From 215c53d3b9617c10abb624b9331c2bdc9e4ddf3a Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Mon, 2 Apr 2018 11:00:18 +0200 Subject: main/busybox: backport fixes for grep and sed --- ...ho-aa-busybox-grep-F-w-a-should-not-match.patch | 48 ++++++++++++ ...-overflow-of-length-from-bb_get_chunk_fro.patch | 88 ++++++++++++++++++++++ main/busybox/APKBUILD | 7 +- 3 files changed, 142 insertions(+), 1 deletion(-) create mode 100644 main/busybox/0001-grep-fix-echo-aa-busybox-grep-F-w-a-should-not-match.patch create mode 100644 main/busybox/0001-sed-prevent-overflow-of-length-from-bb_get_chunk_fro.patch (limited to 'main/busybox') diff --git a/main/busybox/0001-grep-fix-echo-aa-busybox-grep-F-w-a-should-not-match.patch b/main/busybox/0001-grep-fix-echo-aa-busybox-grep-F-w-a-should-not-match.patch new file mode 100644 index 0000000000..4e04ba9224 --- /dev/null +++ b/main/busybox/0001-grep-fix-echo-aa-busybox-grep-F-w-a-should-not-match.patch @@ -0,0 +1,48 @@ +From 03fd7e06f854d385070a6fc9714f445727c359cd Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Thu, 29 Mar 2018 18:03:50 +0200 +Subject: [PATCH] grep: fix echo "aa" | busybox grep -F -w "a" (should not + match) + +function old new delta +grep_file 1461 1470 +9 + +Signed-off-by: Denys Vlasenko +--- + findutils/grep.c | 2 +- + testsuite/grep.tests | 6 ++++++ + 2 files changed, 7 insertions(+), 1 deletion(-) + +diff --git a/findutils/grep.c b/findutils/grep.c +index fc6de4b69..88de0d4ef 100644 +--- a/findutils/grep.c ++++ b/findutils/grep.c +@@ -352,7 +352,7 @@ static int grep_file(FILE *file) + goto opt_f_not_found; + } else + if (option_mask32 & OPT_w) { +- char c = (match != str) ? match[-1] : ' '; ++ char c = (match != line) ? match[-1] : ' '; + if (!isalnum(c) && c != '_') { + c = match[strlen(gl->pattern)]; + if (!c || (!isalnum(c) && c != '_')) +diff --git a/testsuite/grep.tests b/testsuite/grep.tests +index ed4ba455e..d0b0d2767 100755 +--- a/testsuite/grep.tests ++++ b/testsuite/grep.tests +@@ -165,6 +165,12 @@ testing "grep -w word doesn't match wordword" \ + "wordword\n" \ + "" + ++testing "grep -F -w w doesn't match ww" \ ++ "grep -F -w w input" \ ++ "" \ ++ "ww\n" \ ++ "" ++ + testing "grep -w word match second word" \ + "grep -w word input" \ + "bword,word\n""wordb,word\n""bwordb,word\n" \ +-- +2.16.3 + diff --git a/main/busybox/0001-sed-prevent-overflow-of-length-from-bb_get_chunk_fro.patch b/main/busybox/0001-sed-prevent-overflow-of-length-from-bb_get_chunk_fro.patch new file mode 100644 index 0000000000..da0121cadc --- /dev/null +++ b/main/busybox/0001-sed-prevent-overflow-of-length-from-bb_get_chunk_fro.patch @@ -0,0 +1,88 @@ +From e2afae6303e871a31a061d03359cfcd5dd86c088 Mon Sep 17 00:00:00 2001 +From: Quentin Rameau +Date: Sun, 1 Apr 2018 19:49:58 +0200 +Subject: [PATCH] sed: prevent overflow of length from bb_get_chunk_from_file + +This fragment did not work right: + + temp = bb_get_chunk_from_file(fp, &len); + if (temp) { + /* len > 0 here, it's ok to do temp[len-1] */ + char c = temp[len-1]; + +With "int len" _sign-extending_, temp[len-1] can refer to a wrong location +if len > 0x7fffffff. + +Signed-off-by: Quentin Rameau +Signed-off-by: Denys Vlasenko +--- + editors/sed.c | 2 +- + include/libbb.h | 2 +- + libbb/get_line_from_file.c | 11 +++++++---- + 3 files changed, 9 insertions(+), 6 deletions(-) + +diff --git a/editors/sed.c b/editors/sed.c +index 9d800c2c3..470220859 100644 +--- a/editors/sed.c ++++ b/editors/sed.c +@@ -988,7 +988,7 @@ static void flush_append(char *last_puts_char) + static char *get_next_line(char *gets_char, char *last_puts_char) + { + char *temp = NULL; +- int len; ++ size_t len; + char gc; + + flush_append(last_puts_char); +diff --git a/include/libbb.h b/include/libbb.h +index fa878433e..309c58734 100644 +--- a/include/libbb.h ++++ b/include/libbb.h +@@ -911,7 +911,7 @@ extern void xprint_and_close_file(FILE *file) FAST_FUNC; + * end of line. If end isn't NULL, length of the chunk is stored in it. + * Returns NULL if EOF/error. + */ +-extern char *bb_get_chunk_from_file(FILE *file, int *end) FAST_FUNC; ++extern char *bb_get_chunk_from_file(FILE *file, size_t *end) FAST_FUNC; + /* Reads up to (and including) TERMINATING_STRING: */ + extern char *xmalloc_fgets_str(FILE *file, const char *terminating_string) FAST_FUNC RETURNS_MALLOC; + /* Same, with limited max size, and returns the length (excluding NUL): */ +diff --git a/libbb/get_line_from_file.c b/libbb/get_line_from_file.c +index 941ea12b5..d10066937 100644 +--- a/libbb/get_line_from_file.c ++++ b/libbb/get_line_from_file.c +@@ -10,16 +10,19 @@ + */ + #include "libbb.h" + +-char* FAST_FUNC bb_get_chunk_from_file(FILE *file, int *end) ++char* FAST_FUNC bb_get_chunk_from_file(FILE *file, size_t *end) + { + int ch; +- unsigned idx = 0; ++ size_t idx = 0; + char *linebuf = NULL; + + while ((ch = getc(file)) != EOF) { + /* grow the line buffer as necessary */ +- if (!(idx & 0xff)) ++ if (!(idx & 0xff)) { ++ if (idx == ((size_t)-1) - 0xff) ++ bb_error_msg_and_die(bb_msg_memory_exhausted); + linebuf = xrealloc(linebuf, idx + 0x100); ++ } + linebuf[idx++] = (char) ch; + if (ch == '\0') + break; +@@ -49,7 +52,7 @@ char* FAST_FUNC xmalloc_fgets(FILE *file) + /* Get line. Remove trailing \n */ + char* FAST_FUNC xmalloc_fgetline(FILE *file) + { +- int i; ++ size_t i; + char *c = bb_get_chunk_from_file(file, &i); + + if (i && c[--i] == '\n') +-- +2.16.3 + diff --git a/main/busybox/APKBUILD b/main/busybox/APKBUILD index b4ad295acc..b375a44c55 100644 --- a/main/busybox/APKBUILD +++ b/main/busybox/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: Natanael Copa pkgname=busybox pkgver=1.28.2 -pkgrel=1 +pkgrel=2 pkgdesc="Size optimized toolbox of many common UNIX utilities" url=http://busybox.net arch="all" @@ -36,7 +36,10 @@ source="http://busybox.net/downloads/$pkgname-$pkgver.tar.bz2 0015-ash-introduce-a-config-option-to-search-current-dire.patch 0016-top-handle-much-larger-VSZ-values.patch 0017-ifupdown-do-not-fail-if-interface-disappears-during-.patch + fix-cpio-symlinks.patch + 0001-grep-fix-echo-aa-busybox-grep-F-w-a-should-not-match.patch + 0001-sed-prevent-overflow-of-length-from-bb_get_chunk_fro.patch acpid.logrotate busyboxconfig @@ -199,6 +202,8 @@ a96aa81d2f0104b5c28f02e80b3f77dbce77af93c174c09015a34850474d69e42c160fc8061c62f0 185f11578dc3c3637f1acd1285c71b9e31f4244c57cd85b0848912c085a7a8c833d4c935ab1cadcb9852cf3185c7ffb08db8ea728fb19ab6e6fa90d89f13c75b 0016-top-handle-much-larger-VSZ-values.patch d90d6b3406760fe3df6dbed46a0f4d1c02a69d5184ebc86d8c1692bc4576532127283ba3ff9a81e64f3660c279b8ee324dac7a426350873c45957067648651c6 0017-ifupdown-do-not-fail-if-interface-disappears-during-.patch 65c11538056b6bd782b6195252a2a49f3b374e285a04f3296f708bb7da02b87435c34d43eaf80f1961167f55106fc2e4d5843d0c27cf06e6156ff8fabe642ac8 fix-cpio-symlinks.patch +bc16f8ee0369274aa145d050cf45d7b0f7e9cd569b40e327b634f442851fff23a7decee0ba7822535bb6e195a0f8ab8a29fe5899cd909abda8d60e4247b462d9 0001-grep-fix-echo-aa-busybox-grep-F-w-a-should-not-match.patch +618cc4398765de5894ca9607798d163346441845be695a41299fedb4d9a6e3ae352850b75dbe7139fda315f93fbb66f3828396ca597bb83c51d19f57eb40e428 0001-sed-prevent-overflow-of-length-from-bb_get_chunk_fro.patch a9b1403c844c51934637215307dd9e2adb9458921047acff0d86dcf229b6e0027f4b2c6cdaa25a58407aad9d098fb5685d58eb5ff8d2aa3de4912cdea21fe54c acpid.logrotate 035f2a28719971d9ff805d208d70bc1144fd3701235dc46ef581a559e696ef92265f28f7debf0248a2cee004a773dcd07828bcc088716f5aff944ccdce15d30f busyboxconfig 0efbe22e2fd56993d92b6542d4ccffb2b42d50495be085c98f417a71f503b4071e2f092afcec77f78064d33ffb0922c28daa3cb9958e6d7fb26d5a660abd90f4 busyboxconfig-extras -- cgit v1.2.3