gnu: Add atf.

* gnu/packages/check.scm (atf): New variable. * gnu/packages/patches/atf-execute-with-shell.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Change-Id: I37a57069380309382bc0ff24977a1fd165985f5e
2025-10-02 02:15:12 +00:00 · 2024-01-24 13:27:08 -05:00 · 2024-01-24 13:27:08 -05:00 · 86d5774605
commit 86d5774605
parent d1b8834927
3 changed files with 79 additions and 1 deletions
--- a/gnu/packages/patches/atf-execute-with-shell.patch
+++ b/gnu/packages/patches/atf-execute-with-shell.patch
@ -0,0 +1,39 @@
+Submitted here: https://github.com/freebsd/atf/pull/57
+
+From 098b66269b1cf1d944b8b214ceb7ce9febde3682 Mon Sep 17 00:00:00 2001
+From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
+Date: Mon, 29 Jan 2024 22:35:49 -0500
+Subject: [PATCH] Fix use after free in execute_with_shell.
+
+The temporary string returned by atf::env::get would be used outside
+its statement, which is invalid and cause undefined behavior.  Copy it
+to a local variable to avoid the issue.
+
+Fixes: https://github.com/freebsd/atf/issues/26
+Fixes: https://github.com/freebsd/kyua/issues/223
+
+Reported-by: Ruslan Bukin <br@bsdpad.com>
+---
+ atf-sh/atf-check.cpp | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/atf-sh/atf-check.cpp b/atf-sh/atf-check.cpp
+index 41f0b13..9d6f7a8 100644
+--- a/atf-sh/atf-check.cpp
+++ b/atf-sh/atf-check.cpp
+@@ -436,7 +436,9 @@ execute_with_shell(char* const* argv)
+     const std::string cmd = flatten_argv(argv);
+ 
+     const char* sh_argv[4];
+-    sh_argv[0] = atf::env::get("ATF_SHELL", ATF_SHELL).c_str();
+    const std::string shell = atf::env::get("ATF_SHELL", ATF_SHELL);
+
+    sh_argv[0] = shell.c_str();
+     sh_argv[1] = "-c";
+     sh_argv[2] = cmd.c_str();
+     sh_argv[3] = NULL;
+
+base-commit: 18eb8168b70a0f934b4824b6391b55ac0b2f4fdf
+-- 
+2.41.0
+