summaryrefslogtreecommitdiff
path: root/user/samurai/CVE-2021-30219.patch
diff options
context:
space:
mode:
authorZach van Rijn <me@zv.io>2021-07-27 23:41:01 +0000
committerZach van Rijn <me@zv.io>2021-07-27 23:41:01 +0000
commitdbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d (patch)
treef0b5cb765c7f5a5ad19dd7db8303e1816ba9ebdf /user/samurai/CVE-2021-30219.patch
parentcb89ebf6d88ee2ce9c87fbfc27d75fa65b3baa48 (diff)
parenteff1c3c87532b591492fec9e3952425e199547a9 (diff)
downloadpackages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.tar.gz
packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.tar.bz2
packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.tar.xz
packages-dbf2ee8a4c30d9326a182f421fbc2e5b58f9fc6d.zip
Merge branch 'aerdan/20210721' into 'master'
Bump packages owned by Síle See merge request adelie/packages!619
Diffstat (limited to 'user/samurai/CVE-2021-30219.patch')
-rw-r--r--user/samurai/CVE-2021-30219.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/user/samurai/CVE-2021-30219.patch b/user/samurai/CVE-2021-30219.patch
new file mode 100644
index 000000000..fbc97b03d
--- /dev/null
+++ b/user/samurai/CVE-2021-30219.patch
@@ -0,0 +1,26 @@
+From d2af3bc375e2a77139c3a28d6128c60cd8d08655 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Sun, 4 Apr 2021 03:50:09 -0700
+Subject: [PATCH] parse: Check for non-empty command/rspfile/rspfile_content
+
+This matches ninja behavior and prevents the possibility of a rule
+with an empty (NULL) command string.
+
+Fixes #68.
+---
+ parse.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/parse.c b/parse.c
+index f79a5ee..b4b98a1 100644
+--- a/parse.c
++++ b/parse.c
+@@ -42,6 +42,8 @@ parserule(struct scanner *s, struct environment *env)
+ var = scanname(s);
+ parselet(s, &val);
+ ruleaddvar(r, var, val);
++ if (!val)
++ continue;
+ if (strcmp(var, "command") == 0)
+ hascommand = true;
+ else if (strcmp(var, "rspfile") == 0)
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-08-05 00:40:03 +0000