summaryrefslogtreecommitdiff
path: root/user/samurai/CVE-2021-30219.patch
diff options
context:
space:
mode:
authorSheila Aman <sheila@vulpine.house>2021-07-27 11:42:45 +0000
committerSheila Aman <sheila@vulpine.house>2021-07-27 11:42:54 +0000
commit0802fb7eecef74b8858ca0ddc653555fce360c7a (patch)
tree78b7296529eac40d58f8e5e6ff69b4df22911ad8 /user/samurai/CVE-2021-30219.patch
parent10af1e653558803cd413bfd407ac133d7e2c5d1b (diff)
downloadpackages-0802fb7eecef74b8858ca0ddc653555fce360c7a.tar.gz
packages-0802fb7eecef74b8858ca0ddc653555fce360c7a.tar.bz2
packages-0802fb7eecef74b8858ca0ddc653555fce360c7a.tar.xz
packages-0802fb7eecef74b8858ca0ddc653555fce360c7a.zip
user/samurai: upgrade to 1.2
Diffstat (limited to 'user/samurai/CVE-2021-30219.patch')
-rw-r--r--user/samurai/CVE-2021-30219.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/user/samurai/CVE-2021-30219.patch b/user/samurai/CVE-2021-30219.patch
new file mode 100644
index 000000000..fbc97b03d
--- /dev/null
+++ b/user/samurai/CVE-2021-30219.patch
@@ -0,0 +1,26 @@
+From d2af3bc375e2a77139c3a28d6128c60cd8d08655 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Sun, 4 Apr 2021 03:50:09 -0700
+Subject: [PATCH] parse: Check for non-empty command/rspfile/rspfile_content
+
+This matches ninja behavior and prevents the possibility of a rule
+with an empty (NULL) command string.
+
+Fixes #68.
+---
+ parse.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/parse.c b/parse.c
+index f79a5ee..b4b98a1 100644
+--- a/parse.c
++++ b/parse.c
+@@ -42,6 +42,8 @@ parserule(struct scanner *s, struct environment *env)
+ var = scanname(s);
+ parselet(s, &val);
+ ruleaddvar(r, var, val);
++ if (!val)
++ continue;
+ if (strcmp(var, "command") == 0)
+ hascommand = true;
+ else if (strcmp(var, "rspfile") == 0)