fix CVE-2022-47016
This commit is contained in:
zhouwenpei
parent
7acc64fb2e
commit
8fbc83321e
70
backport-CVE-2022-47016.patch
Normal file
70
backport-CVE-2022-47016.patch
Normal file
@ -0,0 +1,70 @@
|
||||
From e86752820993a00e3d28350cbe46878ba95d9012 Mon Sep 17 00:00:00 2001
|
||||
From: nicm <nicm>
|
||||
Date: Wed, 24 Aug 2022 07:22:30 +0000
|
||||
Subject: [PATCH] Check for NULL returns from bufferevent_new.
|
||||
|
||||
---
|
||||
control.c | 4 ++++
|
||||
file.c | 4 ++++
|
||||
window.c | 2 ++
|
||||
3 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/control.c b/control.c
|
||||
index 73286e0..6183a00 100644
|
||||
--- a/control.c
|
||||
+++ b/control.c
|
||||
@@ -775,6 +775,8 @@ control_start(struct client *c)
|
||||
|
||||
cs->read_event = bufferevent_new(c->fd, control_read_callback,
|
||||
control_write_callback, control_error_callback, c);
|
||||
+ if (cs->read_event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
bufferevent_enable(cs->read_event, EV_READ);
|
||||
|
||||
if (c->flags & CLIENT_CONTROLCONTROL)
|
||||
@@ -782,6 +784,8 @@ control_start(struct client *c)
|
||||
else {
|
||||
cs->write_event = bufferevent_new(c->out_fd, NULL,
|
||||
control_write_callback, control_error_callback, c);
|
||||
+ if (cs->write_event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
}
|
||||
bufferevent_setwatermark(cs->write_event, EV_WRITE, CONTROL_BUFFER_LOW,
|
||||
0);
|
||||
diff --git a/file.c b/file.c
|
||||
index b2f155f..04a907b 100644
|
||||
--- a/file.c
|
||||
+++ b/file.c
|
||||
@@ -585,6 +585,8 @@ file_write_open(struct client_files *files, struct tmuxpeer *peer,
|
||||
|
||||
cf->event = bufferevent_new(cf->fd, NULL, file_write_callback,
|
||||
file_write_error_callback, cf);
|
||||
+ if (cf->event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
bufferevent_enable(cf->event, EV_WRITE);
|
||||
goto reply;
|
||||
|
||||
@@ -744,6 +746,8 @@ file_read_open(struct client_files *files, struct tmuxpeer *peer,
|
||||
|
||||
cf->event = bufferevent_new(cf->fd, file_read_callback, NULL,
|
||||
file_read_error_callback, cf);
|
||||
+ if (cf->event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
bufferevent_enable(cf->event, EV_READ);
|
||||
return;
|
||||
|
||||
diff --git a/window.c b/window.c
|
||||
index c0cd9bd..294a1f0 100644
|
||||
--- a/window.c
|
||||
+++ b/window.c
|
||||
@@ -1042,6 +1042,8 @@ window_pane_set_event(struct window_pane *wp)
|
||||
|
||||
wp->event = bufferevent_new(wp->fd, window_pane_read_callback,
|
||||
NULL, window_pane_error_callback, wp);
|
||||
+ if (wp->event == NULL)
|
||||
+ fatalx("out of memory");
|
||||
wp->ictx = input_init(wp, wp->event, &wp->palette);
|
||||
|
||||
bufferevent_enable(wp->event, EV_READ|EV_WRITE);
|
||||
--
|
||||
2.33.0
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: tmux
|
||||
Version: 3.3a
|
||||
Release: 1
|
||||
Release: 2
|
||||
Summary: A terminal multiplexer
|
||||
|
||||
License: ISC and BSD
|
||||
@ -10,6 +10,7 @@ URL: https://tmux.github.io/
|
||||
Source0: https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
|
||||
Source1: bash_completion_tmux.sh
|
||||
|
||||
Patch6000: backport-CVE-2022-47016.patch
|
||||
|
||||
BuildRequires: gcc libevent-devel ncurses-devel libutempter-devel
|
||||
|
||||
@ -63,6 +64,9 @@ fi
|
||||
%{_mandir}/man1/%{name}.1.gz
|
||||
|
||||
%changelog
|
||||
* Sat Feb 04 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 3.3a-2
|
||||
- fix CVE-2022-47016
|
||||
|
||||
* Wed Jul 13 2022 zhaomengmeng <zhaomengmeng@kylinos.cn> - 3.3a-1
|
||||
- DESC:upgrade to 3.3a
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user