Merge pull request #213041 from LeSuisse/tmux-CVE-2022-47016
tmux: apply patch for CVE-2022-47016
This commit is contained in:
Martin Weinelt
GitHub
commit
95ed1ad745
2 changed files with 77 additions and 0 deletions
72
pkgs/tools/misc/tmux/CVE-2022-47016.patch
Normal file
72
pkgs/tools/misc/tmux/CVE-2022-47016.patch
Normal file
|
|
@ -0,0 +1,72 @@
|
|||
From 01f753df5dc269cf054b94c3f210aa880872d602 Mon Sep 17 00:00:00 2001
|
||||
From: nicm <nicm>
|
||||
Date: Wed, 24 Aug 2022 07:22:30 +0000
|
||||
Subject: [PATCH] Check for NULL returns from bufferevent_new.
|
||||
|
||||
(cherry picked from commit e86752820993a00e3d28350cbe46878ba95d9012)
|
||||
---
|
||||
control.c | 4 ++++
|
||||
file.c | 4 ++++
|
||||
window.c | 2 ++
|
||||
3 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/control.c b/control.c
|
||||
index 73286e00..6183a006 100644
|
||||
--- a/control.c
|
||||
+++ b/control.c
|
||||
@@ -775,6 +775,8 @@ control_start(struct client *c)
|
||||
|
||||
cs->read_event = bufferevent_new(c->fd, control_read_callback,
|
||||
control_write_callback, control_error_callback, c);
|
||||
+ if (cs->read_event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
bufferevent_enable(cs->read_event, EV_READ);
|
||||
|
||||
if (c->flags & CLIENT_CONTROLCONTROL)
|
||||
@@ -782,6 +784,8 @@ control_start(struct client *c)
|
||||
else {
|
||||
cs->write_event = bufferevent_new(c->out_fd, NULL,
|
||||
control_write_callback, control_error_callback, c);
|
||||
+ if (cs->write_event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
}
|
||||
bufferevent_setwatermark(cs->write_event, EV_WRITE, CONTROL_BUFFER_LOW,
|
||||
0);
|
||||
diff --git a/file.c b/file.c
|
||||
index b2f155fe..04a907bf 100644
|
||||
--- a/file.c
|
||||
+++ b/file.c
|
||||
@@ -585,6 +585,8 @@ file_write_open(struct client_files *files, struct tmuxpeer *peer,
|
||||
|
||||
cf->event = bufferevent_new(cf->fd, NULL, file_write_callback,
|
||||
file_write_error_callback, cf);
|
||||
+ if (cf->event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
bufferevent_enable(cf->event, EV_WRITE);
|
||||
goto reply;
|
||||
|
||||
@@ -744,6 +746,8 @@ file_read_open(struct client_files *files, struct tmuxpeer *peer,
|
||||
|
||||
cf->event = bufferevent_new(cf->fd, file_read_callback, NULL,
|
||||
file_read_error_callback, cf);
|
||||
+ if (cf->event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
bufferevent_enable(cf->event, EV_READ);
|
||||
return;
|
||||
|
||||
diff --git a/window.c b/window.c
|
||||
index c0cd9bdc..294a1f08 100644
|
||||
--- a/window.c
|
||||
+++ b/window.c
|
||||
@@ -1042,6 +1042,8 @@ window_pane_set_event(struct window_pane *wp)
|
||||
|
||||
wp->event = bufferevent_new(wp->fd, window_pane_read_callback,
|
||||
NULL, window_pane_error_callback, wp);
|
||||
+ if (wp->event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
wp->ictx = input_init(wp, wp->event, &wp->palette);
|
||||
|
||||
bufferevent_enable(wp->event, EV_READ|EV_WRITE);
|
||||
--
|
||||
2.39.1
|
||||
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, autoreconfHook
|
||||
, bison
|
||||
, libevent
|
||||
|
|
@ -35,6 +36,10 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "sha256-SygHxTe7N4y7SdzKixPFQvqRRL57Fm8zWYHfTpW+yVY=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./CVE-2022-47016.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
autoreconfHook
|
||||
|
|
|
|||
Loading…
Reference in a new issue