diff options
author | Zach van Rijn <me@zv.io> | 2021-07-27 23:41:01 +0000 |
---|---|---|
committer | Zach van Rijn <me@zv.io> | 2021-07-27 23:41:01 +0000 |
commit | dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d (patch) | |
tree | f0b5cb765c7f5a5ad19dd7db8303e1816ba9ebdf /user/samurai/CVE-2021-30219.patch | |
parent | cb89ebf6d88ee2ce9c87fbfc27d75fa65b3baa48 (diff) | |
parent | eff1c3c87532b591492fec9e3952425e199547a9 (diff) | |
download | packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.tar.gz packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.tar.bz2 packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.tar.xz packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.zip |
Merge branch 'aerdan/20210721' into 'master'
Bump packages owned by Síle
See merge request adelie/packages!619
Diffstat (limited to 'user/samurai/CVE-2021-30219.patch')
-rw-r--r-- | user/samurai/CVE-2021-30219.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/user/samurai/CVE-2021-30219.patch b/user/samurai/CVE-2021-30219.patch new file mode 100644 index 000000000..fbc97b03d --- /dev/null +++ b/user/samurai/CVE-2021-30219.patch @@ -0,0 +1,26 @@ +From d2af3bc375e2a77139c3a28d6128c60cd8d08655 Mon Sep 17 00:00:00 2001 +From: Michael Forney <mforney@mforney.org> +Date: Sun, 4 Apr 2021 03:50:09 -0700 +Subject: [PATCH] parse: Check for non-empty command/rspfile/rspfile_content + +This matches ninja behavior and prevents the possibility of a rule +with an empty (NULL) command string. + +Fixes #68. +--- + parse.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/parse.c b/parse.c +index f79a5ee..b4b98a1 100644 +--- a/parse.c ++++ b/parse.c +@@ -42,6 +42,8 @@ parserule(struct scanner *s, struct environment *env) + var = scanname(s); + parselet(s, &val); + ruleaddvar(r, var, val); ++ if (!val) ++ continue; + if (strcmp(var, "command") == 0) + hascommand = true; + else if (strcmp(var, "rspfile") == 0) |