packages/ncurses
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2023-50495

Browse Source 
(cherry picked from commit 589c64697663b16afa8c35a88df8c92dc2c6c895)
This commit is contained in:
yangl777 2023-12-15 14:50:19 +08:00 committed by openeuler-sync-bot
parent a516582092
commit 841ffa80fd
2 changed files with 100 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
backport-CVE-2023-50495.patch Normal file
View File

@ -0,0 +1,92 @@
From efe9674ee14b14b788f9618941f97d31742f0adc Mon Sep 17 00:00:00 2001
From: "Thomas E. Dickey" <dickey@invisible-island.net>
Date: Mon, 24 Apr 2023 23:14:45 +0000
Subject: [PATCH] snapshot of project "ncurses", label v6_4_20230424
Conflict:remove unnecessary modifications
Reference:https://github.com/ThomasDickey/ncurses-snapshots/commit/efe9674ee14b14b788f9618941f97d31742f0adc#diff-92910179510f7aaf9b70441f3c70521140faa34a192f9e28671ee40bbf052dc4
---
ncurses/tinfo/parse_entry.c | 27 ++++++++++++++++++---------
1 file changed, 18 insertions(+), 9 deletions(-)
diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c
index a77cd0b..5390146 100644
--- a/ncurses/tinfo/parse_entry.c
+++ b/ncurses/tinfo/parse_entry.c
@@ -1,5 +1,5 @@
/****************************************************************************
- * Copyright 2018-2020,2021 Thomas E. Dickey *
+ * Copyright 2018-2022,2023 Thomas E. Dickey *
* Copyright 1998-2016,2017 Free Software Foundation, Inc. *
* *
* Permission is hereby granted, free of charge, to any person obtaining a *
@@ -48,7 +48,7 @@
#include <ctype.h>
#include <tic.h>
-MODULE_ID("$Id: parse_entry.c,v 1.102 2021/09/04 10:54:35 tom Exp $")
+MODULE_ID("$Id: parse_entry.c,v 1.108 2023/04/24 22:32:33 tom Exp $")
#ifdef LINT
static short const parametrized[] =
@@ -110,7 +110,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type)
/* Well, we are given a cancel for a name that we don't recognize */
return _nc_extend_names(entryp, name, STRING);
default:
- return 0;
+ return NULL;
}
/* Adjust the 'offset' (insertion-point) to keep the lists of extended
@@ -142,6 +142,11 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type)
for (last = (unsigned) (max - 1); last > tindex; last--)
if (!found) {
+ char *saved;
+
+ if ((saved = _nc_save_str(name)) == NULL)
+ return NULL;
+
switch (token_type) {
case BOOLEAN:
tp->ext_Booleans++;
@@ -169,7 +174,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type)
TYPE_REALLOC(char *, actual, tp->ext_Names);
while (--actual > offset)
tp->ext_Names[actual] = tp->ext_Names[actual - 1];
- tp->ext_Names[offset] = _nc_save_str(name);
+ tp->ext_Names[offset] = saved;
}
temp.nte_name = tp->ext_Names[offset];
@@ -337,6 +342,8 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0);
bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0);
if (is_use || is_tc) {
+ char *saved;
+
if (!VALID_STRING(_nc_curr_token.tk_valstring)
|| _nc_curr_token.tk_valstring[0] == '\0') {
_nc_warning("missing name for use-clause");
@@ -350,11 +357,13 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
_nc_curr_token.tk_valstring);
continue;
}
- entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring);
- entryp->uses[entryp->nuses].line = _nc_curr_line;
- entryp->nuses++;
- if (entryp->nuses > 1 && is_tc) {
- BAD_TC_USAGE
+ if ((saved = _nc_save_str(_nc_curr_token.tk_valstring)) != NULL) {
+ entryp->uses[entryp->nuses].name = saved;
+ entryp->uses[entryp->nuses].line = _nc_curr_line;
+ entryp->nuses++;
+ if (entryp->nuses > 1 && is_tc) {
+ BAD_TC_USAGE
+ }
}
} else {
/* normal token lookup */
--
2.33.0

9
ncurses.spec
View File

@ -9,7 +9,7 @@
Name: ncurses Name: ncurses
Version: 6.3 Version: 6.3
Release: 12 Release: 13
Summary: Terminal control library Summary: Terminal control library
License: MIT License: MIT
URL: https://invisible-island.net/ncurses/ncurses.html URL: https://invisible-island.net/ncurses/ncurses.html
@ -24,6 +24,7 @@ Patch14: backport-0001-CVE-2023-29491-fix-configure-root-args-option.patch
Patch15: backport-0002-CVE-2023-29491-env-access.patch Patch15: backport-0002-CVE-2023-29491-env-access.patch
Patch16: backport-fix-for-out-of-memory-condition.patch Patch16: backport-fix-for-out-of-memory-condition.patch
Patch17: backport-fix-coredump-when-use-Memmove.patch Patch17: backport-fix-coredump-when-use-Memmove.patch
Patch18: backport-CVE-2023-50495.patch
BuildRequires: gcc gcc-c++ gpm-devel pkgconfig BuildRequires: gcc gcc-c++ gpm-devel pkgconfig
@ -285,6 +286,12 @@ xz NEWS
%endif %endif
%changelog %changelog
* Fri Dec 15 2023 yanglu <yanglu72@h-partners.com> - 6.3-13
- Type:CVE
- ID:CVE-2023-50495
- SUG:NA
- DESC:fix CVE-2023-50495
* Tue Jul 04 2023 yanglu <yanglu72@h-partners.com> - 6.3-12 * Tue Jul 04 2023 yanglu <yanglu72@h-partners.com> - 6.3-12
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA