From 0802fb7eecef74b8858ca0ddc653555fce360c7a Mon Sep 17 00:00:00 2001
From: Sheila Aman <sheila@vulpine.house>
Date: Tue, 27 Jul 2021 11:42:45 +0000
Subject: user/samurai: upgrade to 1.2

---
 user/samurai/CVE-2021-30219.patch | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 user/samurai/CVE-2021-30219.patch

(limited to 'user/samurai/CVE-2021-30219.patch')

diff --git a/user/samurai/CVE-2021-30219.patch b/user/samurai/CVE-2021-30219.patch
new file mode 100644
index 000000000..fbc97b03d
--- /dev/null
+++ b/user/samurai/CVE-2021-30219.patch
@@ -0,0 +1,26 @@
+From d2af3bc375e2a77139c3a28d6128c60cd8d08655 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Sun, 4 Apr 2021 03:50:09 -0700
+Subject: [PATCH] parse: Check for non-empty command/rspfile/rspfile_content
+
+This matches ninja behavior and prevents the possibility of a rule
+with an empty (NULL) command string.
+
+Fixes #68.
+---
+ parse.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/parse.c b/parse.c
+index f79a5ee..b4b98a1 100644
+--- a/parse.c
++++ b/parse.c
+@@ -42,6 +42,8 @@ parserule(struct scanner *s, struct environment *env)
+ 		var = scanname(s);
+ 		parselet(s, &val);
+ 		ruleaddvar(r, var, val);
++		if (!val)
++			continue;
+ 		if (strcmp(var, "command") == 0)
+ 			hascommand = true;
+ 		else if (strcmp(var, "rspfile") == 0)
-- 
cgit v1.2.3-70-g09d2