[OE-core][dunfell][PATCH] less: Fix for CVE-2022-48624

Vijay Anusuri via lists.openembedded.org Sun, 25 Feb 2024 22:55:47 -0800

From: Vijay Anusuri <vanus...@mvista.com>

Upstream-Status: Backport 
[https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144]


Signed-off-by: Vijay Anusuri <vanus...@mvista.com>
---
 .../less/less/CVE-2022-48624.patch            | 41 +++++++++++++++++++
 meta/recipes-extended/less/less_551.bb        |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 meta/recipes-extended/less/less/CVE-2022-48624.patch

diff --git a/meta/recipes-extended/less/less/CVE-2022-48624.patch 
b/meta/recipes-extended/less/less/CVE-2022-48624.patch
new file mode 100644
index 0000000000..409730bd4f
--- /dev/null
+++ b/meta/recipes-extended/less/less/CVE-2022-48624.patch
@@ -0,0 +1,41 @@
+From c6ac6de49698be84d264a0c4c0c40bb870b10144 Mon Sep 17 00:00:00 2001
+From: Mark Nudelman <ma...@greenwoodsoftware.com>
+Date: Sat, 25 Jun 2022 11:54:43 -0700
+Subject: [PATCH] Shell-quote filenames when invoking LESSCLOSE.
+
+Upstream-Status: Backport 
[https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144]
+CVE: CVE-2022-48624
+Signed-off-by: Vijay Anusuri <vanus...@mvista.com>
+---
+ filename.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/filename.c b/filename.c
+index 5824e385..dff20c08 100644
+--- a/filename.c
++++ b/filename.c
+@@ -972,6 +972,8 @@ close_altfile(altfilename, filename)
+ {
+ #if HAVE_POPEN
+       char *lessclose;
++      char *qfilename;
++      char *qaltfilename;
+       FILE *fd;
+       char *cmd;
+       int len;
+@@ -986,9 +988,13 @@ close_altfile(altfilename, filename)
+               error("LESSCLOSE ignored; must contain no more than 2 %%s", 
NULL_PARG);
+               return;
+       }
+-      len = (int) (strlen(lessclose) + strlen(filename) + strlen(altfilename) 
+ 2);
++      qfilename = shell_quote(filename);
++      qaltfilename = shell_quote(altfilename);
++      len = (int) (strlen(lessclose) + strlen(qfilename) + 
strlen(qaltfilename) + 2);
+       cmd = (char *) ecalloc(len, sizeof(char));
+-      SNPRINTF2(cmd, len, lessclose, filename, altfilename);
++      SNPRINTF2(cmd, len, lessclose, qfilename, qaltfilename);
++      free(qaltfilename);
++      free(qfilename);
+       fd = shellcmd(cmd);
+       free(cmd);
+       if (fd != NULL)
diff --git a/meta/recipes-extended/less/less_551.bb 
b/meta/recipes-extended/less/less_551.bb
index a818c68fc7..401f40bed5 100644
--- a/meta/recipes-extended/less/less_551.bb
+++ b/meta/recipes-extended/less/less_551.bb
@@ -26,6 +26,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
 DEPENDS = "ncurses"
 
 SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz \
+           file://CVE-2022-48624.patch \
          "
 
 SRC_URI[md5sum] = "4ad4408b06d7a6626a055cb453f36819"
-- 
2.25.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#196181): 
https://lists.openembedded.org/g/openembedded-core/message/196181
Mute This Topic: https://lists.openembedded.org/mt/104578130/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell][PATCH] less: Fix for CVE-2022-48624

Reply via email to