Overview

File fix-CVE-2025-9301.patch of Package cmake3.40330

From 37e27f71bc356d880c908040cd0cb68fa2c371b8 Mon Sep 17 00:00:00 2001
From: Tyler Yankee <tyler.yankee@kitware.com>
Date: Wed, 13 Aug 2025 15:22:28 -0400
Subject: [PATCH] foreach: Explicitly skip replay without iterations

As written, foreach loops with a trailing `IN` (i.e., no loop
variable(s) given) lead to an assertion error. Handle this case by
exiting early when we know the loop won't execute anything.

Fixes: #27135
---
 Source/cmForEachCommand.cxx                  | 3 +++
 Tests/RunCMake/foreach/RunCMakeTest.cmake    | 1 +
 Tests/RunCMake/foreach/TrailingIn-result.txt | 1 +
 Tests/RunCMake/foreach/TrailingIn.cmake      | 5 +++++
 4 files changed, 10 insertions(+)
 create mode 100644 Tests/RunCMake/foreach/TrailingIn-result.txt
 create mode 100644 Tests/RunCMake/foreach/TrailingIn.cmake

Index: cmake-3.17.0/Source/cmForEachCommand.cxx
===================================================================
--- cmake-3.17.0.orig/Source/cmForEachCommand.cxx
+++ cmake-3.17.0/Source/cmForEachCommand.cxx
@@ -98,6 +98,9 @@ bool cmForEachFunctionBlocker::Arguments
 bool cmForEachFunctionBlocker::Replay(
   std::vector<cmListFileFunction> functions, cmExecutionStatus& inStatus)
 {
+  if (this->Args.size() == this->IterationVarsCount) {
+    return true;
+  }
   return this->ZipLists ? this->ReplayZipLists(functions, inStatus)
                         : this->ReplayItems(functions, inStatus);
 }
Index: cmake-3.17.0/Tests/RunCMake/foreach/RunCMakeTest.cmake
===================================================================
--- cmake-3.17.0.orig/Tests/RunCMake/foreach/RunCMakeTest.cmake
+++ cmake-3.17.0/Tests/RunCMake/foreach/RunCMakeTest.cmake
@@ -19,3 +19,4 @@ run_cmake(foreach-RANGE-non-int-test-3-1
 run_cmake(foreach-RANGE-non-int-test-3-2)
 run_cmake(foreach-RANGE-non-int-test-3-3)
 run_cmake(foreach-RANGE-invalid-test)
+run_cmake(TrailingIn)
Index: cmake-3.17.0/Tests/RunCMake/foreach/TrailingIn-result.txt
===================================================================
--- /dev/null
+++ cmake-3.17.0/Tests/RunCMake/foreach/TrailingIn-result.txt
@@ -0,0 +1 @@
+0
Index: cmake-3.17.0/Tests/RunCMake/foreach/TrailingIn.cmake
===================================================================
--- /dev/null
+++ cmake-3.17.0/Tests/RunCMake/foreach/TrailingIn.cmake
@@ -0,0 +1,5 @@
+foreach(v IN)
+endforeach()
+
+foreach(v1 v2 IN)
+endforeach()
openSUSE Build Service is sponsored by
Places