summaryrefslogtreecommitdiff
path: root/user/samurai/CVE-2021-30218.patch
diff options
context:
space:
mode:
authorSheila Aman <sheila@vulpine.house>2021-07-27 11:42:45 +0000
committerSheila Aman <sheila@vulpine.house>2021-07-27 11:42:54 +0000
commit0802fb7eecef74b8858ca0ddc653555fce360c7a (patch)
tree78b7296529eac40d58f8e5e6ff69b4df22911ad8 /user/samurai/CVE-2021-30218.patch
parent10af1e653558803cd413bfd407ac133d7e2c5d1b (diff)
downloadpackages-0802fb7eecef74b8858ca0ddc653555fce360c7a.tar.gz
packages-0802fb7eecef74b8858ca0ddc653555fce360c7a.tar.bz2
packages-0802fb7eecef74b8858ca0ddc653555fce360c7a.tar.xz
packages-0802fb7eecef74b8858ca0ddc653555fce360c7a.zip
user/samurai: upgrade to 1.2
Diffstat (limited to 'user/samurai/CVE-2021-30218.patch')
-rw-r--r--user/samurai/CVE-2021-30218.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/user/samurai/CVE-2021-30218.patch b/user/samurai/CVE-2021-30218.patch
new file mode 100644
index 000000000..1d6663865
--- /dev/null
+++ b/user/samurai/CVE-2021-30218.patch
@@ -0,0 +1,29 @@
+From e84b6d99c85043fa1ba54851ee500540ec206918 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Fri, 2 Apr 2021 17:27:48 -0700
+Subject: [PATCH] util: Check for NULL string in writefile
+
+This check was there previously, but was removed in f549b757 with
+the addition of a check during parse that every rule has rspfile
+if and only if it has rspfile_content. However, this fails to
+consider the possibility of those variables coming from the edge
+or global environment. So, re-add the check.
+
+Fixes #67.
+---
+ util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/util.c b/util.c
+index ea5c3ce..2a59881 100644
+--- a/util.c
++++ b/util.c
+@@ -258,7 +258,7 @@ writefile(const char *name, struct string *s)
+ return -1;
+ }
+ ret = 0;
+- if (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0) {
++ if (s && (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0)) {
+ warn("write %s:", name);
+ ret = -1;
+ }