oss-sec mailing list archives

Re: CVE request: patch directory traversal flaw

From: Vasiliy Kulikov <segoon () openwall com>
Date: Fri, 18 Feb 2011 19:51:25 +0300

The patch of Jim Meyering introduces interdiff regression:

$ interdiff -z john-1.7.6-jumbo-9.diff.gz john-1.7.6-jumbo-10.diff.gz
patch: **** rejecting absolute target file name: /tmp/.private/genie/interdiff-1.7yovIC
interdiff: Error applying patch1 to reconstructed file

interdiff creates a patch with absolute filenames, but doesn't pass the
target filename as an argument to patch.

It is fixed in the latest upstream version 0.3.2.  The fix itself is as
follows:

--- patchutils-0.3.1.orig/src/interdiff.c       2011-02-18 17:57:05.000000000 +0300
+++ patchutils-0.3.1/src/interdiff.c    2011-02-18 17:57:24.000000000 +0300
@@ -808,7 +808,7 @@ apply_patch (FILE *patch, const char *fi
        FILE *w;
 
        w = xpipe(PATCH, &child, "w", PATCH,
-                 reverted ? "-Rsp0" : "-sp0", NULL);
+                 reverted ? "-Rsp0" : "-sp0", file, NULL);
 
        fprintf (w, "--- %s\n+++ %s\n", file, file);
        line = NULL;
--


Thanks,

-- 
Vasiliy

Current thread:

CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)
  - Re: CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Steve Beattie (Jan 06)
  - Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Josh Bressers (Jan 06)
  - Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Jan 26)
  - Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Feb 18)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)