remove special case of allowing writing to the file named ".tex"

git-svn-id: svn://tug.org/texlive/trunk/Build/source@72783 c570f23f-e606-0410-a88d-b1316a301751
TeX-Live · Nov 6, 2024 · f7086a2 · f7086a2
1 parent d889ae4
commit f7086a2
Show file tree

Hide file tree

Showing 5 changed files with 80 additions and 68 deletions.
diff --git a/texk/kpathsea/ChangeLog b/texk/kpathsea/ChangeLog
@@ -1,3 +1,13 @@
+2024-11-06  Karl Berry  <[email protected]>
+
+	* tex-file.c (kpathsea_name_ok): don't allow writing to the
+	filename ".tex". LaTeX 2024-11-01 changes their build process so
+	their .tex file is not created from TeX. Although maybe not
+	technically a security problem, it feels better not to allow it.
+	Report from Nicola Talbot, tlsecurity May 24 13:48:16 CEST 2024.
+	* NEWS: mention this.
+	* doc/kpathsea.texi (Safe filenames): remove doc of special case.
+
 2024-09-25  Karl Berry  <[email protected]>
 
 	* texmf.cnf (shell_escape_commands): add latexminted for minted 3.0,

diff --git a/texk/kpathsea/NEWS b/texk/kpathsea/NEWS
@@ -1,6 +1,10 @@
 $Id$
 This file records noteworthy changes.  (Public domain.)
 
+* A file named ".tex" can no longer be written from TeX; previously this
+  was allowed as a special case.  (The LaTeX 2024-11-01 release changes
+  their build process so as not to write it from TeX.)
+
 6.4.0 (for TeX Live 2024, 10 March 2024)
 * Support an extended check for safe filenames which also allows
   TEXMF[SYS]VAR, for Lua(La)TeX; new functions and corresponding

diff --git a/texk/kpathsea/doc/kpathsea.info b/texk/kpathsea/doc/kpathsea.info
@@ -1,4 +1,4 @@
-This is kpathsea.info, produced by makeinfo version 7.1 from
+This is kpathsea.info, produced by makeinfo version 7.1.1 from
 kpathsea.texi.
 
 This file documents the Kpathsea library for path searching.
@@ -37,7 +37,7 @@ Kpathsea library
 ****************
 
 This manual documents the Kpathsea library for path searching.  It
-corresponds to version 6.4.0, released in January 2024.
+corresponds to version 6.4.0, released in November 2024.
 
 * Menu:
 
@@ -62,7 +62,7 @@ File: kpathsea.info,  Node: Introduction,  Next: unixtex.ftp,  Prev: Top,  Up: T
 **************
 
 This manual corresponds to version 6.4.0 of the Kpathsea library,
-released in January 2024.
+released in November 2024.
 
    The library's fundamental purpose is to return a filename from a list
 of directories specified by the user, similar to what shells do when
@@ -2574,7 +2574,7 @@ to potentially dangerous files is a configuration variable
    • When set to ‘a’ (for "any"), no restrictions are imposed.
 
    • When is set to ‘r’ (for "restricted"), filenames beginning with ‘.’
-     are disallowed (except ‘.tex’, because LaTeX needs it).
+     are disallowed.
 
    • When set to ‘p’ (for "paranoid"), additional restrictions are
      imposed.
@@ -4124,66 +4124,66 @@ Index
 
 
 Tag Table:
-Node: Top1479
-Node: Introduction2261
-Node: History4352
-Node: unixtex.ftp8972
-Node: Security10454
-Node: Global font cache and security13167
-Node: TeX directory structure15158
-Node: Path searching19333
-Node: Searching overview20291
-Node: Path sources24198
-Node: Config files25468
-Node: Path expansion30516
-Node: Default expansion31485
-Node: Variable expansion33607
-Node: Tilde expansion35076
-Node: Brace expansion36124
-Node: KPSE_DOT expansion37119
-Node: Subdirectory expansion37644
-Node: Casefolding search40084
-Node: Casefolding rationale40861
-Node: Casefolding examples42219
-Node: Filename database47441
-Node: ls-R48455
-Node: Filename aliases52327
-Node: Database format53569
-Node: Invoking kpsewhich54618
-Node: Path searching options55601
-Node: Specially-recognized files65603
-Node: Auxiliary tasks67078
-Node: Standard options71222
-Node: TeX support71590
-Node: Supported file formats72948
-Node: File lookup81699
-Node: Glyph lookup83504
-Node: Basic glyph lookup84652
-Node: Fontmap85560
-Node: Fallback font88168
-Node: Suppressing warnings89104
-Node: mktex scripts90267
-Node: mktex configuration91510
-Node: mktex script names97603
-Node: mktex script arguments99286
-Node: Programming100201
-Node: Programming overview100844
-Node: Calling sequence103755
-Node: Safe filenames109092
-Ref: openout_any109251
-Node: Program-specific files113104
-Node: Programming with config files114157
-Node: Reporting bugs115804
-Node: Bug checklist116482
-Node: Mailing lists120039
-Node: Debugging120716
-Node: Logging125973
-Node: Common problems127880
-Node: Unable to find files128357
-Node: Slow path searching130813
-Node: Unable to generate fonts132208
-Node: TeX or Metafont failing134744
-Node: Index135946
+Node: Top1481
+Node: Introduction2264
+Node: History4356
+Node: unixtex.ftp8976
+Node: Security10458
+Node: Global font cache and security13171
+Node: TeX directory structure15162
+Node: Path searching19337
+Node: Searching overview20295
+Node: Path sources24202
+Node: Config files25472
+Node: Path expansion30520
+Node: Default expansion31489
+Node: Variable expansion33611
+Node: Tilde expansion35080
+Node: Brace expansion36128
+Node: KPSE_DOT expansion37123
+Node: Subdirectory expansion37648
+Node: Casefolding search40088
+Node: Casefolding rationale40865
+Node: Casefolding examples42223
+Node: Filename database47445
+Node: ls-R48459
+Node: Filename aliases52331
+Node: Database format53573
+Node: Invoking kpsewhich54622
+Node: Path searching options55605
+Node: Specially-recognized files65607
+Node: Auxiliary tasks67082
+Node: Standard options71226
+Node: TeX support71594
+Node: Supported file formats72952
+Node: File lookup81703
+Node: Glyph lookup83508
+Node: Basic glyph lookup84656
+Node: Fontmap85564
+Node: Fallback font88172
+Node: Suppressing warnings89108
+Node: mktex scripts90271
+Node: mktex configuration91514
+Node: mktex script names97607
+Node: mktex script arguments99290
+Node: Programming100205
+Node: Programming overview100848
+Node: Calling sequence103759
+Node: Safe filenames109096
+Ref: openout_any109255
+Node: Program-specific files113064
+Node: Programming with config files114117
+Node: Reporting bugs115764
+Node: Bug checklist116442
+Node: Mailing lists119999
+Node: Debugging120676
+Node: Logging125933
+Node: Common problems127840
+Node: Unable to find files128317
+Node: Slow path searching130773
+Node: Unable to generate fonts132168
+Node: TeX or Metafont failing134704
+Node: Index135906
 
 End Tag Table
 

diff --git a/texk/kpathsea/doc/kpathsea.texi b/texk/kpathsea/doc/kpathsea.texi
@@ -3,7 +3,7 @@
 @settitle Kpathsea: A library for path searching
 
 @set version 6.4.0
-@set month-year January 2024
+@set month-year November 2024
 
 @copying
 This file documents the Kpathsea library for path searching.
@@ -3386,8 +3386,7 @@ When set to @samp{a} (for ``any''), no restrictions are imposed.
 @item
 @cindex restricted mode, for output files
 When is set to @samp{r} (for ``restricted''), filenames beginning
-with @samp{.} are disallowed (except @file{.tex}, because @LaTeX{}
-needs it).
+with @samp{.} are disallowed.
 
 @item
 @cindex paranoid mode, for output files

diff --git a/texk/kpathsea/tex-file.c b/texk/kpathsea/tex-file.c
@@ -1277,7 +1277,6 @@ kpathsea_name_ok (kpathsea kpse, const_string fname, const_string check_var,
       if ((q == fname || IS_DIR_SEP (*(q - 1))) /* start or / precedes dot? */
           && !IS_DIR_SEP (*(q + 1))             /* ok if /./                */
           && !(*(q + 1) == '.' && IS_DIR_SEP (*(q + 2))) /* ok if /../      */
-          && !STREQ (q, ".tex")                 /* specially allow .tex     */
           && !(extended && kpathsea_absolute_p (kpse, expanded_fname, false))
                /* Don't quit if EXTENDED and the input is absolute,
                   because we want to allow TEXMFVAR=~/.texliveYYYY.  This