From db08e5b522dc50708928166b347bd5dcae989407 Mon Sep 17 00:00:00 2001 From: Jindrich Novy Date: Mar 22 2013 09:22:58 +0000 Subject: fix couple of segfaults (#907045, #912033, #921414) --- diff --git a/mc-VFSsegfault.patch b/mc-VFSsegfault.patch new file mode 100644 index 0000000..0ef9d8b --- /dev/null +++ b/mc-VFSsegfault.patch @@ -0,0 +1,12 @@ +diff -up mc-4.8.7/lib/vfs/direntry.c.VFSsegfault mc-4.8.7/lib/vfs/direntry.c +--- mc-4.8.7/lib/vfs/direntry.c.VFSsegfault 2012-12-27 09:13:20.000000000 +0100 ++++ mc-4.8.7/lib/vfs/direntry.c 2013-03-21 10:54:15.344172569 +0100 +@@ -656,6 +656,8 @@ vfs_s_close (void *fh) + int res = 0; + struct vfs_class *me = FH_SUPER->me; + ++ if (!me) return -1; ++ + FH_SUPER->fd_usage--; + if (!FH_SUPER->fd_usage) + vfs_stamp_create (me, FH_SUPER); diff --git a/mc-cpiosegfault.patch b/mc-cpiosegfault.patch new file mode 100644 index 0000000..8627031 --- /dev/null +++ b/mc-cpiosegfault.patch @@ -0,0 +1,12 @@ +diff -up mc-4.8.7/src/vfs/cpio/cpio.c.cpiosegfault mc-4.8.7/src/vfs/cpio/cpio.c +--- mc-4.8.7/src/vfs/cpio/cpio.c.cpiosegfault 2012-12-27 09:13:20.000000000 +0100 ++++ mc-4.8.7/src/vfs/cpio/cpio.c 2013-03-14 11:55:50.660147302 +0100 +@@ -795,7 +795,7 @@ cpio_super_same (const vfs_path_element_ + g_free (archive_name); + + /* Has the cached archive been changed on the disk? */ +- if (((cpio_super_data_t *) parc->data)->st.st_mtime < archive_stat->st_mtime) ++ if (parc->data && ((cpio_super_data_t *) parc->data)->st.st_mtime < archive_stat->st_mtime) + { + /* Yes, reload! */ + (*vfs_cpiofs_ops.free) ((vfsid) parc); diff --git a/mc-widgetsegfault.patch b/mc-widgetsegfault.patch new file mode 100644 index 0000000..bcfb0bb --- /dev/null +++ b/mc-widgetsegfault.patch @@ -0,0 +1,12 @@ +diff -up mc-4.8.7/lib/widget/widget-common.h.widgetsegfault mc-4.8.7/lib/widget/widget-common.h +--- mc-4.8.7/lib/widget/widget-common.h.widgetsegfault 2012-12-10 22:04:32.000000000 +0100 ++++ mc-4.8.7/lib/widget/widget-common.h 2013-03-21 09:38:39.000000000 +0100 +@@ -153,7 +153,7 @@ gboolean mouse_global_in_widget (const G + static inline cb_ret_t + send_message (void *w, void *sender, widget_msg_t msg, int parm, void *data) + { +- return WIDGET (w)->callback (WIDGET (w), WIDGET (sender), msg, parm, data); ++ return w ? WIDGET (w)->callback (WIDGET (w), WIDGET (sender), msg, parm, data) : 1; + } + + #endif /* MC__WIDGET_INTERNAL_H */ diff --git a/mc.spec b/mc.spec index 1536e45..4a287ce 100644 --- a/mc.spec +++ b/mc.spec @@ -1,7 +1,7 @@ Summary: User-friendly text console file manager and visual shell Name: mc Version: 4.8.7 -Release: 1%{?dist} +Release: 3%{?dist} Epoch: 1 License: GPLv3+ Group: System Environment/Shells @@ -10,6 +10,9 @@ URL: http://www.midnight-commander.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: glib2-devel e2fsprogs-devel slang-devel gpm-devel groff BuildRequires: aspell-devel libssh2-devel >= 1.2.5 +Patch0: mc-cpiosegfault.patch +Patch1: mc-widgetsegfault.patch +Patch2: mc-VFSsegfault.patch %description Midnight Commander is a visual shell much like a file manager, only @@ -20,6 +23,9 @@ specific files. %prep %setup -q +%patch0 -p1 -b .cpiosegfault +%patch1 -p1 -b .widgetsegfault +%patch2 -p1 -b .VFSsegfault %build export CFLAGS="-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE $RPM_OPT_FLAGS -Wno-strict-aliasing" @@ -75,6 +81,16 @@ rm -rf $RPM_BUILD_ROOT %dir %{_libexecdir}/mc/ext.d %changelog +* Thu Mar 21 2013 Jindrich Novy 4.8.7-3 +- attempt to fix segfault while passing messages to widgets (#907045, #912033) +- fix possible segfault when freeing a VFS (#923415) + +* Thu Mar 14 2013 Jindrich Novy 4.8.7-2 +- fix segfault in cpio VFS while reading corrupted RPM (#921414) + +* Thu Feb 14 2013 Fedora Release Engineering - 1:4.8.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + * Wed Jan 02 2013 Jindrich Novy 4.8.7-1 - update to 4.8.7 (#890662) - drop patch for CVE-2012-4463 - applied upstream