projects / emacs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 03c81f3) | patch
Fix ctags local command execution vulnerability (CVE-2022-45939)
authorlu4nx <lx@shellcodes.org>
Fri, 25 Nov 2022 06:38:29 +0000 (14:38 +0800)
committerRob Browning <rlb@defaultvalue.org>
Sat, 13 May 2023 20:17:27 +0000 (21:17 +0100)
commite72aa4c59521f78bf3771950949d360ba4fc9cff
tree91e2b28f6ef02f38d203d4996e861b98e8b73b0etree | snapshot
parent03c81f3e40bd8328b653beb1c39d2c3f1e7e9d08commit | diff
Fix ctags local command execution vulnerability (CVE-2022-45939)

This upstream patch has been incorporated to fix the problem:

  Fixed ctags local command execute vulnerability

  * lib-src/etags.c:

  (clean_matched_file_tag): New function
  (do_move_file): New function
  (readline_internal):
  Add `leave_cr` parameter, if true, include the \r character

  * test/manual/etags/CTAGS.good_crlf: New file
  * test/manual/etags/CTAGS.good_update: New file
  * test/manual/etags/crlf: New file
  * test/manual/etags/Makefile: Add `ctags -u` test cases

Origin: upstream, commit: d48bb4874bc6cd3e69c7a15fc3c91cc141025c51
Bug: https://debbugs.gnu.org/59544
Bug-Debian: https://bugs.debian.org/1025009
Forwarded: not-needed

Gbp-Pq: Name 0016-Fix-ctags-local-command-execution-vulnerability-CVE-.patch
lib-src/etags.c diff | blob | history
test/manual/etags/CTAGS.good_crlf [new file with mode: 0644] blob
test/manual/etags/CTAGS.good_update [new file with mode: 0644] blob
test/manual/etags/Makefile diff | blob | history
test/manual/etags/crlf [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.