-
-
Notifications
You must be signed in to change notification settings - Fork 13.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #213044 from NixOS/backport-213041-to-release-22.11
[Backport release-22.11] tmux: apply patch for CVE-2022-47016
- Loading branch information
Showing
2 changed files
with
77 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
From 01f753df5dc269cf054b94c3f210aa880872d602 Mon Sep 17 00:00:00 2001 | ||
From: nicm <nicm> | ||
Date: Wed, 24 Aug 2022 07:22:30 +0000 | ||
Subject: [PATCH] Check for NULL returns from bufferevent_new. | ||
|
||
(cherry picked from commit e86752820993a00e3d28350cbe46878ba95d9012) | ||
--- | ||
control.c | 4 ++++ | ||
file.c | 4 ++++ | ||
window.c | 2 ++ | ||
3 files changed, 10 insertions(+) | ||
|
||
diff --git a/control.c b/control.c | ||
index 73286e00..6183a006 100644 | ||
--- a/control.c | ||
+++ b/control.c | ||
@@ -775,6 +775,8 @@ control_start(struct client *c) | ||
|
||
cs->read_event = bufferevent_new(c->fd, control_read_callback, | ||
control_write_callback, control_error_callback, c); | ||
+ if (cs->read_event == NULL) | ||
+ fatalx("out of memory"); | ||
bufferevent_enable(cs->read_event, EV_READ); | ||
|
||
if (c->flags & CLIENT_CONTROLCONTROL) | ||
@@ -782,6 +784,8 @@ control_start(struct client *c) | ||
else { | ||
cs->write_event = bufferevent_new(c->out_fd, NULL, | ||
control_write_callback, control_error_callback, c); | ||
+ if (cs->write_event == NULL) | ||
+ fatalx("out of memory"); | ||
} | ||
bufferevent_setwatermark(cs->write_event, EV_WRITE, CONTROL_BUFFER_LOW, | ||
0); | ||
diff --git a/file.c b/file.c | ||
index b2f155fe..04a907bf 100644 | ||
--- a/file.c | ||
+++ b/file.c | ||
@@ -585,6 +585,8 @@ file_write_open(struct client_files *files, struct tmuxpeer *peer, | ||
|
||
cf->event = bufferevent_new(cf->fd, NULL, file_write_callback, | ||
file_write_error_callback, cf); | ||
+ if (cf->event == NULL) | ||
+ fatalx("out of memory"); | ||
bufferevent_enable(cf->event, EV_WRITE); | ||
goto reply; | ||
|
||
@@ -744,6 +746,8 @@ file_read_open(struct client_files *files, struct tmuxpeer *peer, | ||
|
||
cf->event = bufferevent_new(cf->fd, file_read_callback, NULL, | ||
file_read_error_callback, cf); | ||
+ if (cf->event == NULL) | ||
+ fatalx("out of memory"); | ||
bufferevent_enable(cf->event, EV_READ); | ||
return; | ||
|
||
diff --git a/window.c b/window.c | ||
index c0cd9bdc..294a1f08 100644 | ||
--- a/window.c | ||
+++ b/window.c | ||
@@ -1042,6 +1042,8 @@ window_pane_set_event(struct window_pane *wp) | ||
|
||
wp->event = bufferevent_new(wp->fd, window_pane_read_callback, | ||
NULL, window_pane_error_callback, wp); | ||
+ if (wp->event == NULL) | ||
+ fatalx("out of memory"); | ||
wp->ictx = input_init(wp, wp->event, &wp->palette); | ||
|
||
bufferevent_enable(wp->event, EV_READ|EV_WRITE); | ||
-- | ||
2.39.1 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters