aboutsummaryrefslogtreecommitdiffstats
path: root/community/neovim
diff options
context:
space:
mode:
authorDaniel Sabogal <dsabogalcc@gmail.com>2016-11-22 16:28:57 -0500
committerJakub Jirutka <jakub@jirutka.cz>2016-11-23 00:44:33 +0100
commit4334497e10a06b4bf609c459421f38f4f107273e (patch)
tree748d48a5d94ae85eee9750376b0cdf869ebeb860 /community/neovim
parentbe37a94bd55747bcd97f496950ca42f597156ab0 (diff)
downloadaports-4334497e10a06b4bf609c459421f38f4f107273e.tar.bz2
aports-4334497e10a06b4bf609c459421f38f4f107273e.tar.xz
community/neovim: security fix for CVE-2016-1248
Patch from Debian unstable (0.1.6-4)
Diffstat (limited to 'community/neovim')
-rw-r--r--community/neovim/APKBUILD18
-rw-r--r--community/neovim/CVE-2016-1248.patch71
2 files changed, 84 insertions, 5 deletions
diff --git a/community/neovim/APKBUILD b/community/neovim/APKBUILD
index f5190e0beb..cabf75b05c 100644
--- a/community/neovim/APKBUILD
+++ b/community/neovim/APKBUILD
@@ -3,7 +3,7 @@
# TODO: Try to trim the base package to include only common syntax files etc.
pkgname=neovim
pkgver=0.1.6
-pkgrel=0
+pkgrel=1
pkgdesc="Vim-fork focused on extensibility and agility"
url="https://neovim.io"
arch="all"
@@ -13,9 +13,14 @@ makedepends="cmake gettext-dev gperf libtermkey-dev libuv-dev libvterm-dev
lua5.1-lpeg lua5.1-mpack luajit-dev msgpack-c-dev unibilium-dev"
subpackages="$pkgname-lang $pkgname-doc"
source="$pkgname-$pkgver.tar.gz::https://github.com/neovim/$pkgname/archive/v$pkgver.tar.gz
- nodoc.txt"
+ nodoc.txt
+ CVE-2016-1248.patch"
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 0.1.6-r1:
+# - CVE-2016-1248
+
build() {
mkdir -p "$builddir"/build
cd "$builddir"/build
@@ -55,8 +60,11 @@ doc() {
}
md5sums="307978937c7fc2ebd796b345d99ed7cd neovim-0.1.6.tar.gz
-c910a91b399ebbd498cf6f96ce247cb6 nodoc.txt"
+c910a91b399ebbd498cf6f96ce247cb6 nodoc.txt
+62fa2153774023d9a9882c4f5987911c CVE-2016-1248.patch"
sha256sums="a9fe7aadd38ef015f82ec340f6b6c0629d02c9ca4d85352db0934ae511d2f02a neovim-0.1.6.tar.gz
-7ecadab8a847334060eb1f16e5c0cec6e12e183d8695f6f924429184cd22e463 nodoc.txt"
+7ecadab8a847334060eb1f16e5c0cec6e12e183d8695f6f924429184cd22e463 nodoc.txt
+8182111c741004de62543050958b535d300969ab395a0853cfe38e1d7adfc1aa CVE-2016-1248.patch"
sha512sums="360d69bc11a3cb7b2c203adc7e76edad736b1a2fb7033d2d0c6444da168053ea0b621daf7978e9c158e14c5e04af8599005bf5eb800d9d1776007257b0e0e56f neovim-0.1.6.tar.gz
-72ab288f53acddc088c567aafe8c5afa6835325fab7879e782d1d62f87a662f3a6bac123c450debbae1b32336cc60b2830b429838ee3dfcc7524773b5069f4f0 nodoc.txt"
+72ab288f53acddc088c567aafe8c5afa6835325fab7879e782d1d62f87a662f3a6bac123c450debbae1b32336cc60b2830b429838ee3dfcc7524773b5069f4f0 nodoc.txt
+0bc6db4051564e4a2146e403c0a3f7128457b5190594ac570f51f787d6f70e80d692b7c1d3431273f6bc4a7edf24f6978590953fce6fc935c12ceb07d5c6bd92 CVE-2016-1248.patch"
diff --git a/community/neovim/CVE-2016-1248.patch b/community/neovim/CVE-2016-1248.patch
new file mode 100644
index 0000000000..4a20d14028
--- /dev/null
+++ b/community/neovim/CVE-2016-1248.patch
@@ -0,0 +1,71 @@
+From 177272f1f76565205c5c381bdf7dd020d7c5a5a8 Mon Sep 17 00:00:00 2001
+From: James McCoy <jamessan@jamessan.com>
+Date: Sun, 20 Nov 2016 08:42:38 -0700
+Subject: [PATCH] vim-patch:8.0.0056
+
+Problem: When setting 'filetype' there is no check for a valid name.
+Solution: Only allow valid characters in 'filetype', 'syntax' and 'keymap'.
+
+https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
+---
+ src/nvim/option.c | 33 ++++++++++++++++++++++++++++-----
+ 1 file changed, 28 insertions(+), 5 deletions(-)
+
+diff --git a/src/nvim/option.c b/src/nvim/option.c
+index 5f338ea..24444ee 100644
+--- a/src/nvim/option.c
++++ b/src/nvim/option.c
+@@ -2389,6 +2389,18 @@ static char *set_string_option(const int opt_idx, const char *const value,
+ return r;
+ }
+
++/// Return true if "val" is a valid 'filetype' name.
++/// Also used for 'syntax' and 'keymap'.
++static bool valid_filetype(char_u *val)
++{
++ for (char_u *s = val; *s != NUL; s++) {
++ if (!ASCII_ISALNUM(*s) && vim_strchr((char_u *)".-_", *s) == NULL) {
++ return false;
++ }
++ }
++ return true;
++}
++
+ /*
+ * Handle string options that need some action to perform when changed.
+ * Returns NULL for success, or an error message for an error.
+@@ -2620,8 +2632,12 @@ did_set_string_option (
+ xfree(p_penc);
+ p_penc = p;
+ } else if (varp == &curbuf->b_p_keymap) {
+- /* load or unload key mapping tables */
+- errmsg = keymap_init();
++ if (!valid_filetype(*varp)) {
++ errmsg = e_invarg;
++ } else {
++ // load or unload key mapping tables
++ errmsg = keymap_init();
++ }
+
+ if (errmsg == NULL) {
+ if (*curbuf->b_p_keymap != NUL) {
+@@ -3110,9 +3126,16 @@ did_set_string_option (
+ else if (gvarp == &p_cino) {
+ /* TODO: recognize errors */
+ parse_cino(curbuf);
+- }
+- /* Options that are a list of flags. */
+- else {
++ } else if (gvarp == &p_ft) {
++ if (!valid_filetype(*varp)) {
++ errmsg = e_invarg;
++ }
++ } else if (gvarp == &p_syn) {
++ if (!valid_filetype(*varp)) {
++ errmsg = e_invarg;
++ }
++ } else {
++ // Options that are a list of flags.
+ p = NULL;
+ if (varp == &p_ww)
+ p = (char_u *)WW_ALL;