From 1266f2514cc053bf0b74f69d76b7348595af71ea Mon Sep 17 00:00:00 2001
From: DongHun Kwak <dh0128.kwak@samsung.com>
Date: Fri, 18 Mar 2022 12:01:10 +0900
Subject: [PATCH] fix: Security patch for CVE-2018-6951

CVE Report
https://nvd.nist.gov/vuln/detail/CVE-2018-6951

Security patch
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a

Change-Id: I47feb135b9a86cf68a336627225e4c442956f732
---
 packaging/CVE-2018-6951.patch | 29 +++++++++++++++++++++++++++++
 packaging/patch.spec          |  2 ++
 2 files changed, 31 insertions(+)
 create mode 100644 packaging/CVE-2018-6951.patch

diff --git a/packaging/CVE-2018-6951.patch b/packaging/CVE-2018-6951.patch
new file mode 100644
index 0000000..dc6e6ba
--- /dev/null
+++ b/packaging/CVE-2018-6951.patch
@@ -0,0 +1,29 @@
+From f290f48a621867084884bfff87f8093c15195e6a Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Mon, 12 Feb 2018 16:48:24 +0100
+Subject: [CVE-2021-3541] Fix segfault with mangled rename patch
+
+http://savannah.gnu.org/bugs/?53132
+* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
+for renames and copies (fix the existing check).
+---
+ src/pch.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/pch.c b/src/pch.c
+index ff9ed2c..bc6278c 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
+     if ((pch_rename () || pch_copy ())
+ 	&& ! inname
+ 	&& ! ((i == OLD || i == NEW) &&
+-	      p_name[! reverse] &&
++	      p_name[reverse] && p_name[! reverse] &&
++	      name_is_valid (p_name[reverse]) &&
+ 	      name_is_valid (p_name[! reverse])))
+       {
+ 	say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
+-- 
+2.25.1
+
diff --git a/packaging/patch.spec b/packaging/patch.spec
index 62ed3f2..b3807b0 100644
--- a/packaging/patch.spec
+++ b/packaging/patch.spec
@@ -6,6 +6,7 @@ Summary:        The GNU patch command, for modifying/upgrading files
 Url:            http://www.gnu.org/software/patch/patch.html
 Group:          Development/Tools
 Source0:        ftp://ftp.gnu.org/gnu/patch/patch-%{version}.tar.xz
+Source11:       CVE-2018-6951.patch
 Source1001:     patch.manifest
 
 %description
@@ -20,6 +21,7 @@ applications.
 
 %prep
 %setup -q
+%{__patch} -p1 < %{SOURCE11}
 
 %build
 cp %{SOURCE1001} .
-- 
2.34.1