From: Nicolas Graves via Guix-patches via <guix-patches@gnu.org>
To: 74035@debbugs.gnu.org
Cc: Nicolas Graves <ngraves@ngraves.fr>
Subject: [bug#74035] [PATCH v2 13/26] gnu: indent: Add patch for CVE-2024-0911. [security fixes]
Date: Sun, 3 Nov 2024 17:02:08 +0100 [thread overview]
Message-ID: <20241103160239.6772-13-ngraves@ngraves.fr> (raw)
In-Reply-To: <20241103160239.6772-1-ngraves@ngraves.fr>
* gnu/packages/patches/indent-CVE-2024-0911.patch: Add patch here...
* gnu/local.mk: ...here...
* gnu/packages/code.scm (indent)[source]<origin>: ...and here.
---
gnu/local.mk | 1 +
gnu/packages/code.scm | 4 +-
.../patches/indent-CVE-2024-0911.patch | 61 +++++++++++++++++++
3 files changed, 65 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/indent-CVE-2024-0911.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3b94e6cc7e..06e8f1363c 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1562,6 +1562,7 @@ dist_patch_DATA = \
%D%/packages/patches/idris-test-ffi008.patch \
%D%/packages/patches/igraph-fix-varargs-integer-size.patch \
%D%/packages/patches/ilmbase-fix-tests.patch \
+ %D%/packages/patches/indent-CVE-2024-0911.patch \
%D%/packages/patches/instead-use-games-path.patch \
%D%/packages/patches/intltool-perl-compatibility.patch \
%D%/packages/patches/irrlicht-use-system-libs.patch \
diff --git a/gnu/packages/code.scm b/gnu/packages/code.scm
index b1523f5ac7..04ca4dfd6b 100644
--- a/gnu/packages/code.scm
+++ b/gnu/packages/code.scm
@@ -879,7 +879,9 @@ (define-public indent
(uri (string-append "mirror://gnu/indent/indent-" version
".tar.gz"))
(sha256
- (base32 "15c0ayp9rib7hzvrcxm5ijs0mpagw5y8kf5w0jr9fryfqi7n6r4y"))))
+ (base32 "15c0ayp9rib7hzvrcxm5ijs0mpagw5y8kf5w0jr9fryfqi7n6r4y"))
+ ;; Remove patch when updating.
+ (patches (search-patches "indent-CVE-2024-0911.patch"))))
(build-system gnu-build-system)
(native-inputs
(list texinfo))
diff --git a/gnu/packages/patches/indent-CVE-2024-0911.patch b/gnu/packages/patches/indent-CVE-2024-0911.patch
new file mode 100644
index 0000000000..4687d3f59a
--- /dev/null
+++ b/gnu/packages/patches/indent-CVE-2024-0911.patch
@@ -0,0 +1,61 @@
+Upstream issue: https://lists.gnu.org/archive/html/bug-indent/2024-01/msg00001.html
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ regression/TEST | 2 +-
+ regression/input/comment-parent-heap-underread.c | 3 +++
+ regression/standard/comment-parent-heap-underread.c | 5 +++++
+ src/output.c | 2 +-
+ 4 files changed, 10 insertions(+), 2 deletions(-)
+ create mode 100644 regression/input/comment-parent-heap-underread.c
+ create mode 100644 regression/standard/comment-parent-heap-underread.c
+
+diff --git a/regression/TEST b/regression/TEST
+index 7c07c2e..951b1a2 100755
+--- a/regression/TEST
++++ b/regression/TEST
+@@ -40,6 +40,7 @@ BUGS="case-label.c one-line-1.c one-line-2.c one-line-3.c \
+ macro.c enum.c elif.c nested.c wrapped-string.c minus_predecrement.c \
+ bug-gnu-33364.c float-constant-suffix.c block-comments.c \
+- no-forced-nl-in-block-init.c hexadecimal_float.c binary-constant.c"
++ no-forced-nl-in-block-init.c hexadecimal_float.c binary-constant.c \
++ comment-parent-heap-underread.c"
+
+ INDENTSRC="args.c backup.h backup.c dirent_def.h globs.c indent.h \
+ indent.c indent_globs.h io.c lexi.c memcpy.c parse.c pr_comment.c \
+diff --git a/regression/input/comment-parent-heap-underread.c
+b/regression/input/comment-parent-heap-underread.c
+new file mode 100644
+index 0000000..68e13cf
+--- /dev/null
++++ b/regression/input/comment-parent-heap-underread.c
+@@ -0,0 +1,3 @@
++void foo(void) {
++/*a*/(1);
++}
+diff --git a/regression/standard/comment-parent-heap-underread.c
+b/regression/standard/comment-parent-heap-underread.c
+new file mode 100644
+index 0000000..9a1c6e3
+--- /dev/null
++++ b/regression/standard/comment-parent-heap-underread.c
+@@ -0,0 +1,5 @@
++void
++foo (void)
++{
++/*a*/ (1);
++}
+diff --git a/src/output.c b/src/output.c
+index ee01bcc..17eee6e 100644
+--- a/src/output.c
++++ b/src/output.c
+@@ -290,7 +290,7 @@ void set_buf_break (
+ /* Did we just parse a bracket that will be put on the next line
+ * by this line break? */
+
+- if ((*token == '(') || (*token == '['))
++ if (level > 0 && ((*token == '(') || (*token == '[')))
+ {
+ --level; /* then don't take it into account */
+ }
+--
+2.43.0
--
2.46.0
next prev parent reply other threads:[~2024-11-03 16:05 UTC|newest]
Thread overview: 88+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-26 22:29 [bug#74035] [PATCH 00/24] [security fixes] for near-leaf packages Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 01/24] gnu: python-django-4.2: Update to 4.2.16. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 02/24] gnu: maradns: Update to 3.5.0036. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 03/24] gnu: maradns: Improve style Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 04/24] gnu: libmobi: Update to 0.12. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 05/24] gnu: bart: Update to 0.9.00. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 06/24] gnu: wireshark: Update to 4.4.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 07/24] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 08/24] gnu: darkhttpd: Update to 1.16. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 09/24] gnu: xlsxio: Update to 0.2.35. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 10/24] gnu: pypy: Update to 7.3.17. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 11/24] gnu: indent: Remove uneeded arguments Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 12/24] gnu: indent: Add patch for CVE-2024-0911. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 13/24] gnu: squashfs-tools: Update to 4.6.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 14/24] gnu: shapelib: Update to 1.6.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 15/24] gnu: libzapojit: Update to 0.0.3-1.99d49ba. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 16/24] gnu: gifsicle: Update to 1.95. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 17/24] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 18/24] gnu: openvpn: Update to 2.6.12. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 19/24] gnu: youtube-dl: Deprecate package Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 20/24] gnu: liblouis: Update to 3.31.0. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 21/24] gnu: unicorn: Update to 2.1.1. " Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 22/24] gnu: Add sexpp Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 23/24] gnu: rnp: Update to 0.17.1. [security fixes] Nicolas Graves via Guix-patches via
2024-10-26 22:42 ` [bug#74035] [PATCH 24/24] gnu: cjson: Update to 1.7.18. " Nicolas Graves via Guix-patches via
2024-11-03 16:01 ` [bug#74035] [PATCH v2 01/26] gnu: libyang: Update to 3.4.2. " Nicolas Graves via Guix-patches via
2024-11-03 16:01 ` [bug#74035] [PATCH v2 02/26] gnu: python-django-4.2: Update to 4.2.16. " Nicolas Graves via Guix-patches via
2024-11-04 16:08 ` Zheng Junjie
2024-11-03 16:01 ` [bug#74035] [PATCH v2 03/26] gnu: maradns: Update to 3.5.0036. " Nicolas Graves via Guix-patches via
2024-11-04 16:09 ` Zheng Junjie
2024-11-03 16:01 ` [bug#74035] [PATCH v2 04/26] gnu: maradns: Improve style Nicolas Graves via Guix-patches via
2024-11-04 16:09 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 05/26] gnu: libmobi: Update to 0.12. [security fixes] Nicolas Graves via Guix-patches via
2024-11-04 11:57 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 06/26] gnu: bart: Update to 0.9.00. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 07/26] gnu: wireshark: Update to 4.4.1. " Nicolas Graves via Guix-patches via
2024-11-04 9:38 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 08/26] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 09/26] gnu: darkhttpd: Update to 1.16. " Nicolas Graves via Guix-patches via
2024-11-04 9:40 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 10/26] gnu: xlsxio: Update to 0.2.35. " Nicolas Graves via Guix-patches via
2024-11-04 16:12 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 11/26] gnu: pypy: Update to 7.3.17. " Nicolas Graves via Guix-patches via
2024-11-04 9:39 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 12/26] gnu: indent: Remove uneeded arguments Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` Nicolas Graves via Guix-patches via [this message]
2024-11-03 16:02 ` [bug#74035] [PATCH v2 14/26] gnu: squashfs-tools: Update to 4.6.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-04 11:59 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 15/26] gnu: shapelib: Update to 1.6.1. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 16/26] gnu: libzapojit: Update to 0.0.3-1.99d49ba. " Nicolas Graves via Guix-patches via
2024-11-04 16:06 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 17/26] gnu: gifsicle: Update to 1.95. " Nicolas Graves via Guix-patches via
2024-11-04 11:58 ` Zheng Junjie
2024-11-03 16:02 ` [bug#74035] [PATCH v2 18/26] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 19/26] gnu: openvpn: Update to 2.6.12. " Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 20/26] gnu: liblouis: Update to 3.31.0. " Nicolas Graves via Guix-patches via
2024-11-04 11:58 ` Zheng Junjie
2024-11-06 16:09 ` Ludovic Courtès
2024-11-07 11:21 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 21/26] gnu: youtube-dl: Deprecate package Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 22/26] gnu: unicorn: Update to 2.1.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 23/26] gnu: Add sexpp Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 24/26] gnu: rnp: Update to 0.17.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-03 16:02 ` [bug#74035] [PATCH v2 25/26] gnu: cjson: Update to 1.7.18. " Nicolas Graves via Guix-patches via
2024-11-04 9:39 ` Z572
2024-11-03 16:02 ` [bug#74035] [PATCH v2 26/26] gnu: snapcast: Update to 0.29.0. " Nicolas Graves via Guix-patches via
2024-11-04 16:08 ` [bug#74035] [PATCH v2 01/26] gnu: libyang: Update to 3.4.2. " Zheng Junjie
2024-11-05 23:10 ` [bug#74035] [PATCH v3 0/8] [security] fixes for near-leaf packages Nicolas Graves via Guix-patches via
2024-11-05 23:10 ` [bug#74035] [PATCH v3 1/8] gnu: bart: Update to 0.9.00. [security fixes] Nicolas Graves via Guix-patches via
2024-11-05 23:10 ` [bug#74035] [PATCH v3 2/8] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-11-05 23:10 ` [bug#74035] [PATCH v3 3/8] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 1/8] gnu: bart: Update to 0.9.00. " Nicolas Graves via Guix-patches via
2024-11-11 11:47 ` Maxim Cournoyer
2024-11-11 15:23 ` Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 2/8] gnu: pam-u2f: Update to 1.3.0. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 3/8] gnu: sendmail: Update to 8.18.1. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 4/8] gnu: openvpn: Update to 2.6.12. " Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 5/8] gnu: youtube-dl: Deprecate package Nicolas Graves via Guix-patches via
2024-11-11 11:48 ` Maxim Cournoyer
2024-11-11 15:22 ` Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 6/8] gnu: unicorn: Update to 2.1.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 7/8] gnu: Add sexpp Nicolas Graves via Guix-patches via
2024-11-05 23:13 ` [bug#74035] [PATCH v4 8/8] gnu: rnp: Update to 0.17.1. [security fixes] Nicolas Graves via Guix-patches via
2024-11-11 13:14 ` Maxim Cournoyer
2024-11-11 15:23 ` Nicolas Graves via Guix-patches via
2024-11-12 11:54 ` bug#74035: " Maxim Cournoyer
2024-11-12 14:12 ` [bug#74035] " Maxim Cournoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241103160239.6772-13-ngraves@ngraves.fr \
--to=guix-patches@gnu.org \
--cc=74035@debbugs.gnu.org \
--cc=ngraves@ngraves.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).