| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
* src/safe.c (cwd_stat_errno, cwd_stat): stat() result of ".".
(read_symlink): When a symlink is absolute, check if it leads back into the
working directory. If it does, strip off the prefix above the working
directory. If the symlink points to the working directory, return an empty
path.
(traverse_another_path): Recognize empty paths from read_symlink().
* tests/symlinks: Absolute symlink test cases.
|
| |
|
|
| |
* tests/symlinks: Add more path traversal test cases.
|
| |
|
|
|
|
|
|
|
| |
* src/safe.c (struct symlink): A symlink to resolve.
(push_symlink, pop_symlink): New functions.
(read_symlink): Create a new symlink stack entry.
(traverse_next): Follow ".." components within the working directory. When
hitting symlinks, "follow" them by reading and returning them.
(traverse_another_path): Recursively traverse symlinks.
|
| |
|
|
|
|
|
|
|
| |
* src/safe.c: Include util.h for say(). Define EFTYPE if it isn't defined
already.
(traverse_another_path): When openat fails, also check for EMLINK, EFTYPE, and
ENOTDIR. Change the error message to "file ... is not a directory" and only
skip the rest of the patch instead of aborting.
* tests/symlinks: Update.
|
| |
|
|
|
| |
* tests/symlinks: Check the result of treating a symlink as a file with
--follow-symlinks.
|
| |
|
|
|
|
|
| |
Since the code is identical when just checking if a utility is present on
the system or not, we can factorize it.
Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
|
| |
|
|
|
| |
* tests/symlinks: Add a test case where the patch file itself is in a path that
follows a symbolic link; we want to continue allowing that.
|
| |
|
|
|
|
| |
* src/util.c (symlink_target_is_valid): Remove.
(move_file): Remove symlink target checking.
* tests/symlinks: Update test case.
|
| |
|
|
|
|
|
|
|
| |
* src/util.c (filename_is_safe): New function split off from name_is_valid().
(symlink_target_is_valid): Explain why we cannot have absolute symlinks or
symlinks with ".." components for now.
(move_file): Move absolute filename check here and explain.
* tests/symlinks: Put test case with ".." symlink in comments for now.
* NEWS: Add CVE number.
|
| |
|
|
|
|
|
|
|
|
|
| |
When creating symlinks from git-style patches, make sure the symlinks don't
point above the current working directory. Otherwise, a subsequent patch could
use the symlink to write outside the working directory.
* src/pch.c (symlink_target_is_valid): New function to check for valid symlink
targets.
* src/util.c (move_file): Use symlink_target_is_valid() here.
* tests/symlinks: Add valid and invalid symlink test cases.
|
| |
|
|
|
|
|
|
|
| |
* src/common.h (follow_symlinks): New variable.
* src/patch.c (longopts): Add new --follow-symlinks option.
(get_some_switches): Recognize the new option.
* src/util.c (stat_file): Follow symlinks if requested.
* patch.man: Document the new option.
* tests/symlinks: Add test case.
|
| |
|
|
|
|
| |
* src/inp.c (get_input_file): Improve error message when patching a file of
different type.
* tests/symlinks: Update test case.
|
| |
|
|
|
| |
* tests/dash-o-append: Minor update (still expected to fail).
* tests/symlinks: Minor update.
|
| |
|
|
|
|
| |
* tests/symlinks: Remove test case which deletes and then recreates a symlink:
all patches in a git-style input file must refer to the "before" state; the
test case is invalid.
|
| |
|
|
| |
Run "make update-copyright".
|
| |
|
|
|
| |
* bootstrap.conf (gnulib_modules): Add update-copyright.
Run "make update-copyright".
|
| |
|
|
|
|
|
|
|
|
| |
With these changes, "make sc_prohibit_test_minus_ao" almost passes.
Uses of "test -o" remain.
Note: unchecked uses of test -ot/-nt also remain.
* tests/empty-files: Use "test C1 && test C2", not "test C1 -a C2"
* tests/merge: Likewise.
* tests/symlinks: Likewise.
* tests/test-lib.sh: Likewise.
|
| |
|
|
|
|
|
|
|
|
| |
* src/util.c (create_backup): Document patch's backup file logic.
(create_backup, create_backup_copy): Add a flag to remember the backup
file; use when a patch deletes a file.
(move_file, copy_file): Better error messages.
* tests/Makefile.am (TESTS): Remove remember-backup-files-2.
* tests/remember-backup-files: Add tests from remember-backup-files-2.
* tests/symlinks: Add a symlink backup file test.
|
| |
|
|
| |
* tests/symlinks: Improve the backup file tests.
|
| |
|
|
|
| |
* src/patch.c (main): Support git symlink diffs.
* tests/symlinks: Add git symlink diff test cases.
|
|
|
* src/inp.c (get_input_file), src/pch.c (there_is_another_patch,
intuit_diff_type): Use lstat instead of stat. This causes patch to
refuse patching symlinks (get_input_file() will refuse to read them).
* src/util.c (create_backup): Refuse to create backups of symlinks.
* tests/symlinks: New test case.
* tests/Makefile.am (TESTS): Add test case.
* bootstrap.conf: Use the gnulib lstat module.
|
