From 9792f4fddcedaaf753a538e4dd174947ed0011d9 Mon Sep 17 00:00:00 2001 From: huyubiao Date: Mon, 29 Apr 2024 11:38:20 +0800 Subject: [PATCH] Fix problem when a program piping into less reads from the tty, like sudo asking for password (cherry picked from commit 2742c5cf47c9ecb99fd3b37fd9aa1527b7dd05a0) --- ...ata-from-an-input-program-that-uses-.patch | 35 +++++++++++++ ...D_AGAIN-from-iread-if-no-data-has-ye.patch | 49 +++++++++++++++++++ backport-Fix-for-previous-fix.patch | 25 ++++++++++ less.spec | 8 ++- 4 files changed, 116 insertions(+), 1 deletion(-) create mode 100644 backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch create mode 100644 backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch create mode 100644 backport-Fix-for-previous-fix.patch diff --git a/backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch b/backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch new file mode 100644 index 0000000..d907543 --- /dev/null +++ b/backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch @@ -0,0 +1,35 @@ +From c8df315c742fc470e766244ce8efe305a98d720a Mon Sep 17 00:00:00 2001 +From: Mark Nudelman +Date: Sun, 28 May 2023 15:28:42 -0700 +Subject: [PATCH] Avoid stealing data from an input program that uses the tty + at startup, like sudo. + +--- + os.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/os.c b/os.c +index af95834..7206277 100644 +--- a/os.c ++++ b/os.c +@@ -114,6 +114,8 @@ static int check_poll(int fd, int tty) + { + struct pollfd poller[2] = { { fd, POLLIN, 0 }, { tty, POLLIN, 0 } }; + int timeout = (waiting_for_data && !(scanning_eof && follow_mode == FOLLOW_NAME)) ? -1 : waiting_for_data_delay; ++ if (!any_data) ++ return (0); + poll(poller, 2, timeout); + #if LESSTEST + if (ttyin_name == NULL) /* Check for ^X only on a real tty. */ +@@ -136,7 +138,7 @@ static int check_poll(int fd, int tty) + * to allow a program piping data into less to have temporary + * access to the tty (like sudo asking for a password). + */ +- if (any_data && (poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0) ++ if ((poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0) + /* No data available; let caller take action, then try again. */ + return (READ_AGAIN); + /* There is data (or HUP/ERR) available. Safe to call read() without blocking. */ +-- +2.33.0 + diff --git a/backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch b/backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch new file mode 100644 index 0000000..9eaf13c --- /dev/null +++ b/backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch @@ -0,0 +1,49 @@ +From 5e93b7b4f99c3cdda3ab38d19fbf20b17f2536f7 Mon Sep 17 00:00:00 2001 +From: Mark Nudelman +Date: Sat, 27 May 2023 18:56:08 -0700 +Subject: [PATCH] Don't return READ_AGAIN from iread if no data has yet been + received, to allow a program piping data into less to have temporary access + to the tty (like sudo asking for a password). + +--- + os.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/os.c b/os.c +index 56e3bf3..7f2d692 100644 +--- a/os.c ++++ b/os.c +@@ -72,6 +72,7 @@ public int consecutive_nulls = 0; + /* Milliseconds to wait for data before displaying "waiting for data" message. */ + static int waiting_for_data_delay = 4000; + static jmp_buf read_label; ++static int any_data = FALSE; + + extern int sigs; + extern int ignore_eoi; +@@ -130,7 +131,12 @@ static int check_poll(int fd, int tty) + if (ignore_eoi && exit_F_on_close && (poller[0].revents & (POLLHUP|POLLIN)) == POLLHUP) + /* Break out of F loop on HUP due to --exit-follow-on-close. */ + return (READ_INTR); +- if ((poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0) ++ /* ++ * Don't return READ_AGAIN if no data has yet been received, ++ * to allow a program piping data into less to have temporary ++ * access to the tty (like sudo asking for a password). ++ */ ++ if (any_data && (poller[0].revents & (POLLIN|POLLHUP|POLLERR)) == 0) + /* No data available; let caller take action, then try again. */ + return (READ_AGAIN); + /* There is data (or HUP/ERR) available. Safe to call read() without blocking. */ +@@ -282,6 +288,8 @@ start: + #endif + return (READ_ERR); + } ++ if (n > 0) ++ any_data = TRUE; + return (n); + } + +-- +2.33.0 + diff --git a/backport-Fix-for-previous-fix.patch b/backport-Fix-for-previous-fix.patch new file mode 100644 index 0000000..530bad4 --- /dev/null +++ b/backport-Fix-for-previous-fix.patch @@ -0,0 +1,25 @@ +From fd2a746b7c967c9f8d3739daf6701f8d3267442f Mon Sep 17 00:00:00 2001 +From: Mark Nudelman +Date: Sun, 28 May 2023 12:07:31 -0700 +Subject: [PATCH] Fix for previous fix. + +--- + os.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/os.c b/os.c +index 7f2d692..af95834 100644 +--- a/os.c ++++ b/os.c +@@ -288,7 +288,7 @@ start: + #endif + return (READ_ERR); + } +- if (n > 0) ++ if (fd != tty && n > 0) + any_data = TRUE; + return (n); + } +-- +2.33.0 + diff --git a/less.spec b/less.spec index 1a2b337..bffd447 100644 --- a/less.spec +++ b/less.spec @@ -1,6 +1,6 @@ Name: less Version: 633 -Release: 2 +Release: 3 Summary: Less is a pager that displays text files. License: GPLv3+ or BSD URL: http://www.greenwoodsoftware.com/less @@ -10,6 +10,9 @@ Patch1: less-475-fsync.patch Patch2: backport-Some-constifying.patch Patch3: backport-Implement-osc8_open.patch Patch4: backport-CVE-2024-32487.patch +Patch5: backport-Don-t-return-READ_AGAIN-from-iread-if-no-data-has-ye.patch +Patch6: backport-Fix-for-previous-fix.patch +Patch7: backport-Avoid-stealing-data-from-an-input-program-that-uses-.patch BuildRequires: gcc make ncurses-devel autoconf automake libtool @@ -48,6 +51,9 @@ autoreconf -ivf %{_mandir}/man1/* %changelog +* Mon Apr 29 2024 huyubiao - 633-3 +- fix problem when a program piping into less reads from the tty, like sudo asking for password + * Mon Apr 22 2024 wangjiang - 633-2 - fix CVE-2024-32487 -- Gitee