannot find a place to install that hunk of the patch, it will - put the hunk out to a reject file, which normally is the name of the out- - put file plus ".rej". (Note that the rejected hunk will come out in con- - text diff form whether the input patch was a context diff or a normal + put the hunk out to a reject file, which normally is the name of the + output file plus ".rej". (Note that the rejected hunk will come out in + context diff form whether the input patch was a context diff or a normal diff. If the input was a normal diff, many of the contexts will simply - be null.) The line numbers on the hunks in the reject file may be dif- - ferent than in the patch file: they reflect the approximate location + be null.) The line numbers on the hunks in the reject file may be + different than in the patch file: they reflect the approximate location patch thinks the failed hunks belong in the new file rather than the old one. @@ -268,11 +272,12 @@ DDEESSCCRRIIPPTTIIOONN If the diff is a context or unified diff, ppaattcchh is able to determine the old and new file names from the diff header. For context diffs, the ``old'' file is specified in the line beginning with "***" and the - ``new'' file is specified in the line beginning with "---". For a uni- - fied diff, the ``old'' file is specified in the line beginning with "---" - and the ``new'' file is specified in the line beginning with "+++". If - there is an "Index:" line in the leading garbage (regardless of the diff - type), ppaattcchh will use the file name from that line as the ``index'' file. + ``new'' file is specified in the line beginning with "---". For a + unified diff, the ``old'' file is specified in the line beginning with + "---" and the ``new'' file is specified in the line beginning with "+++". + If there is an "Index:" line in the leading garbage (regardless of the + diff type), ppaattcchh will use the file name from that line as the ``index'' + file. ppaattcchh will choose the file name by performing the following steps, with the first match used: @@ -286,9 +291,8 @@ DDEESSCCRRIIPPTTIIOONN length (in that order). 2. If no file exists, ppaattcchh checks for the existence of the files in an - SCCS or RCS directory (using the appropriate prefix or suffix) using - the criteria specified above. If found, ppaattcchh will attempt to get - or check out the file. + RCS directory using the criteria specified above. If found, ppaattcchh + will attempt to get or check out the file. 3. If no suitable file was found to patch, the patch file is a context or unified diff, and the old file was zero length, the new file name @@ -307,15 +311,15 @@ DDEESSCCRRIIPPTTIIOONN | patch -d /usr/src/local/blurfl - and patch a file in the blurfl directory directly from the article con- - taining the patch. + and patch a file in the blurfl directory directly from the article + containing the patch. BBaacckkuupp FFiilleess By default, the patched version is put in place of the original, with the original file backed up to the same name with the extension ".orig", or as specified by the --BB, --VV, or --zz options. The extension used for making - backup files may also be specified in the SIMPLE_BACKUP_SUFFIX environ- - ment variable, which is overridden by the options above. + backup files may also be specified in the SIMPLE_BACKUP_SUFFIX + environment variable, which is overridden by the options above. If the backup file is a symbolic or hard link to the original file, ppaattcchh creates a new backup file name by changing the first lowercase letter in @@ -336,10 +340,10 @@ DDEESSCCRRIIPPTTIIOONN patch file you send out. If you put a "Prereq:" line in with the patch, it won't let them apply patches out of order without some warning. - Second, make sure you've specified the file names right, either in a con- - text diff header, or with an "Index:" line. If you are patching some- - thing in a subdirectory, be sure to tell the patch user to specify a --pp - option as needed. + Second, make sure you've specified the file names right, either in a + context diff header, or with an "Index:" line. If you are patching + something in a subdirectory, be sure to tell the patch user to specify a + --pp option as needed. Third, you can create a file by sending out a diff that compares a null file to the file you want to create. This will only work if the file you @@ -349,8 +353,8 @@ DDEESSCCRRIIPPTTIIOONN wonder whether they already applied the patch. Fifth, while you may be able to get away with putting 582 diff listings - into one file, it is probably wiser to group related patches into sepa- - rate files in case something goes haywire. + into one file, it is probably wiser to group related patches into + separate files in case something goes haywire. EENNVVIIRROONNMMEENNTT POSIXLY_CORRECT When set, ppaattcchh behaves as if the ----ppoossiixx option @@ -363,8 +367,8 @@ EENNVVIIRROONNMMEENNTT VERSION_CONTROL Same as PATCH_VERSION_CONTROL. FFIILLEESS - $TMPDIR/patch* ppaattcchh temporary files - /dev/tty used to read input when ppaattcchh prompts the user + _$_T_M_P_D_I_R_/_p_a_t_c_h_* ppaattcchh temporary files + _/_d_e_v_/_t_t_y used to read input when ppaattcchh prompts the user DDIIAAGGNNOOSSTTIICCSS Too many to list here, but generally indicative that ppaattcchh couldn't parse @@ -391,8 +395,8 @@ SSTTAANNDDAARRDDSS (``POSIX.1'') specification (except as detailed above for the ----ppoossiixx option), though the presence of ppaattcchh itself is optional. - The flags [--CCEEffssttuuvvBBFFVVxxzz] and [----ppoossiixx] are extensions to that specifica- - tion. + The flags [--CCEEffssttuuvvBBFFVVxxzz] and [----ppoossiixx] are extensions to that + specification. AAUUTTHHOORRSS Larry Wall with many other contributors. @@ -422,11 +426,11 @@ BBUUGGSS If code has been duplicated (for instance with #ifdef OLDCODE ... #else ... #endif), ppaattcchh is incapable of patching both versions, and, if it - works at all, will likely patch the wrong one, and tell you that it suc- - ceeded to boot. + works at all, will likely patch the wrong one, and tell you that it + succeeded to boot. If you apply a patch you've already applied, ppaattcchh will think it is a reversed patch, and offer to un-apply the patch. This could be construed as a feature. -NetBSD 5.0 August 18, 2008 NetBSD 5.0 +NetBSD 7.0 November 7, 2015 NetBSD 7.0 diff --git a/devel/nbpatch/files/patch.c b/devel/nbpatch/files/patch.c index 0dfc1fd7de7..78d12f9263a 100644 --- a/devel/nbpatch/files/patch.c +++ b/devel/nbpatch/files/patch.c @@ -1,7 +1,7 @@ /* * $OpenBSD: patch.c,v 1.45 2007/04/18 21:52:24 sobrado Exp $ * $DragonFly: src/usr.bin/patch/patch.c,v 1.10 2008/08/10 23:39:56 joerg Exp $ - * $NetBSD: patch.c,v 1.2 2009/04/29 13:41:16 joerg Exp $ + * $NetBSD: patch.c,v 1.2.52.1 2015/12/18 19:50:32 bsiegert Exp $ */ /* @@ -631,7 +631,7 @@ usage(void) " [-r rej-name] [-V t | nil | never] [-x number] [-z backup-ext]\n" " [--posix] [origfile [patchfile]]\n" " patch <patchfile\n"); - my_exit(EXIT_SUCCESS); + my_exit(EXIT_FAILURE); } /* diff --git a/devel/nbpatch/files/pch.c b/devel/nbpatch/files/pch.c index 6c1b4f8b485..0628b56facb 100644 --- a/devel/nbpatch/files/pch.c +++ b/devel/nbpatch/files/pch.c @@ -1,7 +1,7 @@ /* * $OpenBSD: pch.c,v 1.37 2007/09/02 15:19:33 deraadt Exp $ * $DragonFly: src/usr.bin/patch/pch.c,v 1.6 2008/08/10 23:35:40 joerg Exp $ - * $NetBSD: pch.c,v 1.1.1.1 2008/09/10 11:03:21 joerg Exp $ + * $NetBSD: pch.c,v 1.1.1.1.60.1 2015/12/18 19:50:32 bsiegert Exp $ */ /* @@ -457,8 +457,30 @@ malformed(void) /* about as informative as "Syntax error" in C */ } +static LINENUM +getlinenum(const char *s) +{ + LINENUM l = (LINENUM)atol(s); + if (l < 0) { + l = 0; + malformed(); + } + return l; +} + +static LINENUM +getskiplinenum(char **p) +{ + char *s = *p; + LINENUM l = getlinenum(s); + while (isdigit((unsigned char)*s)) + s++; + *p = s; + return l; +} + /* - * True if the line has been discarded (i.e. it is a line saying + * True if the line has been discarded (i.e., it is a line saying * "\ No newline at end of file".) */ static bool @@ -584,21 +606,24 @@ another_hunk(void) malformed(); if (strnEQ(s, "0,0", 3)) memmove(s, s + 2, strlen(s + 2) + 1); - p_first = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_first = getskiplinenum(&s); if (*s == ',') { for (; *s && !isdigit((unsigned char)*s); s++) ; if (!*s) malformed(); - p_ptrn_lines = ((LINENUM) atol(s)) - p_first + 1; + p_ptrn_lines = (getlinenum(s)) - p_first + 1; + if (p_ptrn_lines < 0) + malformed(); } else if (p_first) p_ptrn_lines = 1; else { p_ptrn_lines = 0; p_first = 1; } + if (p_first >= LINENUM_MAX - p_ptrn_lines || + p_ptrn_lines >= LINENUM_MAX - 6) + malformed(); /* we need this much at least */ p_max = p_ptrn_lines + 6; @@ -651,22 +676,25 @@ another_hunk(void) ; if (!*s) malformed(); - p_newfirst = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_newfirst = getskiplinenum(&s); if (*s == ',') { for (; *s && !isdigit((unsigned char)*s); s++) ; if (!*s) malformed(); - p_repl_lines = ((LINENUM) atol(s)) - + p_repl_lines = (getlinenum(s)) - p_newfirst + 1; + if (p_repl_lines < 0) + malformed(); } else if (p_newfirst) p_repl_lines = 1; else { p_repl_lines = 0; p_newfirst = 1; } + if (p_newfirst >= LINENUM_MAX - p_repl_lines || + p_repl_lines >= LINENUM_MAX - p_end) + malformed(); p_max = p_repl_lines + p_end; if (p_max > MAXHUNKSIZE) fatal("hunk too large (%ld lines) at line %ld: %s", @@ -859,32 +887,32 @@ hunk_done: s = buf + 4; if (!*s) malformed(); - p_first = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_first = getskiplinenum(&s); if (*s == ',') { - p_ptrn_lines = (LINENUM) atol(++s); - while (isdigit((unsigned char)*s)) - s++; + s++; + p_ptrn_lines = getskiplinenum(&s); } else p_ptrn_lines = 1; + if (p_first >= LINENUM_MAX - p_ptrn_lines) + malformed(); if (*s == ' ') s++; if (*s != '+' || !*++s) malformed(); - p_newfirst = (LINENUM) atol(s); - while (isdigit((unsigned char)*s)) - s++; + p_newfirst = getskiplinenum(&s); if (*s == ',') { - p_repl_lines = (LINENUM) atol(++s); - while (isdigit((unsigned char)*s)) - s++; + s++; + p_repl_lines = getskiplinenum(&s); } else p_repl_lines = 1; if (*s == ' ') s++; if (*s != '@') malformed(); + if (p_first >= LINENUM_MAX - p_ptrn_lines || + p_newfirst > LINENUM_MAX - p_repl_lines || + p_ptrn_lines >= LINENUM_MAX - p_repl_lines - 1) + malformed(); if (!p_ptrn_lines) p_first++; /* do append rather than insert */ p_max = p_ptrn_lines + p_repl_lines + 1; @@ -1024,35 +1052,39 @@ hunk_done: next_intuit_at(line_beginning, p_input_line); return false; } - p_first = (LINENUM) atol(buf); - for (s = buf; isdigit((unsigned char)*s); s++) - ; + s = buf; + p_first = getskiplinenum(&s); if (*s == ',') { - p_ptrn_lines = (LINENUM) atol(++s) - p_first + 1; - while (isdigit((unsigned char)*s)) - s++; + s++; + p_ptrn_lines = getskiplinenum(&s) - p_first + 1; } else p_ptrn_lines = (*s != 'a'); - hunk_type = *s; + if (p_first >= LINENUM_MAX - p_ptrn_lines) + malformed(); + hunk_type = *s++; if (hunk_type == 'a') p_first++; /* do append rather than insert */ - min = (LINENUM) atol(++s); - for (; isdigit((unsigned char)*s); s++) - ; + min = getskiplinenum(&s); if (*s == ',') - max = (LINENUM) atol(++s); + max = getlinenum(++s); else max = min; + if (min < 0 || min > max || max - min == LINENUM_MAX) + malformed(); if (hunk_type == 'd') min++; p_end = p_ptrn_lines + 1 + max - min + 1; + p_newfirst = min; + p_repl_lines = max - min + 1; + if (p_newfirst > LINENUM_MAX - p_repl_lines || + p_ptrn_lines >= LINENUM_MAX - p_repl_lines - 1) + malformed(); + p_end = p_ptrn_lines + p_repl_lines + 1; if (p_end > MAXHUNKSIZE) fatal("hunk too large (%ld lines) at line %ld: %s", p_end, p_input_line, buf); while (p_end >= hunkmax) grow_hunkmax(); - p_newfirst = min; - p_repl_lines = max - min + 1; snprintf(buf, buf_len, "*** %ld,%ld\n", p_first, p_first + p_ptrn_lines - 1); p_line[0] = savestr(buf); @@ -1377,6 +1409,7 @@ do_ed_script(void) char *t; long beginning_of_this_line; FILE *pipefp = NULL; + int continuation; if (!skip_rest_of_patch) { if (copy_file(filearg[0], TMPOUTNAME) < 0) { @@ -1401,7 +1434,19 @@ do_ed_script(void) *t == 'd' || *t == 'i' || *t == 's')) { if (pipefp != NULL) fputs(buf, pipefp); - if (*t != 'd') { + if (*t == 's') { + for (;;) { + continuation = 0; + t = strchr(buf, '\0') - 1; + while (--t >= buf && *t == '\\') + continuation = !continuation; + if (!continuation || + pgets(buf, sizeof buf, pfp) == NULL) + break; + if (pipefp != NULL) + fputs(buf, pipefp); + } + } else if (*t != 'd') { while (pgets(buf, buf_len, pfp) != NULL) { p_input_line++; if (pipefp != NULL) |