Projects
openEuler:20.03:LTS:SP3
busybox
Sign Up
Log In
Username
Password
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 7
View file
_service:tar_scm_kernel_repo:busybox.spec
Changed
@@ -4,7 +4,7 @@ %endif %if "%{!?RELEASE:1}" -%define RELEASE 9 +%define RELEASE 10 %endif Name: busybox @@ -24,6 +24,7 @@ Patch6002: backport-CVE-2021-42374.patch Patch6003: backport-CVE-2021-42377.patch Patch6004: backport-CVE-2021-42376.patch +Patch6005: backport-fix-awk-cve.patch BuildRoot: %_topdir/BUILDROOT #Dependency @@ -99,6 +100,12 @@ %{_mandir}/man1/busybox.petitboot.1.gz %changelog +* Mon Nov 29 2021 xiechengliang<xiechengliang1@huawei.com> - 1:1.31.1-10 +- Type:CVE +- Id:NA +- SUG:NA +- DESC: fix CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 and CVE-2021-42386 + * Wed Nov 24 2021 xiechengliang<xiechengliang1@huawei.com> - 1:1.31.1-9 - Type:CVE - Id:NA
View file
_service:tar_scm_kernel_repo:backport-fix-awk-cve.patch
Added
@@ -0,0 +1,7763 @@ +From b5212ceaebdecdd47288018d7291207b3c2598fe Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Sun, 2 Feb 2020 23:28:55 +0100 +Subject: [PATCH 01/65] awk: fix more "length" cases, closes 12486 + +function old new delta +next_token 808 831 +23 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +(cherry picked from commit bd8b05ba1b0901bbd6a913dfd5186ac7c8beffed) +--- + editors/awk.c | 22 ++++++++++++++++++---- + testsuite/awk.tests | 23 ++++++++++++++++++++++- + 2 files changed, 40 insertions(+), 5 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index d25508e5d..e58c72700 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -272,7 +272,8 @@ typedef struct tsplitter_s { + /* if previous token class is CONCAT1 and next is CONCAT2, concatenation */ + /* operator is inserted between them */ + #define TC_CONCAT1 (TC_VARIABLE | TC_ARRTERM | TC_SEQTERM \ +- | TC_STRING | TC_NUMBER | TC_UOPPOST) ++ | TC_STRING | TC_NUMBER | TC_UOPPOST \ ++ | TC_LENGTH) + #define TC_CONCAT2 (TC_OPERAND | TC_UOPPRE) + + #define OF_RES1 0x010000 +@@ -1070,8 +1071,10 @@ static uint32_t next_token(uint32_t expected) + const uint32_t *ti; + + if (t_rollback) { ++ debug_printf_parse("%s: using rolled-back token\n", __func__); + t_rollback = FALSE; + } else if (concat_inserted) { ++ debug_printf_parse("%s: using concat-inserted token\n", __func__); + concat_inserted = FALSE; + t_tclass = save_tclass; + t_info = save_info; +@@ -1200,7 +1203,11 @@ static uint32_t next_token(uint32_t expected) + goto readnext; + + /* insert concatenation operator when needed */ +- if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP)) { ++ debug_printf_parse("%s: %x %x %x concat_inserted?\n", __func__, ++ (ltclass & TC_CONCAT1), (tc & TC_CONCAT2), (expected & TC_BINOP)); ++ if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP) ++ && !(ltclass == TC_LENGTH && tc == TC_SEQSTART) /* but not for "length(..." */ ++ ) { + concat_inserted = TRUE; + save_tclass = tc; + save_info = t_info; +@@ -1208,6 +1215,7 @@ static uint32_t next_token(uint32_t expected) + t_info = OC_CONCAT | SS | P(35); + } + ++ debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, t_tclass); + t_tclass = tc; + } + ltclass = t_tclass; +@@ -1218,6 +1226,7 @@ static uint32_t next_token(uint32_t expected) + EMSG_UNEXP_EOS : EMSG_UNEXP_TOKEN); + } + ++ debug_printf_parse("%s: returning, ltclass:%x t_double:%f\n", __func__, ltclass, t_double); + return ltclass; + #undef concat_inserted + #undef save_tclass +@@ -1282,7 +1291,7 @@ static node *parse_expr(uint32_t iexp) + glptr = NULL; + + } else if (tc & (TC_BINOP | TC_UOPPOST)) { +- debug_printf_parse("%s: TC_BINOP | TC_UOPPOST\n", __func__); ++ debug_printf_parse("%s: TC_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); + /* for binary and postfix-unary operators, jump back over + * previous operators with higher priority */ + vn = cn; +@@ -1387,7 +1396,12 @@ static node *parse_expr(uint32_t iexp) + + case TC_LENGTH: + debug_printf_parse("%s: TC_LENGTH\n", __func__); +- next_token(TC_SEQSTART | TC_OPTERM | TC_GRPTERM); ++ next_token(TC_SEQSTART /* length(...) */ ++ | TC_OPTERM /* length; (or newline)*/ ++ | TC_GRPTERM /* length } */ ++ | TC_BINOPX /* length <op> NUM */ ++ | TC_COMMA /* print length, 1 */ ++ ); + rollback_token(); + if (t_tclass & TC_SEQSTART) { + /* It was a "(" token. Handle just like TC_BUILTIN */ +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index a7a533ba0..b5008290f 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -85,7 +85,8 @@ testing "awk floating const with leading zeroes" \ + "" "\n" + + # long field seps requiring regex +-testing "awk long field sep" "awk -F-- '{ print NF, length(\$NF), \$NF }'" \ ++testing "awk long field sep" \ ++ "awk -F-- '{ print NF, length(\$NF), \$NF }'" \ + "2 0 \n3 0 \n4 0 \n5 0 \n" \ + "" \ + "a--\na--b--\na--b--c--\na--b--c--d--" +@@ -317,6 +318,26 @@ testing "awk length()" \ + "3\n3\n3\n3\n" \ + "" "qwe" + ++testing "awk print length, 1" \ ++ "awk '{ print length, 1 }'" \ ++ "0 1\n" \ ++ "" "\n" ++ ++testing "awk print length 1" \ ++ "awk '{ print length 1 }'" \ ++ "01\n" \ ++ "" "\n" ++ ++testing "awk length == 0" \ ++ "awk 'length == 0 { print \"foo\" }'" \ ++ "foo\n" \ ++ "" "\n" ++ ++testing "awk if (length == 0)" \ ++ "awk '{ if (length == 0) { print \"bar\" } }'" \ ++ "bar\n" \ ++ "" "\n" ++ + testing "awk -f and ARGC" \ + "awk -f - input" \ + "re\n2\n" \ +-- +2.27.0 + + +From 2a117a751e6747287c2df92ae9635d12c065a70c Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Tue, 9 Jun 2020 01:33:54 +0200 +Subject: [PATCH 02/65] awk: disallow "str"++, closes bug 12981 + +function old new delta +parse_expr 887 896 +9 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +(cherry picked from commit 6f7a0096496a5a9e90638dc01e947015cc776110) +--- + editors/awk.c | 4 +++- + testsuite/awk.tests | 8 ++++++++ + 2 files changed, 11 insertions(+), 1 deletion(-) + +diff --git a/editors/awk.c b/editors/awk.c +index e58c72700..c693aa505 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -1359,8 +1359,10 @@ static node *parse_expr(uint32_t iexp) + v = cn->l.v = xzalloc(sizeof(var)); + if (tc & TC_NUMBER) + setvar_i(v, t_double); +- else ++ else { + setvar_s(v, t_string); ++ xtc &= ~TC_UOPPOST; /* "str"++ is not allowed */ ++ } + break; + + case TC_REGEXP: +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index b5008290f..87f6b5007 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -390,5 +390,13 @@ testing 'awk negative field access' \ + '' \ + 'anything' + ++# was misinterpreted as (("str"++) i) instead of ("str" (++i)) ++# (and was executed: "str"++ is "0", thus concatenating "0" and "1"): ++testing 'awk do not allow "str"++' \ ++ 'awk -v i=1 "BEGIN {print \"str\" ++i}"' \ ++ "str2\n" \ ++ '' \ ++ 'anything' ++ + + exit $FAILCOUNT +-- +2.27.0 + + +From edcd27a4fbfc93e0f8d271f6090718f921176307 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Mon, 16 Nov 2020 10:40:32 +0100 +Subject: [PATCH 03/65] awk: fix dodgy multi-char separators splitting logic + +function old new delta +awk_split 521 484 -37 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.