From: Sean Whitton Date: Thu, 2 Mar 2023 17:27:38 +0000 (-0700) Subject: Fix memory leak in etags.c introduced by recent security fix X-Git-Tag: archive/raspbian/1%29.2+1-2+rpi1~1^2~47 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=229035165d99203f50b5e0cb459224c1ed989d91;p=emacs.git Fix memory leak in etags.c introduced by recent security fix Thanks to Adrian Bunk for identifying the issue. --- 229035165d99203f50b5e0cb459224c1ed989d91 diff --cc debian/.git-dpm index a12c6e1563f,00000000000..97c04a483cd mode 100644,000000..100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@@ -1,8 -1,0 +1,8 @@@ +# see git-dpm(1) from git-dpm package - f8822cd42a828c42d9b76bcd32de7e595ffb73c1 - f8822cd42a828c42d9b76bcd32de7e595ffb73c1 ++3f6e215ea8d05e2760981c8ab5bce41879e54703 ++3f6e215ea8d05e2760981c8ab5bce41879e54703 +279b82e64e15b5e2df3cb522636c6db85a8ee659 +279b82e64e15b5e2df3cb522636c6db85a8ee659 +emacs_28.2+1.orig.tar.xz +d7f49858bdec2d47110c2ed7b1d0005f157e20c3 +26988304 diff --cc debian/patches/0023-Fix-memory-leak-in-etags.c.patch index 00000000000,00000000000..623231c50f3 new file mode 100644 --- /dev/null +++ b/debian/patches/0023-Fix-memory-leak-in-etags.c.patch @@@ -1,0 -1,0 +1,30 @@@ ++From 3f6e215ea8d05e2760981c8ab5bce41879e54703 Mon Sep 17 00:00:00 2001 ++From: Eli Zaretskii ++Date: Sun, 26 Feb 2023 20:03:20 +0200 ++Subject: Fix memory leak in etags.c ++ ++This upstream patch has been incorporated to fix the problem: ++ ++ * lib-src/etags.c (process_file_name): Free malloc'ed vars (bug#61819). ++ ++Origin: upstream, commit 0fde314f6f6e6664cddab1b2f0fe20629cd39d14 ++Bug: https://debbugs.gnu.org/61819 ++Bug-Debian: https://bugs.debian.org/1031888 ++Forwarded: not-needed ++--- ++ lib-src/etags.c | 2 ++ ++ 1 file changed, 2 insertions(+) ++ ++diff --git a/lib-src/etags.c b/lib-src/etags.c ++index a6bd7f66e29..ea80ba6e49a 100644 ++--- a/lib-src/etags.c +++++ b/lib-src/etags.c ++@@ -1714,6 +1714,8 @@ process_file_name (char *file, language *lang) ++ int buf_len = strlen (compr->command) + strlen (" > ") + strlen (new_real_name) + strlen (new_tmp_name) + 1; ++ char *cmd = xmalloc (buf_len); ++ snprintf (cmd, buf_len, "%s %s > %s", compr->command, new_real_name, new_tmp_name); +++ free (new_real_name); +++ free (new_tmp_name); ++ #endif ++ inf = (system (cmd) == -1 ++ ? NULL diff --cc debian/patches/series index a738362067b,00000000000..58041d1d729 mode 100644,000000..100644 --- a/debian/patches/series +++ b/debian/patches/series @@@ -1,22 -1,0 +1,23 @@@ +0001-Prefer-usr-share-info-emacs.patch +0002-Run-debian-startup-and-set-debian-emacs-flavor.patch +0003-Remove-files-that-appear-to-be-incompatible-with-the.patch +0004-Adjust-documentation-references-for-Debian.patch +0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch +0006-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch +0007-Kill-gpg-agent-in-package-test.el-to-avoid-a-race.patch +0008-Mark-vc-bzr-test-fauilt-bzr-autoloads-as-unstable-fo.patch +0009-pdumper-set-DUMP_RELOC_ALIGNMENT_BITS-1-for-m68k.patch +0010-Avoid-fork-bomb-caused-by-native-compilation.patch +0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch +0012-Fix-eln-files-not-being-generated-when-native-comp-a.patch +0013-Fix-large-core-dumps-from-background-processes.patch +0014-Mark-test-undo-region-as-unstable.patch +0015-Mark-flaky-test-process-tests-multiple-threads-waiti.patch +0016-Fix-ctags-local-command-execution-vulnerability-CVE-.patch +0017-Add-inhibit-native-compilation.patch +0018-Rename-to-inhibit-automatic-native-compilation.patch +0019-Fix-copyright-tests-for-2023-onwards.patch +0020-Fix-htmlfontify.el-command-injection-vulnerability-C.patch +0021-Fix-ruby-mode.el-command-injection-vulnerability-CVE.patch +0022-Fix-etags-local-command-injection-vulnerability-CVE-.patch ++0023-Fix-memory-leak-in-etags.c.patch