minix/usr.bin/patch
David van Moolenbroek d8127f841f patch(1): fix arbitrary code execution bug
This is the combination of two NetBSD patches committed by Christos
Zoulas, based on the findings and Bitrig patch by Martin Natano.
The NetBSD log messages read:

  From Martin Natano @bitrig: Use execve(2) instead of system to
  apply patches that require rcs command execution instead system(3)
  to avoid malicious filenames in patches causing bad things to
  happen. In the process, lose SCCS support. It is not like we are
  shipping sccs commands for that to work.

And:

  Use absolute paths for RCS commands (Martin Natano)

Change-Id: Id44bd59a5a6bc6cd95d1e1fae468bd718cfff2db
2015-07-26 15:53:47 +00:00
..
backupfile.c updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
backupfile.h updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
common.h patch(1): fix arbitrary code execution bug 2015-07-26 15:53:47 +00:00
inp.c patch(1): fix arbitrary code execution bug 2015-07-26 15:53:47 +00:00
inp.h updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
Makefile updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
mkpath.c updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
patch.1 updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
patch.c updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
pathnames.h updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
pch.c updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
pch.h updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
util.c updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00
util.h updating bsd patch, moving it back to usr.bin 2014-07-28 17:05:08 +02:00