~ruther/guix-local

57513498def74f8d95ef10df654d28e5a638a612 — Leo Famulari 9 years ago a2c1dce 
gnu: tcsh: Fix out of bounds read.

* gnu/packages/patches/tcsh-fix-out-of-bounds-read.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/shells.scm (tcsh)[replacement]: New field.
(tcsh/fixed): New variable.
patch browse .tar.gz 
3 files changed, 42 insertions(+), 0 deletions(-)

M gnu/local.mk
A gnu/packages/patches/tcsh-fix-out-of-bounds-read.patch
M gnu/packages/shells.scm

M gnu/local.mk => gnu/local.mk +1 -0
@@ 885,6 885,7 @@ dist_patch_DATA =						\
  %D%/packages/patches/tclxml-3.2-install.patch			\
  %D%/packages/patches/tcsh-do-not-define-BSDWAIT.patch		\
  %D%/packages/patches/tcsh-fix-autotest.patch			\
  %D%/packages/patches/tcsh-fix-out-of-bounds-read.patch	\
  %D%/packages/patches/teensy-loader-cli-help.patch		\
  %D%/packages/patches/texi2html-document-encoding.patch	\
  %D%/packages/patches/texi2html-i18n.patch			\


A gnu/packages/patches/tcsh-fix-out-of-bounds-read.patch => gnu/packages/patches/tcsh-fix-out-of-bounds-read.patch +31 -0
@@ 0,0 1,31 @@
Fix out-of-bounds read in c_substitute():

http://seclists.org/oss-sec/2016/q4/612

Patch copied from upstream source repository:

https://github.com/tcsh-org/tcsh/commit/6a542dc4fb2ba26518a47e9b3a9bcd6a91b94596

From 6a542dc4fb2ba26518a47e9b3a9bcd6a91b94596 Mon Sep 17 00:00:00 2001
From: christos <christos>
Date: Fri, 2 Dec 2016 16:59:28 +0000
Subject: [PATCH] Fix out of bounds read (Brooks Davis) (reproduce by starting
 tcsh and hitting tab at the prompt)

---
 ed.chared.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ed.chared.c b/ed.chared.c
index 1277e53..310393e 100644
--- ed.chared.c
+++ ed.chared.c
@@ -750,7 +750,7 @@ c_substitute(void)
     /*
      * If we found a history character, go expand it.
      */
-    if (HIST != '\0' && *p == HIST)
+    if (p >= InputBuf && HIST != '\0' && *p == HIST)
 	nr_exp = c_excl(p);
     else
         nr_exp = 0;


M gnu/packages/shells.scm => gnu/packages/shells.scm +10 -0
@@ 174,6 174,7 @@ has a small feature set similar to a traditional Bourne shell.")
(define-public tcsh
  (package
    (name "tcsh")
    (replacement tcsh/fixed)
    (version "6.18.01")
    (source (origin
              (method url-fetch)


@@ 231,6 232,15 @@ command-line editor, programmable word completion, spelling correction, a
history mechanism, job control and a C-like syntax.")
    (license bsd-4)))

(define tcsh/fixed
  (package
    (inherit tcsh)
    (name "tcsh")
    (source (origin
              (inherit (package-source tcsh))
              (patches (cons (search-patch "tcsh-fix-out-of-bounds-read.patch")
                             (origin-patches (package-source tcsh))))))))

(define-public zsh
  (package
    (name "zsh")