tightening sanity check of the input. [1]
While I'm there also replace ed(1) with red(1) because we do
not need the unrestricted functionality. [2]
Obtained from: Bitrig [1], DragonFly [2]
Security: CVE-2015-1418 [1]
The function savestr allows NULL return values during Plan A patching so in
case of out of memory conditions, Plan B can step in. In many cases, NULL
value is not properly handled, so use xstrdup here (it's outside Plan A/B
patching, which means that even Plan B relies on successful operations).
Clean up some whitespaces while here
Obtained from: OpenBSD
MFC after: 2 weeks
Introduce strtolinenum to properly check line numbers while parsing:
no signs, no spaces, just digits, 0 <= x <= LONG_MAX
Properly validate line ranges supplied in diff file to prevent overflows.
Also fixes an out of boundary memory access because the resulting values
are used as array indices.
PR: 195436
Obtained from: OpenBSD (CVS pch.c rev 1.45, 1,46, common.h rev 1.28)
MFC after: 1 week
Check fstat return value. Also, use off_t for file size and offsets.
Avoid iterating over end of string.
Obtained from: OpenBSD (CVS rev. 1.41, 1.43)
MFC after: 1 week
Patch(1) uses a short int for the line length, which is usually
sufficient for regular diffs, but makes no effort to signal
when there is an overflow.
Change the line length to an unsigned short int to better use
the fact that a length is never negative. The change is loosely
inspired on a related change in DragonFly, but we avoid spending
more memory than necessary.
While here adjust the messages to be clearer on what is happening.
MFC after: 1 week
This change reverts a change from OpenBSD which made use of
calloc, and therefore wasted time initializing arrays that
will later be realloc'ed. Consistently use FreeBSD's
reallocf().
While here also merge the changes from OpenBSD's manpage
patch.1 Rev 1.27:
"patch was moved from user portability (UP) to base in issue 7
and is no longer optional"
MFC after: 1 week
Properly handle input lines containing NUL characters such that pgets()
accurately fills the read buffer.
Callers of pgets() still mis-process the buffer contents if the read line
contains NUL characters, but this at least makes pgets() accurate.
Make it so that 'patch < FUBAR' and 'patch -i FUBAR' operate the same.
The former makes a copy of stdin, but was not accurately putting the
content of stdin into a temp file. This lead to the undercounting
the number of lines in hunks containing NUL characters when reading
from stdin. Thus resulting in "unexpected end of file in patch" errors.
Instead of using the file with the least order of path name components,
shortest filename and finally the shortest basename (with the search
stopping as soon as one of these conditions is true), the first filename
checked was used as the reference, and another filename was only selected
if all of the above comparisons are in favour of the latter file.
This was wrong, because filenames with path less components were only
considered, if both of the other conditions were true as well. In fact,
the first filename to be checked had good chances to be selected in the
end, since it only needed to be better with regard to any one of the
three criteria ...
Reviewed by: delphij@freebsd.org
- Remove $DragonFly$ tags as they are using git nowadays and VCS tags will
not help merging.
- Other changes to Copyright headers to make them consistent with other
source code, we intend to fork from this point.
Reviewed by: pfg
DragonflyBSD and install it as bsdpatch. WITH_BSD_PATCH makes it
default and installs GNU patch as gnupatch.
Submitted by: pfg
Obtained from: The DragonflyBSD Project
