bash-completion: (umount) use findmnt, escape a space in paths # mount /dev/sdc1 /mnt/test/foo\ bar # umount <tab>
has to return "/mnt/test/foo\ bar". Changes: * don't use mount | awk output, we have findmnt * force compgen use \n as entries separator Affects util-linux < 2.32-rc1 Signed-off-by: Jagadeesh Krishnanjanappa <[email protected]> --- .../util-linux/util-linux/CVE-2018-7738.patch | 49 ++++++++++++++++++++++ meta/recipes-core/util-linux/util-linux_2.30.bb | 1 + 2 files changed, 50 insertions(+) create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2018-7738.patch diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2018-7738.patch b/meta/recipes-core/util-linux/util-linux/CVE-2018-7738.patch new file mode 100644 index 0000000..7322b9c --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2018-7738.patch @@ -0,0 +1,49 @@ +From 75f03badd7ed9f1dd951863d75e756883d3acc55 Mon Sep 17 00:00:00 2001 +From: Karel Zak <[email protected]> +Date: Thu, 16 Nov 2017 16:27:32 +0100 +Subject: [PATCH] bash-completion: (umount) use findmnt, escape a space in + paths + + # mount /dev/sdc1 /mnt/test/foo\ bar + # umount <tab> + +has to return "/mnt/test/foo\ bar". + +Changes: + + * don't use mount | awk output, we have findmnt + * force compgen use \n as entries separator + +Addresses: https://github.com/karelzak/util-linux/issues/539 +Signed-off-by: Karel Zak <[email protected]> + +CVE: CVE-2018-7738 +Upstream-Status: Backport [https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55] + +Signed-off-by: Jagadeesh Krishnanjanappa <[email protected]> +--- + bash-completion/umount | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/bash-completion/umount b/bash-completion/umount +index d76cb9fff..98c90d61a 100644 +--- a/bash-completion/umount ++++ b/bash-completion/umount +@@ -40,9 +40,10 @@ _umount_module() + return 0 + ;; + esac +- local DEVS_MPOINTS +- DEVS_MPOINTS="$(mount | awk '{print $1, $3}')" +- COMPREPLY=( $(compgen -W "$DEVS_MPOINTS" -- $cur) ) +- return 0 ++ ++ local oldifs=$IFS ++ IFS=$'\n' ++ COMPREPLY=( $( compgen -W '$(findmnt -lno TARGET | sed "s/\([[:blank:]]\)/\\\\\1/g")' -- "$cur" ) ) ++ IFS=$oldifs + } + complete -F _umount_module umount +-- +2.13.3 + diff --git a/meta/recipes-core/util-linux/util-linux_2.30.bb b/meta/recipes-core/util-linux/util-linux_2.30.bb index 6b309b5..a6d23d8 100644 --- a/meta/recipes-core/util-linux/util-linux_2.30.bb +++ b/meta/recipes-core/util-linux/util-linux_2.30.bb @@ -14,6 +14,7 @@ SRC_URI += "file://configure-sbindir.patch \ file://run-ptest \ file://display_testname_for_subtest.patch \ file://avoid_parallel_tests.patch \ + file://CVE-2018-7738.patch \ " SRC_URI[md5sum] = "eaa3429150268027908a1b8ae6ee9a62" SRC_URI[sha256sum] = "c208a4ff6906cb7f57940aa5bc3a6eed146e50a7cc0a092f52ef2ab65057a08d" -- 2.7.4 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
