rpms/grub2
8
0
Fork 0
mirror of https://src.fedoraproject.org/rpms/grub2.git synced 2024-11-24 22:35:28 +00:00
Code Issues 24 Projects 4 Releases Packages Wiki Activity Actions
grub2/0196-blscfg-Add-support-for-sorting-the-plus-higher-than-.patch
Peter Jones 3b94406a9e "Minor" bug fixes 
CVE-2020-10713
  CVE-2020-14308
  CVE-2020-14309
  CVE-2020-14310
  CVE-2020-14311
  CVE-2020-15705
  CVE-2020-15706
  CVE-2020-15707

Signed-off-by: Peter Jones <pjones@redhat.com>
2020-07-29 13:39:24 -04:00

62 lines
2.1 KiB
Diff
Raw Blame History

From 42fedf2e00e13b7900f3e05c45bcdd87b58cc952 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Mon, 4 Nov 2019 17:33:30 +0100
Subject: [PATCH 196/237] blscfg: Add support for sorting the plus ('+') higher
than base version
Handle plus separator. Concept is the same as tilde, except that if one of
the strings ends (base version), the other is considered as higher version.
A plus character is used for example by the Linux kernel build system to
denote that is the base version plus some changes on top of it.
Currently for example rpmvercmp("5.3.0", "5.3.0+") will return 0 even when
the two versions are not the same.
Resolves: rhbz#1767395
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/commands/blscfg.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/grub-core/commands/blscfg.c b/grub-core/commands/blscfg.c
index 1504be30e8e..286a5b88d12 100644
--- a/grub-core/commands/blscfg.c
+++ b/grub-core/commands/blscfg.c
@@ -163,8 +163,8 @@ static int vercmp(const char * a, const char * b)
/* loop through each version segment of str1 and str2 and compare them */
while (*one || *two) {
- while (*one && !grub_isalnum(*one) && *one != '~') one++;
- while (*two && !grub_isalnum(*two) && *two != '~') two++;
+ while (*one && !grub_isalnum(*one) && *one != '~' && *one != '+') one++;
+ while (*two && !grub_isalnum(*two) && *two != '~' && *two != '+') two++;
/* handle the tilde separator, it sorts before everything else */
if (*one == '~' || *two == '~') {
@@ -175,6 +175,21 @@ static int vercmp(const char * a, const char * b)
continue;
}
+ /*
+ * Handle plus separator. Concept is the same as tilde,
+ * except that if one of the strings ends (base version),
+ * the other is considered as higher version.
+ */
+ if (*one == '+' || *two == '+') {
+ if (!*one) return -1;
+ if (!*two) return 1;
+ if (*one != '+') goto_return (1);
+ if (*two != '+') goto_return (-1);
+ one++;
+ two++;
+ continue;
+ }
+
/* If we ran to the end of either, we are finished with the loop */
if (!(*one && *two)) break;
--
2.26.2
Reference in a new issue View git blame Copy permalink