[packages/wget] fix for double free in free_vec

Mon Apr 20 20:23:42 CEST 2015

commit f813fc4fd0d14eb559ab6467b2e8a4a4ef9ea519
Author: Kacper Kornet <draenog at pld-linux.org>
Date:   Mon Apr 20 19:20:56 2015 +0100

    fix for double free in free_vec

 wget-free.patch | 26 ++++++++++++++++++++++++++
 wget.spec       |  4 +++-
 2 files changed, 29 insertions(+), 1 deletion(-)
---

diff --git a/wget.spec b/wget.spec
index 9f7ea7c..48b44a4 100644
--- a/wget.spec
+++ b/wget.spec
@@ -18,7 +18,7 @@ Summary(uk.UTF-8):	Утиліта для отримання файлів по п
 Summary(zh_CN.UTF-8):	[通讯]功能强大的下载程序,支持断点续传
 Name:		wget
 Version:	1.16.3
-Release:	2
+Release:	3
 License:	GPL v3+ with OpenSSL exception
 Group:		Networking/Utilities
 Source0:	http://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.xz
@@ -30,6 +30,7 @@ Patch1:		%{name}-wgetrc_path.patch
 Patch2:		%{name}-home_etc.patch
 Patch3:		%{name}-ssl-certs.patch
 Patch4:		user.xdg.origin.url.patch
+Patch5:		%{name}-free.patch
 URL:		http://www.gnu.org/software/wget/
 BuildRequires:	attr-devel
 BuildRequires:	autoconf >= 2.61
@@ -134,6 +135,7 @@ Proxy серверів, настроюваність.
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 
 %{__rm} doc/wget.info doc/sample.wgetrc.munged_for_texi_inclusion po/stamp-po
 
diff --git a/wget-free.patch b/wget-free.patch
new file mode 100644
index 0000000..f4cc07c
--- /dev/null
+++ b/wget-free.patch
@@ -0,0 +1,26 @@
+commit ac40b84ee138d45379046e21e31d237f6937a014
+Author: Hubert Tarasiuk <hubert.tarasiuk at gmail.com>
+Date:   Fri Apr 10 11:52:34 2015 +0200
+
+    Fix error in free_vec.
+    
+    * src/utils.c (free_vec): Increment pointer instead of its value.
+    
+    Reported-by: Gisle Vanem <gvanem at yahoo.no>
+
+diff --git a/src/utils.c b/src/utils.c
+index 617f547..3c8f4f9 100644
+--- a/src/utils.c
++++ b/src/utils.c
+@@ -1284,7 +1284,10 @@ free_vec (char **vec)
+     {
+       char **p = vec;
+       while (*p)
+-        xfree (*p++);
++        {
++          xfree (*p);
++          p++;
++        }
+       xfree (vec);
+     }
+ }
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/wget.git/commitdiff/f813fc4fd0d14eb559ab6467b2e8a4a4ef9ea519

