Hi,
patch accepts arbitrary ed commands after encountering s. The s
ed command does not expect any further input, which makes it a one line
command like d. Yet, patch sends any lines until . unchecked to ed
through its pipe, allowing command execution.
Example:
$ ls
ed.diff
$ cat ed.diff
0a
On Sat, Dec 13, 2014 at 10:57:42AM -0500, Daniel Dickman wrote:
- (*t == 'a' || *t == 'c' || *t == 'd' || *t == 'i' || *t
== 's')) {
+ strchr(acdis, *t) != NULL) {
doesn't this change the semantics slightly? i haven't looked at the
context beyond
