Merge pull request #213041 from LeSuisse/tmux-CVE-2022-47016

tmux: apply patch for CVE-2022-47016
This commit is contained in:
Martin Weinelt 2023-01-27 23:54:35 +00:00 committed by GitHub
commit 95ed1ad745
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 77 additions and 0 deletions

View file

@ -0,0 +1,72 @@
From 01f753df5dc269cf054b94c3f210aa880872d602 Mon Sep 17 00:00:00 2001
From: nicm <nicm>
Date: Wed, 24 Aug 2022 07:22:30 +0000
Subject: [PATCH] Check for NULL returns from bufferevent_new.
(cherry picked from commit e86752820993a00e3d28350cbe46878ba95d9012)
---
control.c | 4 ++++
file.c | 4 ++++
window.c | 2 ++
3 files changed, 10 insertions(+)
diff --git a/control.c b/control.c
index 73286e00..6183a006 100644
--- a/control.c
+++ b/control.c
@@ -775,6 +775,8 @@ control_start(struct client *c)
cs->read_event = bufferevent_new(c->fd, control_read_callback,
control_write_callback, control_error_callback, c);
+ if (cs->read_event == NULL)
+ fatalx("out of memory");
bufferevent_enable(cs->read_event, EV_READ);
if (c->flags & CLIENT_CONTROLCONTROL)
@@ -782,6 +784,8 @@ control_start(struct client *c)
else {
cs->write_event = bufferevent_new(c->out_fd, NULL,
control_write_callback, control_error_callback, c);
+ if (cs->write_event == NULL)
+ fatalx("out of memory");
}
bufferevent_setwatermark(cs->write_event, EV_WRITE, CONTROL_BUFFER_LOW,
0);
diff --git a/file.c b/file.c
index b2f155fe..04a907bf 100644
--- a/file.c
+++ b/file.c
@@ -585,6 +585,8 @@ file_write_open(struct client_files *files, struct tmuxpeer *peer,
cf->event = bufferevent_new(cf->fd, NULL, file_write_callback,
file_write_error_callback, cf);
+ if (cf->event == NULL)
+ fatalx("out of memory");
bufferevent_enable(cf->event, EV_WRITE);
goto reply;
@@ -744,6 +746,8 @@ file_read_open(struct client_files *files, struct tmuxpeer *peer,
cf->event = bufferevent_new(cf->fd, file_read_callback, NULL,
file_read_error_callback, cf);
+ if (cf->event == NULL)
+ fatalx("out of memory");
bufferevent_enable(cf->event, EV_READ);
return;
diff --git a/window.c b/window.c
index c0cd9bdc..294a1f08 100644
--- a/window.c
+++ b/window.c
@@ -1042,6 +1042,8 @@ window_pane_set_event(struct window_pane *wp)
wp->event = bufferevent_new(wp->fd, window_pane_read_callback,
NULL, window_pane_error_callback, wp);
+ if (wp->event == NULL)
+ fatalx("out of memory");
wp->ictx = input_init(wp, wp->event, &wp->palette);
bufferevent_enable(wp->event, EV_READ|EV_WRITE);
--
2.39.1

View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, autoreconfHook
, bison
, libevent
@ -35,6 +36,10 @@ stdenv.mkDerivation rec {
sha256 = "sha256-SygHxTe7N4y7SdzKixPFQvqRRL57Fm8zWYHfTpW+yVY=";
};
patches = [
./CVE-2022-47016.patch
];
nativeBuildInputs = [
pkg-config
autoreconfHook