From 21e6f9d8bd198c9d7b68fc552bf547c046be2ccf Mon Sep 17 00:00:00 2001
From: yixiangzhike <yixiangzhike007@163.com>
Date: Wed, 10 Jul 2024 11:02:37 +0800
Subject: [PATCH] acl_copy_entry prevent accidental NULL pointer dereferences

---
 acl.spec                                      |  7 +++-
 ...revent-accidental-NULL-pointer-deref.patch | 34 +++++++++++++++++++
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 backport-acl_copy_entry-Prevent-accidental-NULL-pointer-deref.patch

diff --git a/acl.spec b/acl.spec
index 3a2efde..d4921ae 100644
--- a/acl.spec
+++ b/acl.spec
@@ -1,12 +1,14 @@
 Name:          acl
 Version:       2.2.53
-Release:       9
+Release:       10
 Summary:       Commands for manipulating POSIX access control lists
 
 License:       GPLv2+
 URL:           https://savannah.nongnu.org/projects/acl
 Source0:       http://download.savannah.nongnu.org/releases/acl/acl-2.2.53.tar.gz
 
+Patch1:    backport-acl_copy_entry-Prevent-accidental-NULL-pointer-deref.patch
+
 BuildRequires: libattr-devel gawk libtool gettext
 BuildRequires: chrpath
 
@@ -93,6 +95,9 @@ make check
 %{_mandir}/man5/*
 
 %changelog
+* Wed Jul 10 2024 yixiangzhike <yixiangzhike007@163.com> - 2.2.53-10
+- backport upstream patch to avoid NULL dereferences
+
 * Wed Aug 31 2022 zhangruifang <zhangruifang1@h-partners.com> - 2.2.53-9
 - remove rpath and runpath of exec files and libraries
 
diff --git a/backport-acl_copy_entry-Prevent-accidental-NULL-pointer-deref.patch b/backport-acl_copy_entry-Prevent-accidental-NULL-pointer-deref.patch
new file mode 100644
index 0000000..e3a2f3d
--- /dev/null
+++ b/backport-acl_copy_entry-Prevent-accidental-NULL-pointer-deref.patch
@@ -0,0 +1,34 @@
+From 4b7672d6fbfb9ef8a0b81f285b74aa299185aa83 Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruenba@redhat.com>
+Date: Mon, 24 Jun 2024 12:41:04 +0200
+Subject: [PATCH] acl_copy_entry: Prevent accidental NULL pointer dereference
+
+In acl_copy_entry(), when dest_d turns out to be invalid, dest_p will be
+NULL.  Instead of checking for that, we are accidentally checking if
+dest_d is NULL.  As a result, when called with an invalid dest_d object,
+acl_copy_entry() will cause a NULL pointer dereference instead of
+indicating an error.  This is a relatively minor problem, but worth
+fixing nonetheless.
+
+Reported-by: His Shadow <shadowpilot34@gmail.com>
+Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
+---
+ libacl/acl_copy_entry.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libacl/acl_copy_entry.c b/libacl/acl_copy_entry.c
+index f9c90c7..e92580c 100644
+--- a/libacl/acl_copy_entry.c
++++ b/libacl/acl_copy_entry.c
+@@ -28,7 +28,7 @@ acl_copy_entry(acl_entry_t dest_d, acl_entry_t src_d)
+ {
+ 	acl_entry_obj *dest_p = ext2int(acl_entry, dest_d),
+ 	               *src_p = ext2int(acl_entry,  src_d);
+-	if (!dest_d || !src_p)
++	if (!dest_p || !src_p)
+ 		return -1;
+ 
+ 	dest_p->etag  = src_p->etag;
+-- 
+2.33.0
+
-- 
Gitee