summary refs log tree commit diff
path: root/gnu/packages/patches/zsh-CVE-2018-7549.patch
blob: abefcdf2f97c3ab14783d31f34145e654bb4f797 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Fix CVE-2018-7549:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7549

Patch copied from upstream source repository:

https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd

From c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd Mon Sep 17 00:00:00 2001
From: Stephane Chazelas <stephane.chazelas@gmail.com>
Date: Fri, 22 Dec 2017 22:17:09 +0000
Subject: [PATCH] Avoid crash copying empty hash table.

Visible with typeset -p.
---
 ChangeLog    |  2 ++
 Src/params.c | 11 +++++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

#diff --git a/ChangeLog b/ChangeLog
#index f74c26b88..e3628cfa7 100644
#--- a/ChangeLog
#+++ b/ChangeLog
#@@ -1,5 +1,7 @@
# 2018-01-04  Peter Stephenson  <p.stephenson@samsung.com>
# 
#+       * Stephane: 42159: Src/params.c: avoid crash copying empty hash table.
#+
#        * Sebastian: 42188: Src/Modules/system.c: It is necessary to
#        close the lock descriptor in some failure cases.
#
diff --git a/Src/params.c b/Src/params.c
index 31ff0445b..de7730ae7 100644
--- a/Src/params.c
+++ b/Src/params.c
@@ -549,10 +549,13 @@ scancopyparams(HashNode hn, UNUSED(int flags))
 HashTable
 copyparamtable(HashTable ht, char *name)
 {
-    HashTable nht = newparamtable(ht->hsize, name);
-    outtable = nht;
-    scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
-    outtable = NULL;
+    HashTable nht = 0;
+    if (ht) {
+	nht = newparamtable(ht->hsize, name);
+	outtable = nht;
+	scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
+	outtable = NULL;
+    }
     return nht;
 }
 
-- 
2.16.2