master

分支 (24)

标签 (19)

管理

管理

master

openEuler-20.03-LTS-SP4

openEuler-24.09

openEuler-24.03-LTS-Next

openEuler-24.03-LTS

openEuler-22.03-LTS-Next

openEuler-22.03-LTS-SP2

openEuler-22.03-LTS-SP3

openEuler-22.03-LTS-SP4

openEuler-20.03-LTS-SP1

openEuler-23.09

openEuler-22.03-LTS-SP1

openEuler-20.03-LTS-SP3

openEuler-22.03-LTS

openEuler-23.03

openEuler-22.09

openEuler-21.03

openEuler-20.03-LTS-Next

openEuler-20.03-LTS-SP2

openEuler-20.03-LTS

openEuler-22.03-LTS-SP4-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

openEuler-20.09-20200929

openEuler-20.03-LTS-20200606

openEuler-20.03-LTS-tag

sed
/
backport-sed-fix-symlink-bufsize-read...

From 8f600f2df293d539e9e9137f6f82faa1633b97c1 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sat, 17 Dec 2022 20:56:29 -0800
Subject: [PATCH] sed: fix symlink bufsize readlink check

Problem reported by Hauke Mehrtens.
* sed/utils.c (follow_symlink): Fix typo when checking size of
second and later symlink, when that symlink is so large that it
does not fit into the buffer.  Although the bug is not a buffer
overflow, it does cause sed to mishandle the symlink.
* testsuite/follow-symlinks.sh: Test for the bug.
---
 NEWS                         |  8 ++++++++
 sed/utils.c                  |  2 +-
 testsuite/follow-symlinks.sh | 13 +++++++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index b3db3bc..85a8db9 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,13 @@
 GNU sed NEWS                                    -*- outline -*-

+* Noteworthy changes in release ?.? (????-??-??) [?]
+
+** Bug fixes
+
+  'sed --follow-symlinks -i' no longer mishandles an operand that is a
+  short symbolic link to a long symbolic link to a file.
+  [bug introduced in sed 4.9]
+
 * Noteworthy changes in release 4.9 (2022-11-06) [stable]

 ** Bug fixes
diff --git a/sed/utils.c b/sed/utils.c
index 2952e8b..1ccda42 100644
--- a/sed/utils.c
+++ b/sed/utils.c
@@ -346,7 +346,7 @@ follow_symlink (const char *fname)
       while ((linklen = (buf_used < buf_size
                          ? readlink (fn, buf + buf_used, buf_size - buf_used)
                          : 0))
-             == buf_size)
+             == buf_size - buf_used)
         {
           buf = xpalloc (buf, &buf_size, 1, SSIZE_IDX_MAX, 1);
           if (num_links)
diff --git a/testsuite/follow-symlinks.sh b/testsuite/follow-symlinks.sh
index 880a80e..c418804 100644
--- a/testsuite/follow-symlinks.sh
+++ b/testsuite/follow-symlinks.sh
@@ -73,4 +73,17 @@ compare_ exp-la-abs out-la-abs || fail=1
 ln -s la-loop la-loop || framework_failure_
 sed --follow-symlinks -i s/a/b/ la-loop && fail=1

+# symlink of length 128
+long=d/
+for i in 2 3 4 5 6 7; do
+  long=$long$long
+done
+dir=${long%/d/}
+file=$dir/xx
+mkdir -p $dir &&
+echo x >$file &&
+ln -s $file yy &&
+ln -s yy xx || framework_failure_
+sed -i --follow-symlinks s/x/y/ xx || fail=1
+
 Exit $fail
--
2.23.0