Fix problem when a program piping into less reads from the tty, like sudo asking for password

2024-04-29 11:38:20 +08:00 · 2024-04-29 11:38:20 +08:00 · 2742c5cf47
commit 2742c5cf47
parent c7a8f94b76
4 changed files with 116 additions and 1 deletions
--- a/backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch
+++ b/backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch
@ -0,0 +1,35 @@
+From c8df315c742fc470e766244ce8efe305a98d720a Mon Sep 17 00:00:00 2001
+From: Mark Nudelman <markn@greenwoodsoftware.com>
+Date: Sun, 28 May 2023 15:28:42 -0700
+Subject: [PATCH] Avoid stealing data from an input program that uses the tty
+ at startup, like sudo.
+
+---
+ os.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/os.c b/os.c
+index af95834..7206277 100644
+--- a/os.c
+++ b/os.c
+@@ -114,6 +114,8 @@ static int check_poll(int fd, int tty)
+ {
+ 	struct pollfd poller[2] = { { fd, POLLIN, 0 }, { tty, POLLIN, 0 } };
+ 	int timeout = (waiting_for_data && !(scanning_eof && follow_mode == FOLLOW_NAME)) ? -1 : waiting_for_data_delay;
+	if (!any_data)
+		return (0);
+ 	poll(poller, 2, timeout);
+ #if LESSTEST
+ 	if (ttyin_name == NULL) /* Check for ^X only on a real tty. */
+@@ -136,7 +138,7 @@ static int check_poll(int fd, int tty)
+ 	 * to allow a program piping data into less to have temporary
+ 	 * access to the tty (like sudo asking for a password).
+ 	 */
+-	if (any_data && (poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0)
+	if ((poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0)
+ 		/* No data available; let caller take action, then try again. */
+ 		return (READ_AGAIN);
+ 	/* There is data (or HUP/ERR) available. Safe to call read() without blocking. */
+-- 
+2.33.0
+
--- a/backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch
+++ b/backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch
@ -0,0 +1,49 @@
+From 5e93b7b4f99c3cdda3ab38d19fbf20b17f2536f7 Mon Sep 17 00:00:00 2001
+From: Mark Nudelman <markn@greenwoodsoftware.com>
+Date: Sat, 27 May 2023 18:56:08 -0700
+Subject: [PATCH] Don't return READ_AGAIN from iread if no data has yet been
+ received, to allow a program piping data into less to have temporary access
+ to the tty (like sudo asking for a password).
+
+---
+ os.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/os.c b/os.c
+index 56e3bf3..7f2d692 100644
+--- a/os.c
+++ b/os.c
+@@ -72,6 +72,7 @@ public int consecutive_nulls = 0;
+ /* Milliseconds to wait for data before displaying "waiting for data" message. */
+ static int waiting_for_data_delay = 4000;
+ static jmp_buf read_label;
+static int any_data = FALSE;
+ 
+ extern int sigs;
+ extern int ignore_eoi;
+@@ -130,7 +131,12 @@ static int check_poll(int fd, int tty)
+ 	if (ignore_eoi && exit_F_on_close && (poller[0].revents & (POLLHUP|POLLIN)) == POLLHUP)
+ 		/* Break out of F loop on HUP due to --exit-follow-on-close. */
+ 		return (READ_INTR);
+-	if ((poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0)
+	/*
+	 * Don't return READ_AGAIN if no data has yet been received,
+	 * to allow a program piping data into less to have temporary
+	 * access to the tty (like sudo asking for a password).
+	 */
+	if (any_data && (poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0)
+ 		/* No data available; let caller take action, then try again. */
+ 		return (READ_AGAIN);
+ 	/* There is data (or HUP/ERR) available. Safe to call read() without blocking. */
+@@ -282,6 +288,8 @@ start:
+ #endif
+ 		return (READ_ERR);
+ 	}
+	if (n > 0)
+		any_data = TRUE;
+ 	return (n);
+ }
+ 
+-- 
+2.33.0
+
--- a/backport-Fix-for-previous-fix.patch
+++ b/backport-Fix-for-previous-fix.patch
@ -0,0 +1,25 @@
+From fd2a746b7c967c9f8d3739daf6701f8d3267442f Mon Sep 17 00:00:00 2001
+From: Mark Nudelman <markn@greenwoodsoftware.com>
+Date: Sun, 28 May 2023 12:07:31 -0700
+Subject: [PATCH] Fix for previous fix.
+
+---
+ os.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/os.c b/os.c
+index 7f2d692..af95834 100644
+--- a/os.c
+++ b/os.c
+@@ -288,7 +288,7 @@ start:
+ #endif
+ 		return (READ_ERR);
+ 	}
+-	if (n > 0)
+	if (fd != tty && n > 0)
+ 		any_data = TRUE;
+ 	return (n);
+ }
+-- 
+2.33.0
+
--- a/less.spec
+++ b/less.spec
@ -1,6 +1,6 @@
 Name:		less
 Version:	633
-Release:        2
+Release:        3
 Summary:	Less is a pager that displays text files.
 License:	GPLv3+ or BSD
 URL:		http://www.greenwoodsoftware.com/less
@ -10,6 +10,9 @@ Patch1:         less-475-fsync.patch
 Patch2:         backport-Some-constifying.patch
 Patch3:         backport-Implement-osc8_open.patch
 Patch4:         backport-CVE-2024-32487.patch
+Patch5:         backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch
+Patch6:         backport-Fix-for-previous-fix.patch
+Patch7:         backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch

 BuildRequires:	gcc make ncurses-devel autoconf automake libtool

@ -48,6 +51,9 @@ autoreconf -ivf
 %{_mandir}/man1/*

 %changelog
+* Mon Apr 29 2024 huyubiao <huyubiao@huawei.com> - 633-3
+- fix problem when a program piping into less reads from the tty, like sudo asking for password
+
 * Mon Apr 22 2024 wangjiang <wangjiang37@h-partners.com> - 633-2
 - fix CVE-2024-32487