[Pkg-electronics-commits] [pcb-rnd] 04/08: exec bug fix already in new upstream version

Bdale Garbee bdale at moszumanska.debian.org
Fri Oct 13 03:56:27 UTC 2017 

This is an automated email from the git hooks/post-receive script.

bdale pushed a commit to branch master
in repository pcb-rnd.

commit 7540a6401aa01dd7ca08867d3162df7c1e3dff49
Author: Bdale Garbee <bdale at gag.com>
Date:   Thu Oct 12 18:03:40 2017 -0600

    exec bug fix already in new upstream version
---
 debian/patches/exec-bug.diff | 253 -------------------------------------------
 debian/patches/series        |   1 -
 2 files changed, 254 deletions(-)

diff --git a/debian/patches/exec-bug.diff b/debian/patches/exec-bug.diff
deleted file mode 100644
index 406b018..0000000
--- a/debian/patches/exec-bug.diff
+++ /dev/null
@@ -1,253 +0,0 @@
-diff --git a/src/conf.c b/src/conf.c
-index 17bfb41..92449d4 100644
---- a/src/conf.c
-+++ b/src/conf.c
-@@ -1869,3 +1869,65 @@ void conf_setf(conf_role_t role, const char *path, int idx, const char *fmt, ...
- 
- 	free(tmp);
- }
-+
-+int pcb_conf_cmd_is_safe_(const char *path_, const char *value, const char **val_out, int msg)
-+{
-+	const char *reason;
-+	conf_native_t *nd;
-+	char *path, *s;
-+
-+	if (val_out != NULL)
-+		*val_out = NULL;
-+
-+	if (value == NULL)
-+		goto accept;
-+
-+	path = pcb_strdup(path_);
-+	for(s = path; *s != '\0'; s++)
-+		if (*s == '.')
-+			*s = '/';
-+	nd = conf_get_field(path);
-+	free(path);
-+
-+	if (nd == NULL) {
-+		if (msg)
-+			pcb_message(PCB_MSG_ERROR, "pcb_conf_cmd_is_safe(): invalid node path '%s' (looks like an internal error)\n", path_);
-+		return 0;
-+	}
-+
-+	if (nd->array_size > 1) {
-+		if (msg)
-+			pcb_message(PCB_MSG_ERROR, "pcb_conf_cmd_is_safe(): invalid node path '%s' (it is an array)\n", path_);
-+		return 0;
-+	}
-+
-+	switch(conf_lookup_role(nd->prop[0].src)) {
-+		/* these are considered safe, because: */
-+		case CFR_INTERNAL: /* the attacker would have access to the source code and compilation, could place system() anyway */
-+		case CFR_SYSTEM:   /* system admin - lets trust them */
-+		case CFR_USER:     /* user config is written by the user, attackers have no better chance to overwrite that than overwriting the the shell's rc */
-+		case CFR_CLI:      /* command line arguments: the user specified those; who has access to that potentially has access to the shell anyway */
-+			goto accept;
-+
-+		/* these are considered unsafe, because: */
-+		case CFR_DEFAULTPCB: /* the default pcb path may be manipulated; the user has the chance to specify the command path setting from safe config files */
-+			reason = "default pcb"; break;
-+		case CFR_ENV: /* env vars may be inherited from who-knows-where */
-+			reason = "env var"; break;
-+		case CFR_PROJECT: /* malicous file prepared by the attacker */
-+			reason = "project file"; break;
-+		case CFR_DESIGN: /* malicous file prepared by the attacker */
-+			reason = "board file"; break;
-+		default:
-+			reason = "unknown source";
-+	}
-+
-+	if (msg)
-+		pcb_message(PCB_MSG_ERROR, "pcb_conf_cmd_is_safe(): refusing to use the value of '%s' because it is from unsafe source %s\n", path_, reason);
-+	return 0;
-+
-+	accept:;
-+	if (val_out != NULL)
-+		*val_out = value;
-+	return 1;
-+}
-diff --git a/src/conf.h b/src/conf.h
-index e1b62ec..8e2a143 100644
---- a/src/conf.h
-+++ b/src/conf.h
-@@ -366,4 +366,10 @@ const char *conf_get_user_conf_name();
- /* Determine the file name of the project file - project_fn and pcb_fn can be NULL */
- const char *conf_get_project_conf_name(const char *project_fn, const char *pcb_fn, const char **out_project_fn);
- 
-+/* Return 1 if the config node named in path is considered safe enough
-+   to specify a command to execute - e.g. an attacker shouldn't be able to
-+   inject commands in design files sent */
-+int pcb_conf_cmd_is_safe_(const char *path, const char *value, const char **val_out, int msg);
-+#define pcb_conf_cmd_is_safe(path, val_out, msg) pcb_conf_cmd_is_safe_(#path, conf_core.path, val_out, msg)
-+
- #endif
-diff --git a/src/plug_io.c b/src/plug_io.c
-index b51a284..9251b49 100644
---- a/src/plug_io.c
-+++ b/src/plug_io.c
-@@ -48,6 +48,7 @@
- #include <string.h>
- 
- #include "change.h"
-+#include "conf.h"
- #include "data.h"
- #include "error.h"
- #include "plug_io.h"
-@@ -896,13 +897,17 @@ int pcb_write_pipe(const char *Filename, pcb_bool thePcb, const char *fmt, pcb_b
- 	int result;
- 	const char *p;
- 	static gds_t command;
-+	const char *save_cmd;
- 
- 	if (PCB_EMPTY_STRING_P(conf_core.rc.save_command))
- 		return pcb_write_pcb_file(Filename, thePcb, fmt, pcb_false, elem_only);
- 
-+	if (!pcb_conf_cmd_is_safe(rc.save_command, &save_cmd, 1))
-+		return -1;
-+
- 	/* setup commandline */
- 	gds_truncate(&command,0);
--	for (p = conf_core.rc.save_command; *p; p++) {
-+	for (p = save_cmd; *p; p++) {
- 		/* copy character if not special or add string to command */
- 		if (!(p[0] == '%' && p[1] == 'f'))
- 			gds_append(&command, *p);
-diff --git a/src_plugins/fp_fs/fp_fs.c b/src_plugins/fp_fs/fp_fs.c
-index 4d6d153..d592f55 100644
---- a/src_plugins/fp_fs/fp_fs.c
-+++ b/src_plugins/fp_fs/fp_fs.c
-@@ -464,7 +464,9 @@ static FILE *fp_fs_fopen(pcb_plug_fp_t *ctx, const char *path, const char *name,
- {
- 	char *basename, *params, *fullname;
- 	FILE *f = NULL;
--	const char *libshell = conf_core.rc.library_shell;
-+	const char *libshell;
-+
-+	pcb_conf_cmd_is_safe(rc.library_shell, &libshell, 1);
- 
- 	fctx->field[F_IS_PARAMETRIC].i = pcb_fp_dupname(name, &basename, &params);
- 	if (basename == NULL)
-diff --git a/src_plugins/import_netlist/import_netlist.c b/src_plugins/import_netlist/import_netlist.c
-index 27c3af3..60f5a9e 100644
---- a/src_plugins/import_netlist/import_netlist.c
-+++ b/src_plugins/import_netlist/import_netlist.c
-@@ -58,13 +58,16 @@ static int ReadNetlist(const char *filename)
- 	int i, j, lines, kind;
- 	pcb_bool continued;
- 	int used_popen = 0;
-+	const char *ratcmd;
- 
- 	if (!filename)
- 		return (1);									/* nothing to do */
- 
- 	pcb_message(PCB_MSG_INFO, _("Importing PCB netlist %s\n"), filename);
- 
--	if (PCB_EMPTY_STRING_P(conf_core.rc.rat_command)) {
-+	pcb_conf_cmd_is_safe(rc.rat_command, &ratcmd, 1);
-+
-+	if (PCB_EMPTY_STRING_P(ratcmd)) {
- 		fp = fopen(filename, "r");
- 		if (!fp) {
- 			pcb_message(PCB_MSG_ERROR, "Cannot open %s for reading", filename);
-diff --git a/src_plugins/io_pcb/parse_l.c b/src_plugins/io_pcb/parse_l.c
-index b8bf493..7d46b23 100644
---- a/src_plugins/io_pcb/parse_l.c
-+++ b/src_plugins/io_pcb/parse_l.c
-@@ -2516,6 +2516,7 @@ do { \
- int io_pcb_ParsePCB(pcb_plug_io_t *ctx, pcb_board_t *Ptr, const char *Filename, conf_role_t settings_dest)
- {
- 	int retval;
-+	const char *fcmd;
- 	yy_parse_tags = 0;
- 	yyPCB = Ptr;
- 	yyData = NULL;
-@@ -2524,10 +2525,15 @@ int io_pcb_ParsePCB(pcb_plug_io_t *ctx, pcb_board_t *Ptr, const char *Filename,
- 	yyFontkitValid = NULL;
- 	yyElement = NULL;
- 	yy_settings_dest = settings_dest;
-+
-+	if (!pcb_conf_cmd_is_safe(rc.file_command, &fcmd, 1))
-+		return -1;
-+
- 	if (settings_dest != CFR_invalid)
- 		conf_reset(settings_dest, Filename);
- 	pcb_setlocale(LC_ALL, "C"); /* make sure numerics are read predictably */
--	retval = Parse(NULL, conf_core.rc.file_command, conf_core.rc.file_path, Filename);
-+
-+	retval = Parse(NULL, fcmd, conf_core.rc.file_path, Filename);
- 	pcb_setlocale(LC_ALL, "");
- 	if ((settings_dest != CFR_invalid) && (retval == 0)) {
- 		/* overwrite settings from the flags, mark them not-to-save */
-@@ -2593,6 +2599,7 @@ int io_pcb_ParsePCB(pcb_plug_io_t *ctx, pcb_board_t *Ptr, const char *Filename,
- int io_pcb_ParseFont(pcb_plug_io_t *ctx, pcb_font_t *Ptr, const char *Filename)
- {
- 	int r = 0, valid;
-+	const char *fcmd;
- 	yy_parse_tags = 1;
- 	yyPCB = NULL;
- 	yyFont = Ptr;
-@@ -2600,8 +2607,11 @@ int io_pcb_ParseFont(pcb_plug_io_t *ctx, pcb_font_t *Ptr, const char *Filename)
- 	yyElement = NULL;
- 	yyFontReset = pcb_false;
- 
-+	if (!pcb_conf_cmd_is_safe(rc.font_command, &fcmd, 1))
-+		return -1;
-+
- 	yy_settings_dest = CFR_invalid;
--	r = Parse(NULL, conf_core.rc.font_command, NULL, Filename);
-+	r = Parse(NULL, fcmd, NULL, Filename);
- 	if (r == 0) {
- #ifdef DEBUG
- 		pcb_message(PCB_MSG_DEBUG, "Found %s in %s\n", Filename, conf_core.rc.font_command);
-diff --git a/src_plugins/io_pcb/parse_l.l b/src_plugins/io_pcb/parse_l.l
-index 66bc301..76174be 100644
---- a/src_plugins/io_pcb/parse_l.l
-+++ b/src_plugins/io_pcb/parse_l.l
-@@ -375,6 +375,7 @@ do { \
- int io_pcb_ParsePCB(pcb_plug_io_t *ctx, pcb_board_t *Ptr, const char *Filename, conf_role_t settings_dest)
- {
- 	int retval;
-+	const char *fcmd;
- 	yy_parse_tags = 0;
- 	yyPCB = Ptr;
- 	yyData = NULL;
-@@ -383,10 +384,15 @@ int io_pcb_ParsePCB(pcb_plug_io_t *ctx, pcb_board_t *Ptr, const char *Filename,
- 	yyFontkitValid = NULL;
- 	yyElement = NULL;
- 	yy_settings_dest = settings_dest;
-+
-+	if (!pcb_conf_cmd_is_safe(rc.file_command, &fcmd, 1))
-+		return -1;
-+
- 	if (settings_dest != CFR_invalid)
- 		conf_reset(settings_dest, Filename);
- 	pcb_setlocale(LC_ALL, "C"); /* make sure numerics are read predictably */
--	retval = Parse(NULL, conf_core.rc.file_command, conf_core.rc.file_path, Filename);
-+
-+	retval = Parse(NULL, fcmd, conf_core.rc.file_path, Filename);
- 	pcb_setlocale(LC_ALL, "");
- 	if ((settings_dest != CFR_invalid) && (retval == 0)) {
- 		/* overwrite settings from the flags, mark them not-to-save */
-@@ -452,6 +458,7 @@ int io_pcb_ParsePCB(pcb_plug_io_t *ctx, pcb_board_t *Ptr, const char *Filename,
- int io_pcb_ParseFont(pcb_plug_io_t *ctx, pcb_font_t *Ptr, const char *Filename)
- {
- 	int r = 0, valid;
-+	const char *fcmd;
- 	yy_parse_tags = 1;
- 	yyPCB = NULL;
- 	yyFont = Ptr;
-@@ -459,8 +466,11 @@ int io_pcb_ParseFont(pcb_plug_io_t *ctx, pcb_font_t *Ptr, const char *Filename)
- 	yyElement = NULL;
- 	yyFontReset = pcb_false;
- 
-+	if (!pcb_conf_cmd_is_safe(rc.font_command, &fcmd, 1))
-+		return -1;
-+
- 	yy_settings_dest = CFR_invalid;
--	r = Parse(NULL, conf_core.rc.font_command, NULL, Filename);
-+	r = Parse(NULL, fcmd, NULL, Filename);
- 	if (r == 0) {
- #ifdef DEBUG
- 		pcb_message(PCB_MSG_DEBUG, "Found %s in %s\n", Filename, conf_core.rc.font_command);
diff --git a/debian/patches/series b/debian/patches/series
index b477798..e69de29 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +0,0 @@
-exec-bug.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-electronics/pcb-rnd.git

More information about the Pkg-electronics-commits mailing list