GNU bug report logs - #59544
[PATCH] Fixed lib-src/etags.c command execute vulnerability

Previous Next

Package: emacs;

Reported by: "lux" <lx <at> shellcodes.org>

Date: Thu, 24 Nov 2022 15:28:02 UTC

Severity: normal

Tags: patch, security

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #88 received at 59544 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: lux <lx <at> shellcodes.org>
Cc: 59544 <at> debbugs.gnu.org, stefankangas <at> gmail.com
Subject: Re: bug#59544: [PATCH] Fixed lib-src/etags.c command execute
 vulnerability
Date: Sun, 27 Nov 2022 16:15:38 +0200

> Date: Sun, 27 Nov 2022 14:35:01 +0800
> Cc: stefankangas <at> gmail.com, 59544 <at> debbugs.gnu.org
> From: lux <lx <at> shellcodes.org>
> 
> The `rename` function, if trying to rename a file across filesystem or 
> device, it's not work, and give the EXDEV erorr:
> 
>      Invalid cross-device link
> 
> So, I add a new function `do_move_file`: if the rename fails, copy a new 
> file, and unlink source file.

Thanks, I installed this.

But something is wrong with the 2 new tests: they fail.  I replaced the
"good" files with the ones I get on my system, but the test fails on another
system.  Could you please look into the test failures and find a fix?

This bug report was last modified 2 years and 129 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #59544 [PATCH] Fixed lib-src/etags.c command execute vulnerability

GNU bug report logs - #59544
[PATCH] Fixed lib-src/etags.c command execute vulnerability