From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#59544: [PATCH] Fixed lib-src/etags.c command execute vulnerability Date: Sat, 26 Nov 2022 12:14:56 +0200 Message-ID: <83cz9at42n.fsf@gnu.org> References: <837czkw7sl.fsf@gnu.org> <8335a8w643.fsf@gnu.org> <83fse7ut10.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="15753"; mail-complaints-to="usenet@ciao.gmane.io" Cc: 59544@debbugs.gnu.org, lx@shellcodes.org To: Stefan Kangas Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sat Nov 26 11:15:13 2022 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oysDI-0003w4-V5 for geb-bug-gnu-emacs@m.gmane-mx.org; Sat, 26 Nov 2022 11:15:13 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oysDC-0005YR-JH; Sat, 26 Nov 2022 05:15:06 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oysD9-0005Y8-H6 for bug-gnu-emacs@gnu.org; Sat, 26 Nov 2022 05:15:03 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oysD9-0005CE-6a for bug-gnu-emacs@gnu.org; Sat, 26 Nov 2022 05:15:03 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oysD8-000456-2F for bug-gnu-emacs@gnu.org; Sat, 26 Nov 2022 05:15:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 26 Nov 2022 10:15:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 59544 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security patch Original-Received: via spool by 59544-submit@debbugs.gnu.org id=B59544.166945768015644 (code B ref 59544); Sat, 26 Nov 2022 10:15:02 +0000 Original-Received: (at 59544) by debbugs.gnu.org; 26 Nov 2022 10:14:40 +0000 Original-Received: from localhost ([127.0.0.1]:37880 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oysCm-00044G-Ef for submit@debbugs.gnu.org; Sat, 26 Nov 2022 05:14:40 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:54184) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oysCl-000443-8y for 59544@debbugs.gnu.org; Sat, 26 Nov 2022 05:14:39 -0500 Original-Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oysCf-0004ut-9c; Sat, 26 Nov 2022 05:14:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=uV/L5SsIw+6f1lDAq6wkStkUT5R1MSGk8eF9DmkepOc=; b=OtPWRWpxS4WYKO+7ilQt xJOi0A/pCJwl3sodgeFxcuwyNDMMctN65xYt3bXjNZLggoW3/YhB9Tj0a4EEL8xH1RQm8k4wcPQZw oUkEU7O1NN4hOHp4jMKmvznEux68Vkh7J74gT8wWIMNSJjFykMT38b44XQeQvKGnba0J8NiGyh/Bu 644ETjit/RObN4qgXyX8cg4Jwcl+N3lYNbHR+0Tu/ijlDwhSrTyB0Sq3ttflEtFiU5i5EjbUPipub rNFCc+5pHTY4PStsft/W/40BIZbH/ztyJrnkVqPup/fKaWv3WVKnFRY6wf/3tiba49DOPkz1O9skz 5SPVQdvgi4d1DA==; Original-Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oysCd-00069j-Op; Sat, 26 Nov 2022 05:14:32 -0500 In-Reply-To: (message from Stefan Kangas on Sat, 26 Nov 2022 01:47:25 -0800) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:249065 Archived-At: > From: Stefan Kangas > Date: Sat, 26 Nov 2022 01:47:25 -0800 > Cc: Eli Zaretskii , 59544@debbugs.gnu.org > > lux writes: > > > 在 2022/11/26 08:43, Stefan Kangas 写道: > > > > Other than that, LGTM. > > > >> + char *buf = xmalloc (buf_len); > > > > The buf variable is not released after use, I added free (buf) > > Thanks. I think we should aim to push this security fix ASAP. > > Eli, any additional comments on the patch? Please don't push, the patch was posted just a few hours ago. I have a lot to do on my hands, and will get to reviewing this in due time. We've lived with this "security issue" for decades, so I see nothing here that justifies "ASAP". I find the tendency to rush with installing changes bad for the quality of our code. I always wait at least for a week before installing myself, and suggest that you do the same. Doing so lets others chime in and provide valuable input and comments. Thanks in advance.