diff --git a/srcpkgs/git/patches/fix-CVE-2016-2324.diff b/srcpkgs/git/patches/fix-CVE-2016-2324.diff new file mode 100644 index 00000000000..0ba5404e4db --- /dev/null +++ b/srcpkgs/git/patches/fix-CVE-2016-2324.diff @@ -0,0 +1,459 @@ +diff --git builtin/pack-objects.c builtin/pack-objects.c +index 4dae5b1..a6609f1 100644 +--- builtin/pack-objects.c ++++ builtin/pack-objects.c +@@ -2284,21 +2284,11 @@ static void show_commit(struct commit *commit, void *data) + index_commit_for_bitmap(commit); + } + +-static void show_object(struct object *obj, +- const struct name_path *path, const char *last, +- void *data) ++static void show_object(struct object *obj, const char *name, void *data) + { +- char *name = path_name(path, last); +- + add_preferred_base_object(name); + add_object_entry(obj->oid.hash, obj->type, name, 0); + obj->flags |= OBJECT_ADDED; +- +- /* +- * We will have generated the hash from the name, +- * but not saved a pointer to it - we can free it +- */ +- free((char *)name); + } + + static void show_edge(struct commit *commit) +@@ -2480,8 +2470,7 @@ static int get_object_list_from_bitmap(struct rev_info *revs) + } + + static void record_recent_object(struct object *obj, +- const struct name_path *path, +- const char *last, ++ const char *name, + void *data) + { + sha1_array_append(&recent_objects, obj->oid.hash); +diff --git builtin/rev-list.c builtin/rev-list.c +index 3aa89a1..275da0d 100644 +--- builtin/rev-list.c ++++ builtin/rev-list.c +@@ -177,9 +177,7 @@ static void finish_commit(struct commit *commit, void *data) + free_commit_buffer(commit); + } + +-static void finish_object(struct object *obj, +- const struct name_path *path, const char *name, +- void *cb_data) ++static void finish_object(struct object *obj, const char *name, void *cb_data) + { + struct rev_list_info *info = cb_data; + if (obj->type == OBJ_BLOB && !has_object_file(&obj->oid)) +@@ -188,15 +186,13 @@ static void finish_object(struct object *obj, + parse_object(obj->oid.hash); + } + +-static void show_object(struct object *obj, +- const struct name_path *path, const char *component, +- void *cb_data) ++static void show_object(struct object *obj, const char *name, void *cb_data) + { + struct rev_list_info *info = cb_data; +- finish_object(obj, path, component, cb_data); ++ finish_object(obj, name, cb_data); + if (info->flags & REV_LIST_QUIET) + return; +- show_object_with_name(stdout, obj, path, component); ++ show_object_with_name(stdout, obj, name); + } + + static void show_edge(struct commit *commit) +diff --git http-push.c http-push.c +index d857b13..bd60668 100644 +--- http-push.c ++++ http-push.c +@@ -1277,9 +1277,7 @@ static struct object_list **add_one_object(struct object *obj, struct object_lis + } + + static struct object_list **process_blob(struct blob *blob, +- struct object_list **p, +- struct name_path *path, +- const char *name) ++ struct object_list **p) + { + struct object *obj = &blob->object; + +@@ -1293,14 +1291,11 @@ static struct object_list **process_blob(struct blob *blob, + } + + static struct object_list **process_tree(struct tree *tree, +- struct object_list **p, +- struct name_path *path, +- const char *name) ++ struct object_list **p) + { + struct object *obj = &tree->object; + struct tree_desc desc; + struct name_entry entry; +- struct name_path me; + + obj->flags |= LOCAL; + +@@ -1310,21 +1305,17 @@ static struct object_list **process_tree(struct tree *tree, + die("bad tree object %s", oid_to_hex(&obj->oid)); + + obj->flags |= SEEN; +- name = xstrdup(name); + p = add_one_object(obj, p); +- me.up = path; +- me.elem = name; +- me.elem_len = strlen(name); + + init_tree_desc(&desc, tree->buffer, tree->size); + + while (tree_entry(&desc, &entry)) + switch (object_type(entry.mode)) { + case OBJ_TREE: +- p = process_tree(lookup_tree(entry.sha1), p, &me, name); ++ p = process_tree(lookup_tree(entry.sha1), p); + break; + case OBJ_BLOB: +- p = process_blob(lookup_blob(entry.sha1), p, &me, name); ++ p = process_blob(lookup_blob(entry.sha1), p); + break; + default: + /* Subproject commit - not in this repository */ +@@ -1343,7 +1334,7 @@ static int get_delta(struct rev_info *revs, struct remote_lock *lock) + int count = 0; + + while ((commit = get_revision(revs)) != NULL) { +- p = process_tree(commit->tree, p, NULL, ""); ++ p = process_tree(commit->tree, p); + commit->object.flags |= LOCAL; + if (!(commit->object.flags & UNINTERESTING)) + count += add_send_request(&commit->object, lock); +@@ -1362,11 +1353,11 @@ static int get_delta(struct rev_info *revs, struct remote_lock *lock) + continue; + } + if (obj->type == OBJ_TREE) { +- p = process_tree((struct tree *)obj, p, NULL, name); ++ p = process_tree((struct tree *)obj, p); + continue; + } + if (obj->type == OBJ_BLOB) { +- p = process_blob((struct blob *)obj, p, NULL, name); ++ p = process_blob((struct blob *)obj, p); + continue; + } + die("unknown pending object %s (%s)", oid_to_hex(&obj->oid), name); +diff --git list-objects.c list-objects.c +index 11732d9..917cc5d 100644 +--- list-objects.c ++++ list-objects.c +@@ -11,11 +11,12 @@ + static void process_blob(struct rev_info *revs, + struct blob *blob, + show_object_fn show, +- struct name_path *path, ++ struct strbuf *path, + const char *name, + void *cb_data) + { + struct object *obj = &blob->object; ++ size_t pathlen; + + if (!revs->blob_objects) + return; +@@ -24,7 +25,11 @@ static void process_blob(struct rev_info *revs, + if (obj->flags & (UNINTERESTING | SEEN)) + return; + obj->flags |= SEEN; +- show(obj, path, name, cb_data); ++ ++ pathlen = path->len; ++ strbuf_addstr(path, name); ++ show(obj, path->buf, cb_data); ++ strbuf_setlen(path, pathlen); + } + + /* +@@ -52,7 +57,7 @@ static void process_blob(struct rev_info *revs, + static void process_gitlink(struct rev_info *revs, + const unsigned char *sha1, + show_object_fn show, +- struct name_path *path, ++ struct strbuf *path, + const char *name, + void *cb_data) + { +@@ -62,7 +67,6 @@ static void process_gitlink(struct rev_info *revs, + static void process_tree(struct rev_info *revs, + struct tree *tree, + show_object_fn show, +- struct name_path *path, + struct strbuf *base, + const char *name, + void *cb_data) +@@ -70,7 +74,6 @@ static void process_tree(struct rev_info *revs, + struct object *obj = &tree->object; + struct tree_desc desc; + struct name_entry entry; +- struct name_path me; + enum interesting match = revs->diffopt.pathspec.nr == 0 ? + all_entries_interesting: entry_not_interesting; + int baselen = base->len; +@@ -86,17 +89,12 @@ static void process_tree(struct rev_info *revs, + return; + die("bad tree object %s", oid_to_hex(&obj->oid)); + } ++ + obj->flags |= SEEN; +- show(obj, path, name, cb_data); +- me.up = path; +- me.elem = name; +- me.elem_len = strlen(name); +- +- if (!match) { +- strbuf_addstr(base, name); +- if (base->len) +- strbuf_addch(base, '/'); +- } ++ strbuf_addstr(base, name); ++ show(obj, base->buf, cb_data); ++ if (base->len) ++ strbuf_addch(base, '/'); + + init_tree_desc(&desc, tree->buffer, tree->size); + +@@ -113,16 +111,16 @@ static void process_tree(struct rev_info *revs, + if (S_ISDIR(entry.mode)) + process_tree(revs, + lookup_tree(entry.sha1), +- show, &me, base, entry.path, ++ show, base, entry.path, + cb_data); + else if (S_ISGITLINK(entry.mode)) + process_gitlink(revs, entry.sha1, +- show, &me, entry.path, ++ show, base, entry.path, + cb_data); + else + process_blob(revs, + lookup_blob(entry.sha1), +- show, &me, entry.path, ++ show, base, entry.path, + cb_data); + } + strbuf_setlen(base, baselen); +@@ -213,19 +211,19 @@ void traverse_commit_list(struct rev_info *revs, + continue; + if (obj->type == OBJ_TAG) { + obj->flags |= SEEN; +- show_object(obj, NULL, name, data); ++ show_object(obj, name, data); + continue; + } + if (!path) + path = ""; + if (obj->type == OBJ_TREE) { + process_tree(revs, (struct tree *)obj, show_object, +- NULL, &base, path, data); ++ &base, path, data); + continue; + } + if (obj->type == OBJ_BLOB) { + process_blob(revs, (struct blob *)obj, show_object, +- NULL, path, data); ++ &base, path, data); + continue; + } + die("unknown pending object %s (%s)", +diff --git list-objects.h list-objects.h +index 136a1da..0cebf85 100644 +--- list-objects.h ++++ list-objects.h +@@ -2,7 +2,7 @@ + #define LIST_OBJECTS_H + + typedef void (*show_commit_fn)(struct commit *, void *); +-typedef void (*show_object_fn)(struct object *, const struct name_path *, const char *, void *); ++typedef void (*show_object_fn)(struct object *, const char *, void *); + void traverse_commit_list(struct rev_info *, show_commit_fn, show_object_fn, void *); + + typedef void (*show_edge_fn)(struct commit *); +diff --git pack-bitmap-write.c pack-bitmap-write.c +index 6bff970..c30bcd0 100644 +--- pack-bitmap-write.c ++++ pack-bitmap-write.c +@@ -148,8 +148,7 @@ static uint32_t find_object_pos(const unsigned char *sha1) + return entry->in_pack_pos; + } + +-static void show_object(struct object *object, const struct name_path *path, +- const char *last, void *data) ++static void show_object(struct object *object, const char *name, void *data) + { + struct bitmap *base = data; + bitmap_set(base, find_object_pos(object->oid.hash)); +diff --git pack-bitmap.c pack-bitmap.c +index dd8dc16..b949e51 100644 +--- pack-bitmap.c ++++ pack-bitmap.c +@@ -414,19 +414,15 @@ static int ext_index_add_object(struct object *object, const char *name) + return bitmap_pos + bitmap_git.pack->num_objects; + } + +-static void show_object(struct object *object, const struct name_path *path, +- const char *last, void *data) ++static void show_object(struct object *object, const char *name, void *data) + { + struct bitmap *base = data; + int bitmap_pos; + + bitmap_pos = bitmap_position(object->oid.hash); + +- if (bitmap_pos < 0) { +- char *name = path_name(path, last); ++ if (bitmap_pos < 0) + bitmap_pos = ext_index_add_object(object, name); +- free(name); +- } + + bitmap_set(base, bitmap_pos); + } +@@ -894,9 +890,8 @@ struct bitmap_test_data { + size_t seen; + }; + +-static void test_show_object(struct object *object, +- const struct name_path *path, +- const char *last, void *data) ++static void test_show_object(struct object *object, const char *name, ++ void *data) + { + struct bitmap_test_data *tdata = data; + int bitmap_pos; +diff --git reachable.c reachable.c +index 43616d4..ed35201 100644 +--- reachable.c ++++ reachable.c +@@ -43,15 +43,14 @@ static int add_one_ref(const char *path, const struct object_id *oid, + * The traversal will have already marked us as SEEN, so we + * only need to handle any progress reporting here. + */ +-static void mark_object(struct object *obj, const struct name_path *path, +- const char *name, void *data) ++static void mark_object(struct object *obj, const char *name, void *data) + { + update_progress(data); + } + + static void mark_commit(struct commit *c, void *data) + { +- mark_object(&c->object, NULL, NULL, data); ++ mark_object(&c->object, NULL, data); + } + + struct recent_data { +diff --git revision.c revision.c +index f24ead5..82f3ca4 100644 +--- revision.c ++++ revision.c +@@ -25,69 +25,13 @@ volatile show_early_output_fn_t show_early_output; + static const char *term_bad; + static const char *term_good; + +-char *path_name(const struct name_path *path, const char *name) +-{ +- const struct name_path *p; +- char *n, *m; +- int nlen = strlen(name); +- int len = nlen + 1; +- +- for (p = path; p; p = p->up) { +- if (p->elem_len) +- len += p->elem_len + 1; +- } +- n = xmalloc(len); +- m = n + len - (nlen + 1); +- memcpy(m, name, nlen + 1); +- for (p = path; p; p = p->up) { +- if (p->elem_len) { +- m -= p->elem_len + 1; +- memcpy(m, p->elem, p->elem_len); +- m[p->elem_len] = '/'; +- } +- } +- return n; +-} +- +-static int show_path_component_truncated(FILE *out, const char *name, int len) +-{ +- int cnt; +- for (cnt = 0; cnt < len; cnt++) { +- int ch = name[cnt]; +- if (!ch || ch == '\n') +- return -1; +- fputc(ch, out); +- } +- return len; +-} +- +-static int show_path_truncated(FILE *out, const struct name_path *path) +-{ +- int emitted, ours; +- +- if (!path) +- return 0; +- emitted = show_path_truncated(out, path->up); +- if (emitted < 0) +- return emitted; +- if (emitted) +- fputc('/', out); +- ours = show_path_component_truncated(out, path->elem, path->elem_len); +- if (ours < 0) +- return ours; +- return ours || emitted; +-} +- +-void show_object_with_name(FILE *out, struct object *obj, +- const struct name_path *path, const char *component) ++void show_object_with_name(FILE *out, struct object *obj, const char *name) + { +- struct name_path leaf; +- leaf.up = (struct name_path *)path; +- leaf.elem = component; +- leaf.elem_len = strlen(component); ++ const char *p; + + fprintf(out, "%s ", oid_to_hex(&obj->oid)); +- show_path_truncated(out, &leaf); ++ for (p = name; *p && *p != '\n'; p++) ++ fputc(*p, out); + fputc('\n', out); + } + +diff --git revision.h revision.h +index 23857c0..dca0d38 100644 +--- revision.h ++++ revision.h +@@ -257,16 +257,9 @@ extern void put_revision_mark(const struct rev_info *revs, + extern void mark_parents_uninteresting(struct commit *commit); + extern void mark_tree_uninteresting(struct tree *tree); + +-struct name_path { +- struct name_path *up; +- int elem_len; +- const char *elem; +-}; +- +-char *path_name(const struct name_path *path, const char *name); ++char *path_name(struct strbuf *path, const char *name); + +-extern void show_object_with_name(FILE *, struct object *, +- const struct name_path *, const char *); ++extern void show_object_with_name(FILE *, struct object *, const char *); + + extern void add_pending_object(struct rev_info *revs, + struct object *obj, const char *name); diff --git a/srcpkgs/git/template b/srcpkgs/git/template index a8044b61515..b9fef44fde4 100644 --- a/srcpkgs/git/template +++ b/srcpkgs/git/template @@ -1,7 +1,7 @@ # Template file for "git" pkgname=git version=2.7.3 -revision=1 +revision=2 build_style=gnu-configure configure_args="--with-curl --with-expat --with-tcltk --with-libpcre ac_cv_fread_reads_directories=no ac_cv_snprintf_returns_bogus=no"