!41 fix: avoid potential double fclose

From: @lvgenggeng 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen

backport-sed-avoid-potential-double-fclose.patch

@@ -0,0 +1,87 @@
+From 6568d364f4d21df69027319f55bcc903bfb32e0a Mon Sep 17 00:00:00 2001
+From: Jim Meyering <meyering@fb.com>
+Date: Sat, 10 Jul 2021 17:34:39 -0700
+Subject: [PATCH 1/1] sed: avoid potential double-fclose
+
+Upon a failed temp file fclose, do_ck_fclose would call panic,
+which would then attempt to fclose and unlink that same pointer.
+Caught by gcc's new -Wanalyzer-double-fclose.
+* sed/utils.c (struct open_file) [fclose_failed]: New member.
+(panic): Don't double-close.
+(register_open_file): Clear new member.
+(mark_as_fclose_failed): Use new member to avoid double fclose.
+(do_ck_fclose): Call mark_as_fclose_failed upon fclose failure.
+---
+ sed/utils.c | 28 ++++++++++++++++++++++++++--
+ 1 file changed, 26 insertions(+), 2 deletions(-)
+
+diff --git a/sed/utils.c b/sed/utils.c
+index 699fd85..98b6333 100644
+--- a/sed/utils.c
++++ b/sed/utils.c
+@@ -47,6 +47,7 @@ struct open_file
+     char *name;
+     struct open_file *link;
+     unsigned temp : 1;
++    unsigned fclose_failed : 1;
+   };
+ 
+ static struct open_file *open_files = NULL;
+@@ -70,7 +71,8 @@ panic (const char *str, ...)
+     {
+       if (open_files->temp)
+         {
+-          fclose (open_files->fp);
++          if (!open_files->fclose_failed)
++            fclose (open_files->fp);
+           errno = 0;
+           unlink (open_files->name);
+           if (errno != 0)
+@@ -131,6 +133,7 @@ register_open_file (FILE *fp, const char *name)
+   p->name = xstrdup (name);
+   p->fp = fp;
+   p->temp = false;
++  p->fclose_failed = false;
+ }
+ 
+ /* Panic on failing fopen */
+@@ -252,6 +255,21 @@ ck_fflush (FILE *stream)
+     panic ("couldn't flush %s: %s", utils_fp_name (stream), strerror (errno));
+ }
+ 
++/* If we've failed to close a file in open_files whose "fp" member
++   is the same as FP, mark its entry as fclose_failed.  */
++static void
++mark_as_fclose_failed (FILE *fp)
++{
++  for (struct open_file *p = open_files; p; p = p->link)
++    {
++      if (p->fp == fp)
++        {
++          p->fclose_failed = true;
++          break;
++        }
++    }
++}
++
+ /* Panic on failing fclose */
+ void
+ ck_fclose (FILE *stream)
+@@ -293,7 +311,13 @@ do_ck_fclose (FILE *fp)
+   clearerr (fp);
+ 
+   if (fclose (fp) == EOF)
+-    panic ("couldn't close %s: %s", utils_fp_name (fp), strerror (errno));
++    {
++      /* Mark as already fclose-failed, so we don't attempt to fclose it
++         a second time via panic.  */
++      mark_as_fclose_failed (fp);
++
++      panic ("couldn't close %s: %s", utils_fp_name (fp), strerror (errno));
++    }
+ }
+ 
+ /* Follow symlink and panic if something fails.  Return the ultimate
+-- 
+2.20.1
+

backport-sed-c-flag.patch

@@ -0,0 +1,247 @@
+From f336bde91e3fd9c3c2960aa548b8917eb1216678 Mon Sep 17 00:00:00 2001
+From: Jakub Martisko <jamartis@redhat.com>
+Date: Thu, 6 Feb 2020 15:26:33 +0100
+Subject: [PATCH] -c flag
+
+---
+ sed/execute.c | 18 +++++++++--
+ sed/sed.c     | 20 +++++++++++-
+ sed/sed.h     |  4 +++
+ sed/utils.c   | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++
+ sed/utils.h   |  2 ++
+ 5 files changed, 127 insertions(+), 3 deletions(-)
+
+diff --git a/sed/execute.c b/sed/execute.c
+index c5f07cc..4e5f5b3 100644
+--- a/sed/execute.c
++++ b/sed/execute.c
+@@ -670,11 +670,25 @@ closedown (struct input *input)
+       if (strcmp (in_place_extension, "*") != 0)
+         {
+           char *backup_file_name = get_backup_file_name (target_name);
+-          ck_rename (target_name, backup_file_name, input->out_file_name);
++          if (copy_instead_of_rename)
++          {
++            ck_fccopy (target_name, backup_file_name, input->out_file_name);
++          }
++          else
++          {
++            ck_rename (target_name, backup_file_name, input->out_file_name);
++          }
+           free (backup_file_name);
+         }
+ 
+-      ck_rename (input->out_file_name, target_name, input->out_file_name);
++      if (copy_instead_of_rename)
++      {
++        ck_fcmove (input->out_file_name, target_name, input->out_file_name);
++      }
++      else
++      {
++        ck_rename (input->out_file_name, target_name, input->out_file_name);
++      }
+       cancel_cleanup ();
+       free (input->out_file_name);
+     }
+diff --git a/sed/sed.c b/sed/sed.c
+index 1ca5839..745159e 100644
+--- a/sed/sed.c
++++ b/sed/sed.c
+@@ -67,6 +67,10 @@ bool debug = false;
+ /* How do we edit files in-place? (we don't if NULL) */
+ char *in_place_extension = NULL;
+ 
++/* Do we use copy or rename when in in-place edit mode? (boolean
++ +   value, non-zero for copy, zero for rename).*/
++int copy_instead_of_rename = 0;
++
+ /* The mode to use to read/write files, either "r"/"w" or "rb"/"wb".  */
+ char const *read_mode = "r";
+ char const *write_mode = "w";
+@@ -170,6 +174,10 @@ Usage: %s [OPTION]... {script-only-if-no-other-script} [input-file]...\n\
+ #endif
+   fprintf (out, _("  -i[SUFFIX], --in-place[=SUFFIX]\n\
+                  edit files in place (makes backup if SUFFIX supplied)\n"));
++
++  fprintf(out, _("  -c, --copy\n\
++                 use copy instead of rename when shuffling files in -i mode\n"));
++
+ #if O_BINARY
+   fprintf (out, _("  -b, --binary\n\
+                  open files in binary mode (CR+LFs are not" \
+@@ -214,7 +222,7 @@ specified, then the standard input is read.\n\
+ int
+ main (int argc, char **argv)
+ {
+-#define SHORTOPTS "bsnrzuEe:f:l:i::V:"
++#define SHORTOPTS "bcsnrzuEe:f:l:i::V:"
+ 
+   enum { SANDBOX_OPTION = CHAR_MAX+1,
+          DEBUG_OPTION
+@@ -228,6 +236,7 @@ main (int argc, char **argv)
+     {"file", 1, NULL, 'f'},
+     {"in-place", 2, NULL, 'i'},
+     {"line-length", 1, NULL, 'l'},
++    {"copy", 0, NULL, 'c'},
+     {"null-data", 0, NULL, 'z'},
+     {"zero-terminated", 0, NULL, 'z'},
+     {"quiet", 0, NULL, 'n'},
+@@ -306,6 +315,10 @@ main (int argc, char **argv)
+           follow_symlinks = true;
+           break;
+ 
++        case 'c':
++          copy_instead_of_rename = true;
++          break;
++
+         case 'i':
+           separate_files = true;
+           IF_LINT (free (in_place_extension));
+@@ -376,6 +389,11 @@ main (int argc, char **argv)
+         }
+     }
+ 
++  if (copy_instead_of_rename && in_place_extension == NULL)
++    {
++      fprintf (stderr, _("Error: -c used without -i.\n"));
++      usage(4);
++    }
+   if (!the_program)
+     {
+       if (optind < argc)
+diff --git a/sed/sed.h b/sed/sed.h
+index 1c8e83a..0859e72 100644
+--- a/sed/sed.h
++++ b/sed/sed.h
+@@ -236,6 +236,10 @@ extern countT lcmd_out_line_len;
+ /* How do we edit files in-place? (we don't if NULL) */
+ extern char *in_place_extension;
+ 
++/* Do we use copy or rename when in in-place edit mode? (boolean
++   value, non-zero for copy, zero for rename).*/
++extern int copy_instead_of_rename;
++
+ /* The mode to use to read and write files, either "rt"/"w" or "rb"/"wb".  */
+ extern char const *read_mode;
+ extern char const *write_mode;
+diff --git a/sed/utils.c b/sed/utils.c
+index 9576dd1..371d5a9 100644
+--- a/sed/utils.c
++++ b/sed/utils.c
+@@ -25,6 +25,7 @@
+ #include <sys/stat.h>
+ #include <unistd.h>
+ #include <limits.h>
++#include <fcntl.h>
+ 
+ #include "binary-io.h"
+ #include "unlocked-io.h"
+@@ -400,7 +401,92 @@ ck_rename (const char *from, const char *to, const char *unlink_if_fail)
+   panic (_("cannot rename %s: %s"), from, strerror (errno));
+ }
+ 
++/* Downstream -c related functions */
+ 
++/* Panic on failing unlink */
++void
++ck_unlink (const char *name)
++{
++  if (unlink (name) == -1)
++    panic (_("cannot remove %s: %s"), name, strerror (errno));
++}
++
++/* Attempt to unlink denoted file if operation rd failed. */
++static int
++_unlink_if_fail (int rd,const char * unlink_if_fail)
++{
++  if (rd == -1 && unlink_if_fail)
++    {
++      int save_errno = errno;
++      ck_unlink (unlink_if_fail);
++      errno = save_errno;
++    }
++
++  return rd != -1;
++}
++
++/* Copy contents between files. */
++static int
++_copy (from, to)
++  const char *from, *to;
++{
++  static char buf[4096];
++
++  FILE *infile, *outfile;
++  int c, retval = 0;
++  errno = 0;
++
++  infile = fopen (from, "r");
++  if (infile == NULL)
++    return -1;
++
++  outfile = fopen (to, "w");
++  if (outfile == NULL)
++    {
++      fclose (infile);
++      return -1;
++    }
++
++  while (1)
++    {
++      size_t bytes_in = fread (buf, 1, sizeof (buf), infile);
++      size_t bytes_out;
++      if (bytes_in == 0)
++        {
++          if (ferror (infile))
++            retval = -1;
++          break;
++        }
++
++      bytes_out = fwrite (buf, 1, bytes_in, outfile);
++      if (bytes_out != bytes_in)
++        {
++          retval = -1;
++          break;
++        }
++    }
++
++  fclose (outfile);
++  fclose (infile);
++
++  return retval;
++}
++
++/* Attempt to copy file contents between the files. */
++void
++ck_fccopy (const char *from,const char *to, const char *unlink_if_fail)
++{
++   if (!_unlink_if_fail (_copy (from, to), unlink_if_fail))
++   panic (_("cannot copy %s to %s: %s"), from, to, strerror (errno));
++  }
++
++/* Copy contents between files, and then unlink the source. */
++void
++ck_fcmove (const char *from, const char *to,const char *unlink_if_fail)
++{
++   ck_fccopy (from, to, unlink_if_fail);
++    ck_unlink (from);
++}
+ 
+ 
+ /* Implement a variable sized buffer of `stuff'.  We don't know what it is,
+diff --git a/sed/utils.h b/sed/utils.h
+index 47a029e..0aba107 100644
+--- a/sed/utils.h
++++ b/sed/utils.h
+@@ -40,6 +40,8 @@ size_t ck_getdelim (char **text, size_t *buflen, char buffer_delimiter,
+ FILE * ck_mkstemp (char **p_filename, const char *tmpdir, const char *base,
+                    const char *mode) _GL_ARG_NONNULL ((1, 2, 3, 4));
+ void ck_rename (const char *from, const char *to, const char *unlink_if_fail);
++void ck_fccopy (const char *from, const char *to, const char *unlink_if_fail);
++void ck_fcmove (const char *from, const char *to, const char *unlink_if_fail);
+ 
+ void *ck_malloc (size_t size);
+ void *ck_realloc (void *ptr, size_t size);
+-- 
+2.24.1
+

sed.spec

@@ -1,14 +1,16 @@
 Name:	 sed
 Version: 4.8
-Release: 2
+Release: 7
 Summary: non-interactive command-line text editor
 
 License: GPLv3+
 URL:	 https://www.gnu.org/software/sed/
 Source0: http://ftp.gnu.org/gnu/sed/%{name}-%{version}.tar.xz
 
-Patch0:  backport-sed-handle-very-long-execution-lines-tiny-change.patch
-Patch1:  backport-sed-handle-very-long-input-lines-with-R-tiny-change.patch
+Patch1:  backport-sed-handle-very-long-execution-lines-tiny-change.patch
+Patch2:  backport-sed-handle-very-long-input-lines-with-R-tiny-change.patch
+Patch3:  backport-sed-c-flag.patch
+Patch4:  backport-sed-avoid-potential-double-fclose.patch
 
 BuildRequires: gzip automake autoconf gcc
 BuildRequires: glibc-devel libselinux-devel libacl-devel perl-Getopt-Long
@@ -35,6 +37,9 @@ Man pages and other related documents for %{name}.
 %configure --without-included-regex
 make %{?_smp_mflags}
 
+%check
+make check
+
 %install
 %make_install
 %find_lang %{name}
@@ -50,6 +55,24 @@ make %{?_smp_mflags}
 %{_mandir}/man1/*.1.gz
 
 %changelog
+* Thu May 09 2024 lvgenggeng <lvgenggeng@uniontech.com> - 4.8-7
+- backport: backport-sed-avoid-potential-double-fclose.patch
+
+* Sun Apr 23 2023 zhangruifang <zhangruifang1@h-partners.com> - 4.8-6
+- Modify the check based on the spec specifications
+
+* Fri Apr 14 2023 fuanan <fuanan3@h-partners.com> - 4.8-5
+- spec file add make check
+
+* Mon May 16 2022 konglidong <konglidong@uniontech.com> - 4.8-4
+- modify bogus date in %changelog
+
+* Mon Feb 8 2021 yangzhuangzhuang<yangzhuangzhuang1@huawei.com> - 4.8-3
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:backport patches from upstream
+
 * Fri Jan 15 2021 yangzhuangzhuang<yangzhuangzhuang1@huawei.com> - 4.8-2
 - Type:enhancement
 - ID:NA