Overview

File devscripts-CVE-2014-1833.patch of Package devscripts.34907

--- a/scripts/uupdate.sh
+++ b/scripts/uupdate.sh
@@ -779,6 +779,14 @@ else
 	    done
 	fi
 
+	# Remove all existing symlinks before applying the patch.  We'll
+	# restore them afterwards, but this avoids patch following symlinks,
+	# which may point outside of the source tree
+	declare -a LINKS
+	while IFS= read -d '' -r link; do
+	    LINKS+=("$link")
+	done < <(find -type l -printf '%l\0%p\0' -delete)
+
 	if $DIFFCAT $DIFF | patch -sNp1 ; then
 	    echo "Success!  The diffs from version $VERSION worked fine."
 	else
@@ -790,6 +798,16 @@ else
 	    STATUS=1
 	fi
 
+	# Reinstate symlinks, warning if the
+	for (( i=0; $i < ${#LINKS[@]}; i=$(($i+2)) )); do
+	    target="${LINKS[$i]}"
+	    link="${LINKS[$(($i+1))]}"
+	    if ! ln -s -T "$target" "$link"; then
+		echo "$PROGNAME: warning: Unable to restore the '$link' -> '$target' symlink." >&2
+		STATUS=1
+	    fi
+	done
+
 	for file in "${MOVEDFILES[@]}"; do
 	    if [ -e "$file.upstream" ]; then
 		mv $file $file.debdiff
openSUSE Build Service is sponsored by
Places