projects / emacs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1b1427e) | patch
Fix ctags local command execution vulnerability (CVE-2022-45939)
authorlu4nx <lx@shellcodes.org>
Fri, 25 Nov 2022 06:38:29 +0000 (14:38 +0800)
committerSean Whitton <spwhitton@spwhitton.name>
Fri, 2 Dec 2022 01:43:20 +0000 (18:43 -0700)
commite9f3f14ed42f9dd36d1ca40b9a85852ae5932adb
tree5fc61351661c87070f2d144511b12c280ed2199etree | snapshot
parent1b1427e19da0552bb5b6ee0aeb5046247afc4469commit | diff
Fix ctags local command execution vulnerability (CVE-2022-45939)

This upstream patch has been incorporated to fix the problem:

  Fixed ctags local command execute vulnerability

  * lib-src/etags.c:

  (clean_matched_file_tag): New function
  (do_move_file): New function
  (readline_internal):
  Add `leave_cr` parameter, if true, include the \r character

  * test/manual/etags/CTAGS.good_crlf: New file
  * test/manual/etags/CTAGS.good_update: New file
  * test/manual/etags/crlf: New file
  * test/manual/etags/Makefile: Add `ctags -u` test cases

Origin: upstream, commit: d48bb4874bc6cd3e69c7a15fc3c91cc141025c51
Bug: https://debbugs.gnu.org/59544
Bug-Debian: https://bugs.debian.org/1025009
Forwarded: not-needed
lib-src/etags.c diff | blob | history
test/manual/etags/CTAGS.good_crlf [new file with mode: 0644] blob
test/manual/etags/CTAGS.good_update [new file with mode: 0644] blob
test/manual/etags/Makefile diff | blob | history
test/manual/etags/crlf [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.