packages/wget
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:61b8e79dbf36fc901a7bab6673c43a3957343f1b
Branches Tags
packages:main
...
compare: packages:26147ca25e1fd1759fcd35404b8cb84c584d7c2b
Branches Tags
packages:main

10 Commits
61b8e79dbf ... 26147ca25e

Author SHA1 Message Date
openeuler-ci-bot
26147ca25e
!34 [sync] PR-30: backport CVE-2024-38428 
From: @openeuler-sync-bot 
Reviewed-by: @sunsuwan 
Signed-off-by: @sunsuwan
 2024-06-21 02:09:51 +00:00
xuchenchen
37ded08e07 backport CVE-2024-38428 
(cherry picked from commit b1906cb10078f93ba92a2ecaab7ece0862463b5c)
 2024-06-19 08:59:34 +08:00
openeuler-ci-bot
2fe0ca15bc
!25 [sync] PR-24: Remove unused variable 
From: @openeuler-sync-bot 
Reviewed-by: @zengwefeng 
Signed-off-by: @zengwefeng
 2023-06-19 09:08:25 +00:00
xingwei
e2aa3d001f src/main.c (main): Remove unused variable 
(cherry picked from commit b3b99e4369cb12c0974ce52ce376e33d26e36e0d)
 2023-06-19 09:51:25 +08:00
openeuler-ci-bot
6d8e703586
!15 fix wget killed by SIGSEGV 
From: @eaglegai 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw
 2022-10-24 03:38:15 +00:00
eaglegai
c44ed3c26d fix wget killed by SIGSEGV 2022-10-22 07:18:07 +00:00
openeuler-ci-bot
1bd4df12d7 !13 update wget to 1.21.2 
Merge pull request !13 from haochen/openEuler-22.03-LTS-Next
 2021-12-14 03:29:39 +00:00
haochenstar
5b02ef7049 update wget to 1.21.2 2021-12-07 14:40:24 +08:00
openeuler-ci-bot
616320a47a !12 fix build error with gcc 10 
From: @eaglegai
Reviewed-by: @zengwefeng,@zengwefeng
Signed-off-by: @zengwefeng,@zengwefeng
 2021-07-30 06:35:20 +00:00
eaglegai
006677e61e fix build error with gcc10 2021-07-30 11:10:55 +08:00
18 changed files with 195 additions and 659 deletions
Show Stats Expand all files Collapse all files

86
allow-const-names-for-set-progress-implementation.patch
View File

@ -1,86 +0,0 @@
From ce8ce5bfc0f03a751de5c3b103a955e8e25a64e4 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 17:27:58 +0100
Subject: [PATCH] * src/progress.c: Allow const names for
set_progress_implementation.
---
src/progress.c | 24 +++++++++++++-----------
1 file changed, 13 insertions(+), 11 deletions(-)
diff --git a/src/progress.c b/src/progress.c
index ecf0dc4f..8eddedd3 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -51,7 +51,7 @@ struct progress_implementation {
void (*update) (void *, wgint, double);
void (*draw) (void *);
void (*finish) (void *, double);
- void (*set_params) (char *);
+ void (*set_params) (const char *);
};
/* Necessary forward declarations. */
@@ -60,13 +60,13 @@ static void *dot_create (const char *, wgint, wgint);
static void dot_update (void *, wgint, double);
static void dot_finish (void *, double);
static void dot_draw (void *);
-static void dot_set_params (char *);
+static void dot_set_params (const char *);
static void *bar_create (const char *, wgint, wgint);
static void bar_update (void *, wgint, double);
static void bar_draw (void *);
static void bar_finish (void *, double);
-static void bar_set_params (char *);
+static void bar_set_params (const char *);
static struct progress_implementation implementations[] = {
{ "dot", 0, dot_create, dot_update, dot_draw, dot_finish, dot_set_params },
@@ -112,7 +112,7 @@ set_progress_implementation (const char *name)
{
size_t i, namelen;
struct progress_implementation *pi = implementations;
- char *colon;
+ const char *colon;
if (!name)
name = DEFAULT_PROGRESS_IMPLEMENTATION;
@@ -437,7 +437,7 @@ dot_finish (void *progress, double dltime)
giga. */
static void
-dot_set_params (char *params)
+dot_set_params (const char *params)
{
if (!params || !*params)
params = opt.dot_style;
@@ -1217,18 +1217,20 @@ display_image (char *buf)
}
static void
-bar_set_params (char *params)
+bar_set_params (const char *params)
{
if (params)
{
- char *param = strtok (params, ":");
- do
+ for (const char *param = params; *param; )
{
- if (0 == strcmp (param, "force"))
+ if (!strncmp (param, "force", 5))
current_impl_locked = 1;
- else if (0 == strcmp (param, "noscroll"))
+ else if (!strncmp (param, "noscroll", 8))
opt.noscroll = true;
- } while ((param = strtok (NULL, ":")) != NULL);
+
+ if (*(param = strchrnul(param, ':')))
+ param++;
+ }
}
if (((opt.lfilename && opt.show_progress != 1)
--
2.19.1.windows.1

28
avoid-triggering-signed-integer-overflow.patch
View File

@ -1,28 +0,0 @@
From db1cbb29f40b3d2e88fe33b503a9c33319f4a7dd Mon Sep 17 00:00:00 2001
Date: Fri, 13 Mar 2020 10:41:52 +0800
Subject: [PATCH] avoid triggering signed integer overflow
---
src/html-url.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/html-url.c b/src/html-url.c
index 2f95357..409f2a0 100644
--- a/src/html-url.c
+++ b/src/html-url.c
@@ -596,7 +596,11 @@ tag_handle_meta (int tagid _GL_UNUSED, struct taginfo *tag, struct map_context *
return;
for (p = refresh; c_isdigit (*p); p++)
- timeout = 10 * timeout + *p - '0';
+ {
+ if (timeout > INT_MAX >> 4 || *p - '0' > INT_MAX - 10 * timeout)
+ return;
+ timeout = 10 * timeout + *p - '0';
+ }
if (*p++ != ';')
return;
--
2.23.0

76
backport-CVE-2024-38428.patch Normal file
View File

@ -0,0 +1,76 @@
From ed0c7c7e0e8f7298352646b2fd6e06a11e242ace Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Sun, 2 Jun 2024 12:40:16 +0200
Subject: Properly re-implement userinfo parsing (rfc2396)
* src/url.c (url_skip_credentials): Properly re-implement userinfo parsing (rfc2396)
The reason why the implementation is based on RFC 2396, an outdated standard,
is that the whole file is based on that RFC, and mixing standard here might be
dangerous.
---
src/url.c | 40 ++++++++++++++++++++++++++++++++++------
1 file changed, 34 insertions(+), 6 deletions(-)
diff --git a/src/url.c b/src/url.c
index ddc72d0..65dd27d 100644
--- a/src/url.c
+++ b/src/url.c
@@ -41,6 +41,7 @@ as that of the covered work. */
#include "url.h"
#include "host.h" /* for is_valid_ipv6_address */
#include "c-strcase.h"
+#include "c-ctype.h"
#ifdef HAVE_ICONV
# include <iconv.h>
@@ -526,12 +527,39 @@ scheme_leading_string (enum url_scheme scheme)
static const char *
url_skip_credentials (const char *url)
{
- /* Look for '@' that comes before terminators, such as '/', '?',
- '#', or ';'. */
- const char *p = (const char *)strpbrk (url, "@/?#;");
- if (!p || *p != '@')
- return url;
- return p + 1;
+ /*
+ * This whole file implements https://www.rfc-editor.org/rfc/rfc2396 .
+ * RFC 2396 is outdated since 2005 and needs a rewrite or a thorough re-visit.
+ *
+ * The RFC says
+ * server = [ [ userinfo "@" ] hostport ]
+ * userinfo = *( unreserved | escaped | ";" | ":" | "&" | "=" | "+" | "$" | "," )
+ * unreserved = alphanum | mark
+ * mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
+ */
+ static const char *allowed = "-_.!~*'();:&=+$,";
+
+ for (const char *p = url; *p; p++)
+ {
+ if (c_isalnum(*p))
+ continue;
+
+ if (strchr(allowed, *p))
+ continue;
+
+ if (*p == '%' && c_isxdigit(p[1]) && c_isxdigit(p[2]))
+ {
+ p += 2;
+ continue;
+ }
+
+ if (*p == '@')
+ return p + 1;
+
+ break;
+ }
+
+ return url;
}
/* Parse credentials contained in [BEG, END). The region is expected
--
2.33.0

21
backport-src-main.c-main-Remove-unused-variable.patch Normal file
View File

@ -0,0 +1,21 @@
From 59d08d32902e3f7531ea74292b00a8556a975775 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Sun, 20 Mar 2022 20:44:32 +0100
Subject: [PATCH] * src/main.c (main): Remove unused variable
diff --git a/src/main.c b/src/main.c
index c43671ae..0c4e7d05 100644
--- a/src/main.c
+++ b/src/main.c
@@ -1361,7 +1361,6 @@ main (int argc, char **argv)
char *p;
int i, ret, longindex;
int nurls;
- int retconf;
int argstring_length;
bool use_userconfig = false;
bool noconfig = false;
--
2.33.0

39
backport-wget-1.21-segfault.patch Normal file
View File

@ -0,0 +1,39 @@
From aecf5fbf1bf05e91c4900a814a12dc91a50dc788 Mon Sep 17 00:00:00 2001
From: Darshit Shah <darnir@gnu.org>
Date: Fri, 8 Oct 2021 20:34:46 +0200
Subject: [PATCH] * ftp.c (ftp_loop_internal): Fix computation of
total_downloaded_bytes
When continuing a FTP download, or not starting one because the file is
already fully retrieved, don't include the size of the file in the
total_downloaded_bytes. Only the actual amount of data retrieved over
the network should be considered there.
Fixes: #61277
Reported-By: Michal Ruprich <formaiko>
---
src/ftp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ftp.c b/src/ftp.c
index a1fcaa50..e821b0f3 100644
--- a/src/ftp.c
+++ b/src/ftp.c
@@ -2083,7 +2083,7 @@ ftp_loop_internal (struct url *u, struct url *original_url, struct fileinfo *f,
/* --dont-remove-listing was specified, so do count this towards the
number of bytes and files downloaded. */
{
- total_downloaded_bytes += qtyread;
+ total_downloaded_bytes += (qtyread - restval);
numurls++;
}
@@ -2098,7 +2098,7 @@ ftp_loop_internal (struct url *u, struct url *original_url, struct fileinfo *f,
downloaded if they're going to be deleted. People seeding proxies,
for instance, may want to know how many bytes and files they've
downloaded through it. */
- total_downloaded_bytes += qtyread;
+ total_downloaded_bytes += (qtyread - restval);
numurls++;
if (opt.delete_after && !input_file_url (opt.input_filename))

21
backport-wget-1.21-ssl-init-output.patch Normal file
View File

@ -0,0 +1,21 @@
diff --git a/src/gnutls.c b/src/gnutls.c
index 0ecf2c81..81fe9518 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -99,7 +99,6 @@ static gnutls_certificate_credentials_t credentials;
bool
ssl_init (void)
{
- fprintf(stderr,"SSL_INIT\n");
/* Becomes true if GnuTLS is initialized. */
const char *ca_directory;
DIR *dir;
@@ -237,8 +236,6 @@ cert to be of the same type.\n"));
void
ssl_cleanup (void)
{
- fprintf(stderr,"SSL_CLEANUP\n");
-
if (!ssl_initialized)
return;

25
calc_rate-fix-division-by-zero.patch
View File

@ -1,25 +0,0 @@
From f5d1dcf7183d731d7e2a06313dacd1452f54b623 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 13:46:38 +0100
Subject: [PATCH] * src/retr.c (calc_rate): Fix division by 0
---
src/retr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/retr.c b/src/retr.c
index 1f43c726..f3a82419 100644
--- a/src/retr.c
+++ b/src/retr.c
@@ -826,7 +826,7 @@ calc_rate (wgint bytes, double secs, int *units)
0 and the timer's resolution, assume half the resolution. */
secs = ptimer_resolution () / 2.0;
- dlrate = convert_to_bits (bytes) / secs;
+ dlrate = secs ? convert_to_bits (bytes) / secs : 0;
if (dlrate < bibyte)
*units = 0;
else if (dlrate < (bibyte * bibyte))
--
2.19.1.windows.1

30
create_image-Sanitize-input-param-dl_total_time.patch
View File

@ -1,30 +0,0 @@
From 0179138fe58134dec9abe77220d683c7dbb105e6 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed, 11 Dec 2019 12:29:54 +0100
Subject: [PATCH] * src/progress.c (create_image): Sanitize input param
'dl_total_time'
---
src/progress.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/progress.c b/src/progress.c
index 1db94546..574a035e 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -950,6 +950,12 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
if (progress_size < 5)
progress_size = 0;
+ // sanitize input
+ if (dl_total_time >= INT_MAX)
+ dl_total_time = INT_MAX - 1;
+ else if (dl_total_time < 0)
+ dl_total_time = 0;
+
if (orig_filename_cols <= MAX_FILENAME_COLS)
{
padding = MAX_FILENAME_COLS - orig_filename_cols;
--
2.19.1.windows.1

26
dot-draw-avoid-integer-overflows.patch
View File

@ -1,26 +0,0 @@
From 61b8078672233b6bbc24c67c4a909817fc7e878d Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 16:07:08 +0100
Subject: [PATCH] * src/progress.c (dot_draw): Avoid integer overflow
---
src/progress.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/progress.c b/src/progress.c
index 06750531..ecf0dc4f 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -386,7 +386,8 @@ dot_draw (void *progress)
++dp->dots;
if (dp->dots >= opt.dots_in_line)
{
- ++dp->rows;
+ if (dp->rows < INT_MAX)
+ ++dp->rows;
dp->dots = 0;
print_row_stats (dp, dp->dltime, false);
--
2.19.1.windows.1

45
dot-update-dot-finish-sanitize-input.patch
View File

@ -1,45 +0,0 @@
From 542524855a46d66f18439688ffe61177cc867266 Mon Sep 17 00:00:00 2001
From:Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 13:47:30 +0100
Subject: [PATCH] * src/progress.c (dot_update, dot_finish): Sanitize input
---
src/progress.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/src/progress.c b/src/progress.c
index 574a035e..d2778d41 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -348,6 +348,15 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
static void
dot_update (void *progress, wgint howmuch, double dltime)
{
+ // sanitize input
+ if (dltime >= INT_MAX)
+ dltime = INT_MAX - 1;
+ else if (dltime < 0)
+ dltime = 0;
+
+ if (howmuch < 0)
+ howmuch = 0;
+
struct dot_progress *dp = progress;
dp->accumulated += howmuch;
dp->dltime = dltime;
@@ -406,6 +415,12 @@ dot_finish (void *progress, double dltime)
logputs (LOG_PROGRESS, " ");
}
+ // sanitize input
+ if (dltime >= INT_MAX)
+ dltime = INT_MAX - 1;
+ else if (dltime < 0)
+ dltime = 0;
+
print_row_stats (dp, dltime, true);
logputs (LOG_VERBOSE, "\n\n");
log_set_flush (false);
--
2.19.1.windows.1

153
fix-and-cleanup-progress-bar-code.patch
View File

@ -1,153 +0,0 @@
From 33bc3aae517e4884f08928be9d6e4c941ec3f489 Mon Sep 17 00:00:00 2001
From: vyachemail <vyachemail@gmail.com>
Date: Sat, 25 Jan 2020 00:30:09 +0600
Subject: [PATCH] Fix and cleanup progress bar code
*src/progress.c
(struct dot_progress) accumulated, rows: Type changed to wgint
(print_row_stats): Fix missing unit name 'T'
(dot_update): Add ability to reduce dot_draw runtime
(bar_update): Avoid integer overflow
---
src/progress.c | 63 ++++++++++++++++++++++++++++++++++++++++++--------
1 file changed, 54 insertions(+), 9 deletions(-)
diff --git a/src/progress.c b/src/progress.c
index 2fed72c0..296d8f30 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -220,11 +220,11 @@ struct dot_progress {
wgint total_length; /* expected total byte count when the
download finishes */
- int accumulated; /* number of bytes accumulated after
+ wgint accumulated; /* number of bytes accumulated after
the last printed dot */
double dltime; /* download time so far */
- int rows; /* number of rows printed so far */
+ wgint rows; /* number of rows printed so far */
int dots; /* number of dots printed in this row */
double last_timer_value;
@@ -282,6 +282,21 @@ dot_create (const char *f_download _GL_UNUSED, wgint initial, wgint total)
static const char *eta_to_human_short (int, bool);
+/* ADD_DOT_ROWS_THRS - minimal (1 << ADD_DOT_ROWS_THRS) ROWS to be added
+ to the current row if dp->accumulated too much.
+ Allows to reduce dot_draw io, times.
+ According to the way progress_update is currently has being called, this
+ should happens only when fuzzing, or (paranoia) if somehow buffer will
+ be too large.
+ Can be disabled by default if this is not fuzzing build. */
+#ifndef ADD_DOT_ROWS_THRS
+#if FUZZING
+#define ADD_DOT_ROWS_THRS 2
+#else
+#define ADD_DOT_ROWS_THRS 2
+#endif
+#endif /* ADD_DOT_ROWS_THRS */
+
/* Prints the stats (percentage of completion, speed, ETA) for current
row. DLTIME is the time spent downloading the data in current
row.
@@ -291,7 +306,11 @@ static const char *eta_to_human_short (int, bool);
might be worthwhile to split it to two different functions. */
static void
+#if ADD_DOT_ROWS_THRS
+print_row_stats (struct dot_progress *dp, double dltime, bool last, wgint added_rows)
+#else
print_row_stats (struct dot_progress *dp, double dltime, bool last)
+#endif
{
const wgint ROW_BYTES = opt.dot_bytes * opt.dots_in_line;
@@ -316,12 +335,16 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
}
{
- static char names[] = {' ', 'K', 'M', 'G'};
+ static char names[] = {' ', 'K', 'M', 'G', 'T'};
int units;
double rate;
wgint bytes_this_row;
if (!last)
+#if ADD_DOT_ROWS_THRS
+ bytes_this_row = ROW_BYTES * added_rows;
+#else
bytes_this_row = ROW_BYTES;
+#endif
else
/* For last row also include bytes accumulated after last dot. */
bytes_this_row = dp->dots * opt.dot_bytes + dp->accumulated;
@@ -391,8 +414,9 @@ dot_draw (void *progress)
log_set_flush (false);
- for (; dp->accumulated >= dot_bytes; dp->accumulated -= dot_bytes)
+ while (dp->accumulated >= dot_bytes)
{
+ dp->accumulated -= dot_bytes;
if (dp->dots == 0)
logprintf (LOG_PROGRESS, "\n%6sK",
number_to_static_string (dp->rows * ROW_BYTES / 1024));
@@ -404,11 +428,26 @@ dot_draw (void *progress)
++dp->dots;
if (dp->dots >= opt.dots_in_line)
{
- if (dp->rows < INT_MAX)
- ++dp->rows;
dp->dots = 0;
-
+#if ADD_DOT_ROWS_THRS
+ {
+ wgint added_rows = 1;
+ if (dp->accumulated >= (ROW_BYTES << ADD_DOT_ROWS_THRS))
+ {
+ added_rows += dp->accumulated / ROW_BYTES;
+ dp->accumulated %= ROW_BYTES;
+ }
+ if (WGINT_MAX - dp->rows >= added_rows)
+ dp->rows += added_rows;
+ else
+ dp->rows = WGINT_MAX;
+ print_row_stats (dp, dp->dltime, false, added_rows);
+ }
+#else
+ if (dp->rows < WGINT_MAX)
+ ++dp->rows;
print_row_stats (dp, dp->dltime, false);
+#endif /* ADD_DOT_ROWS_THRS */
}
}
@@ -441,8 +480,11 @@ dot_finish (void *progress, double dltime)
dltime = INT_MAX - 1;
else if (dltime < 0)
dltime = 0;
-
+#if ADD_DOT_ROWS_THRS
+ print_row_stats (dp, dltime, true, 1);
+#else
print_row_stats (dp, dltime, true);
+#endif
logputs (LOG_VERBOSE, "\n\n");
log_set_flush (false);
@@ -721,7 +763,10 @@ bar_update (void *progress, wgint howmuch, double dltime)
struct bar_progress *bp = progress;
bp->dltime = dltime;
- bp->count += howmuch;
+ if (WGINT_MAX - (bp->count + bp->initial_length) >= howmuch)
+ bp->count += howmuch;
+ else
+ bp->count = WGINT_MAX - bp->initial_length;
if (bp->total_length > 0
&& bp->count + bp->initial_length > bp->total_length)
/* We could be downloading more than total_length, e.g. when the
--
2.19.1.windows.1

139
fix-buffer-overflows-in-progress-bar-code.patch
View File

@ -1,139 +0,0 @@
From 07eebd2a2002c709f2332e411e593497fe7b3598 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 13:25:43 +0100
Subject: [PATCH] Fix buffer overflows in progress 'bar' code
* src/progress.c (progress_interactive_p): Sanitize input.
(progress_update): Likewise.
(bar_create): Use larger BUF_LEN.
(bar_create): Remove superfluous memset.
(bar_create): Fix filename layout.
(bar_create): Remove filename scrolling code, it caused many buffer
overflows later in bar_create.
(bar_create): Support TB/s download speed.
---
src/progress.c | 51 +++++++++++++++++++++++++++++++++++++-------------
1 file changed, 38 insertions(+), 13 deletions(-)
diff --git a/src/progress.c b/src/progress.c
index 02b6f04d..96d00398 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -184,6 +184,15 @@ progress_interactive_p (void *progress _GL_UNUSED)
void
progress_update (void *progress, wgint howmuch, double dltime)
{
+ // sanitize input
+ if (dltime >= INT_MAX)
+ dltime = INT_MAX - 1;
+ else if (dltime < 0)
+ dltime = 0;
+
+ if (howmuch < 0)
+ howmuch = 0;
+
current_impl->update (progress, howmuch, dltime);
current_impl->draw (progress);
}
@@ -194,6 +203,12 @@ progress_update (void *progress, wgint howmuch, double dltime)
void
progress_finish (void *progress, double dltime)
{
+ // sanitize input
+ if (dltime >= INT_MAX)
+ dltime = INT_MAX - 1;
+ else if (dltime < 0)
+ dltime = 0;
+
current_impl->finish (progress, dltime);
}
@@ -612,8 +627,8 @@ bar_create (const char *f_download, wgint initial, wgint total)
bp->width = screen_width - 1;
/* + enough space for the terminating zero, and hopefully enough room
* for multibyte characters. */
-#define BUF_LEN (bp->width + 100)
- bp->buffer = xmalloc (BUF_LEN);
+#define BUF_LEN (bp->width * 2 + 100)
+ bp->buffer = xcalloc (BUF_LEN, 1);
logputs (LOG_VERBOSE, "\n");
@@ -965,8 +980,6 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
int cols_diff;
const char *down_size;
- memset (bp->buffer, '\0', BUF_LEN);
-
if (progress_size < 5)
progress_size = 0;
@@ -976,15 +989,20 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
else if (dl_total_time < 0)
dl_total_time = 0;
- if (orig_filename_cols <= MAX_FILENAME_COLS)
+ if (orig_filename_cols < MAX_FILENAME_COLS)
{
- padding = MAX_FILENAME_COLS - orig_filename_cols;
- p += sprintf (p, "%s ", bp->f_download);
+ p += sprintf (p, "%s", bp->f_download);
+ padding = MAX_FILENAME_COLS - orig_filename_cols + 1;
memset (p, ' ', padding);
p += padding;
}
else
{
+ memcpy(p, bp->f_download, MAX_FILENAME_COLS);
+ p += MAX_FILENAME_COLS;
+ *p++ = ' ';
+ }
+/*
int offset_cols;
int bytes_in_filename, offset_bytes, col;
int *cols_ret = &col;
@@ -1021,6 +1039,7 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
memset (p, ' ', padding + 1);
p += padding + 1;
}
+*/
/* "xx% " */
if (bp->total_length > 0)
@@ -1109,8 +1128,8 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
/* " 12.52Kb/s or 12.52KB/s" */
if (hist->total_time > 0 && hist->total_bytes)
{
- static const char *short_units[] = { " B/s", "KB/s", "MB/s", "GB/s" };
- static const char *short_units_bits[] = { " b/s", "Kb/s", "Mb/s", "Gb/s" };
+ static const char *short_units[] = { " B/s", "KB/s", "MB/s", "GB/s", "TB/s" };
+ static const char *short_units_bits[] = { " b/s", "Kb/s", "Mb/s", "Gb/s", "Tb/s" };
int units = 0;
/* Calculate the download speed using the history ring and
recent data that hasn't made it to the ring yet. */
@@ -1192,12 +1211,18 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
}
}
+ *p = '\0';
+
padding = bp->width - count_cols (bp->buffer);
assert (padding >= 0 && "Padding length became non-positive!");
- padding = padding > 0 ? padding : 0;
- memset (p, ' ', padding);
- p += padding;
- *p = '\0';
+ if (padding > 0)
+ {
+// if (padding > BUF_LEN - (p - bp->buffer) - 1)
+// padding = BUF_LEN - (p - bp->buffer) - 1;
+ memset (p, ' ', padding);
+ p += padding;
+ *p = '\0';
+ }
/* 2014-11-14 Darshit Shah <darnir@gmail.com>
* Assert that the length of the progress bar is lesser than the size of the
--
2.19.1.windows.1

47
fix-segfault-in-progress-bar-in-certain-locales.patch
View File

@ -1,47 +0,0 @@
From 6bd74e33d6d0ccc43031405819a6766382823828 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed, 18 Dec 2019 13:06:46 +0100
Subject: [PATCH] Fix segfault in progress bar in certain locales
* src/progress.c (create_image): Protect memset from negative count
Reported-by: JunDong Xie
---
src/progress.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/progress.c b/src/progress.c
index 80775b0c..63bebab8 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -1099,8 +1099,11 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
/* " 234.56M" */
down_size = human_readable (size, 1000, 2);
cols_diff = PROGRESS_FILESIZE_LEN - count_cols (down_size);
- memset (p, ' ', cols_diff);
- p += cols_diff;
+ if (cols_diff > 0)
+ {
+ memset (p, ' ', cols_diff);
+ p += cols_diff;
+ }
p += sprintf (p, "%s", down_size);
/* " 12.52Kb/s or 12.52KB/s" */
@@ -1182,8 +1185,11 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done)
else
ncols += sprintf (p + nbytes, "%ss", print_decimal (dl_total_time));
p += ncols + bytes_cols_diff;
- memset (p, ' ', PROGRESS_ETA_LEN - ncols);
- p += PROGRESS_ETA_LEN - ncols;
+ if (ncols < PROGRESS_ETA_LEN)
+ {
+ memset (p, ' ', PROGRESS_ETA_LEN - ncols);
+ p += PROGRESS_ETA_LEN - ncols;
+ }
}
padding = bp->width - count_cols (bp->buffer);
--
2.19.1.windows.1

25
fix-ub-print-row-stats-if-eta-negative.patch
View File

@ -1,25 +0,0 @@
From abe1ab191698f4e3e337b5436c7060a0e4d103d7 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 13:53:44 +0100
Subject: [PATCH] * src/progress.c (print_row_stats): Fix UB if eta < 0
---
src/progress.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/progress.c b/src/progress.c
index d2778d41..06750531 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -327,6 +327,8 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
/* The quantity downloaded in this download run. */
wgint bytes_sofar = bytes_displayed - dp->initial_length;
double eta = dltime * bytes_remaining / bytes_sofar;
+ if (eta < 0)
+ eta = 0;
if (eta < INT_MAX - 1)
logprintf (LOG_PROGRESS, " %s",
eta_to_human_short ((int) (eta + 0.5), true));
--
2.19.1.windows.1

38
print-row-stats-fix-two-integer-overflows.patch
View File

@ -1,38 +0,0 @@
From e2c0c2fbe5efd5da5524553189e376d53194a037 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu, 12 Dec 2019 16:14:57 +0100
Subject: [PATCH] * src/progress.c (print_row_stats): Fix two integer overflows
---
src/progress.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/progress.c b/src/progress.c
index 96d00398..4217c620 100644
--- a/src/progress.c
+++ b/src/progress.c
@@ -303,6 +303,9 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
/* For last row also count bytes accumulated after last dot */
bytes_displayed += dp->accumulated;
+ if (bytes_displayed < 0)
+ bytes_displayed = 0;
+
if (dp->total_length)
{
/* Round to floor value to provide gauge how much data *has*
@@ -338,9 +341,9 @@ print_row_stats (struct dot_progress *dp, double dltime, bool last)
Belperchinov-Shabanski's "wget-new-percentage" patch. */
if (dp->total_length)
{
- wgint bytes_remaining = dp->total_length - bytes_displayed;
+ wgint bytes_remaining = dp->total_length > bytes_displayed ? dp->total_length - bytes_displayed : 0;
/* The quantity downloaded in this download run. */
- wgint bytes_sofar = bytes_displayed - dp->initial_length;
+ wgint bytes_sofar = bytes_displayed > dp->initial_length ? bytes_displayed - dp->initial_length : 1;
double eta = dltime * bytes_remaining / bytes_sofar;
if (eta < 0)
eta = 0;
--
2.19.1.windows.1

BIN
wget-1.20.3.tar.gz
View File

Binary file not shown.

BIN
wget-1.21.2.tar.gz Normal file
View File

Binary file not shown.

55
wget.spec
View File

@ -1,23 +1,15 @@
Name: wget
Version: 1.20.3
Version: 1.21.2
Release: 4
Summary: A package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols.
License: GPLv3+
Url: http://www.gnu.org/software/wget/
Source: https://ftp.gnu.org/gnu/wget/wget-%{version}.tar.gz
Patch6000: create_image-Sanitize-input-param-dl_total_time.patch
Patch6001: allow-const-names-for-set-progress-implementation.patch
Patch6002: fix-ub-print-row-stats-if-eta-negative.patch
Patch6003: dot-update-dot-finish-sanitize-input.patch
Patch6004: fix-segfault-in-progress-bar-in-certain-locales.patch
Patch6005: fix-buffer-overflows-in-progress-bar-code.patch
Patch6006: calc_rate-fix-division-by-zero.patch
Patch6007: print-row-stats-fix-two-integer-overflows.patch
Patch6008: dot-draw-avoid-integer-overflows.patch
Patch6009: fix-and-cleanup-progress-bar-code.patch
Patch9000: avoid-triggering-signed-integer-overflow.patch
Patch0: backport-wget-1.21-ssl-init-output.patch
Patch1: backport-wget-1.21-segfault.patch
Patch2: backport-src-main.c-main-Remove-unused-variable.patch
Patch3: backport-CVE-2024-38428.patch
Provides: webclient bundled(gnulib)
BuildRequires: perl-HTTP-Daemon python3 libuuid-devel perl-podlators libpsl-devel libmetalink-devel
@ -41,21 +33,20 @@ files and man, info files.
%autosetup -p1
%build
%configure --with-ssl=gnutls --with-libpsl --enable-largefile --enable-opie --enable-digest --enable-ntlm --enable-nls --enable-ipv6 --disable-rpath --with-metalink
%configure --with-ssl=gnutls --with-libpsl --enable-largefile --enable-opie --enable-digest --enable-ntlm --enable-nls --enable-ipv6 --disable-rpath --with-metalink --disable-year2038
%make_build
%install
%make_install CFLAGS="$RPM_OPT_FLAGS"
%find_lang %{name}
%find_lang %{name}-gnulib
rm -f %{buildroot}%{_infodir}/dir
%check
make check
%files -f %{name}.lang
%files -f %{name}.lang -f %{name}-gnulib.lang
%doc AUTHORS COPYING
%config(noreplace) %{_sysconfdir}/wgetrc
%{_bindir}/wget
@ -66,6 +57,36 @@ make check
%{_infodir}/*
%changelog
* Sun Jun 16 2024 xuchenchen <xuchenchen@kylinos.cn> -1.21.2-4
- Type:CVES
- ID:NA
- SUG:NA
- DESC:backport CVE-2024-38428
* Sat Jun 17 2023 xingwei <xingwei14@h-parters.com> - 1.21.2-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:src/main.c (main): Remove unused variable
* Sat Oct 22 2022 gaihuiying <eaglegai@163.com> - 1.21.2-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix find_cell(): wget killed by SIGSEGV
* Tue Dec 07 2021 xihaochen <xihaochen@huawei.com> - 1.21.2-1
- Type:requirements
- ID:NA
- SUG:NA
- DESC:update wget to 1.21.2
* Fri Jul 30 2021 gaihuiying <gaihuiying1@huawei.com> - 1.20.3-5
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix build error with gcc10
* Thu May 27 2021 lijingyuan <lijingyuan3@huawei.com> - 1.20.3-4
- Type:bugfix
- ID:NA