mingw/mingw-packages/mingw-w64-popt/318833.all.patch - kiwivm - Git at Google

 --- popt-1.18/src/popt.c.orig	2021-05-28 20:24:35.156031300 -0700
 +++ popt-1.18/src/popt.c	2021-05-28 20:28:47.492641100 -0700
 @@ -168,6 +168,7 @@
  	con->os->next = 1;		/* skip argv[0] */

      con->leftovers = calloc( (size_t)(argc + 1), sizeof(*con->leftovers) );
 +    con->allocLeftovers = argc + 1;
      con->options = options;
      con->aliases = NULL;
      con->numAliases = 0;
 @@ -1290,7 +1291,19 @@
  		    return 0;
  		}
  		if (con->leftovers != NULL)	/* XXX can't happen */
 -		    con->leftovers[con->numLeftovers++] = origOptString;
 +		    /* One might think we can never overflow the leftovers
 +		       array.  Actually, that's true, as long as you don't
 +		       use poptStuffArgs()... */
 +		    if ((con->numLeftovers + 1) >= (con->allocLeftovers)) {
 +			con->allocLeftovers += 10;
 +			con->leftovers =
 +			    realloc(con->leftovers,
 +				    sizeof(*con->leftovers) * con->allocLeftovers);
 +		    }
 +		    con->leftovers[con->numLeftovers++]
 +			= xstrdup(origOptString); /* so a free of a stuffed
 +						     argv doesn't give us a
 +						     dangling pointer */
  		continue;
  	    }

 @@ -1539,6 +1552,8 @@

  poptContext poptFreeContext(poptContext con)
  {
 +    int i;
 +
      if (con == NULL) return con;
      poptResetContext(con);

 @@ -1548,7 +1563,11 @@
      con->execs = poptFreeItems(con->execs, con->numExecs);
      con->numExecs = 0;

 +    for (i = 0; i < con->numLeftovers; i++) {
 +	con->leftovers[i] = _free(&con->leftovers[i]);
 +    }
      con->leftovers = _free(con->leftovers);
 +
      con->finalArgv = _free(con->finalArgv);
      con->appName = _free(con->appName);
      con->otherHelp = _free(con->otherHelp);
 Index: popt-1.16/src/poptint.h
 ===================================================================
 --- popt-1.16.orig/src/poptint.h   2010-05-13 04:57:46.878010140 +0100
 +++ popt-1.16/src/poptint.h        2010-05-13 04:57:52.008009414 +0100
 @@ -119,6 +119,7 @@
  /*@owned@*/ /*@null@*/
      poptArgv leftovers;
      int numLeftovers;
 +    int allocLeftovers;
      int nextLeftover;
  /*@keep@*/
      const struct poptOption * options;
	--- popt-1.18/src/popt.c.orig 2021-05-28 20:24:35.156031300 -0700
	+++ popt-1.18/src/popt.c 2021-05-28 20:28:47.492641100 -0700
	@@ -168,6 +168,7 @@
	con->os->next = 1; /* skip argv[0] */

	con->leftovers = calloc( (size_t)(argc + 1), sizeof(*con->leftovers) );
	+ con->allocLeftovers = argc + 1;
	con->options = options;
	con->aliases = NULL;
	con->numAliases = 0;
	@@ -1290,7 +1291,19 @@
	return 0;
	}
	if (con->leftovers != NULL) /* XXX can't happen */
	- con->leftovers[con->numLeftovers++] = origOptString;
	+ /* One might think we can never overflow the leftovers
	+ array. Actually, that's true, as long as you don't
	+ use poptStuffArgs()... */
	+ if ((con->numLeftovers + 1) >= (con->allocLeftovers)) {
	+ con->allocLeftovers += 10;
	+ con->leftovers =
	+ realloc(con->leftovers,
	+ sizeof(con->leftovers) con->allocLeftovers);
	+ }
	+ con->leftovers[con->numLeftovers++]
	+ = xstrdup(origOptString); /* so a free of a stuffed
	+ argv doesn't give us a
	+ dangling pointer */
	continue;
	}

	@@ -1539,6 +1552,8 @@

	poptContext poptFreeContext(poptContext con)
	{
	+ int i;
	+
	if (con == NULL) return con;
	poptResetContext(con);

	@@ -1548,7 +1563,11 @@
	con->execs = poptFreeItems(con->execs, con->numExecs);
	con->numExecs = 0;

	+ for (i = 0; i < con->numLeftovers; i++) {
	+ con->leftovers[i] = _free(&con->leftovers[i]);
	+ }
	con->leftovers = _free(con->leftovers);
	+
	con->finalArgv = _free(con->finalArgv);
	con->appName = _free(con->appName);
	con->otherHelp = _free(con->otherHelp);
	Index: popt-1.16/src/poptint.h
	===================================================================
	--- popt-1.16.orig/src/poptint.h 2010-05-13 04:57:46.878010140 +0100
	+++ popt-1.16/src/poptint.h 2010-05-13 04:57:52.008009414 +0100
	@@ -119,6 +119,7 @@
	/@owned@/ /@null@/
	poptArgv leftovers;
	int numLeftovers;
	+ int allocLeftovers;
	int nextLeftover;
	/@keep@/
	const struct poptOption * options;