Patch and explanation taken from bsdimp:
https://bsdimp.blogspot.com/2020/08/a-35-year-old-bug-in-patch-found-in.htmlhttps://svnweb.freebsd.org/base?view=revision&revision=364291
Every version of patch since the first one posted to mod.sources in 1985 have
included a heuristic for coping with the state of email messaging at the
time. This heuristic would add up to 4 blank lines to a patch if it thought it
needed it. The trouble is, though this causes at least one bug.
The bug in my case is that if you have a context diff whose last hunk only
deletes 3 or fewer lines, then if you try to reverse apply it with -R, it will
fail. The reason for this is the heuristic builds an internal representation
that includes those blank lines. However, it should really replicate the lines
from the pattern lines line it would any other time, not assume they are blank
lines. Removing this heuristic will prevent patch from misapplying the lines
removed after applying a 'fuzz' factor to the previous blank line in the file. I
believe this will only affect 'new-style' 4.3BSD context diffs and not the
older-style 4.2BSD diffs and plain, non-context diffs. It won't affect any of
the newer formats, since they don't use the 'omitted' construct in the same way.
Since this heuristic was put into patch at a time when email / etc ate trailing
white space on a regular basis, and since it's clear that this heuristic is the
wrong thing to do at least some of the time, it's better to remove it
entirely. It's not been needed for maybe 20 years since patch files are not
usually corrupted. If there are a small number of patch files that would benefit
from this corruption fixing, those already-currupt patches can be fixed by the
addition of blank lines. I'd wager that no one will ever come to me with an
example of a once-working patch file that breaks with this change. However, I
have 2 patches from the first 195 patches to 2.11BSD that are affected by this
bug, suggesting that the relative frequency of the issue has changed
signficantly since the original heuristic was put into place.
Substitution commands might contain a newline in the replacement pattern
(escaped with a backslash before it), causing patch's understanding of
the state the ed child process is in to diverge from reality. This can
lead to patch unwillingly feeding '!' (execute shell command) lines to
ed. Finding out how to do this is left as an exercise to the reader.
XXX: pullup-7
that require rcs command execution instead system(3) to avoid malicious
filenames in patches causing bad things to happen. In the process, lose SCCS
support. It is not like we are shipping sccs commands for that to work.
Major changes are:
- better detection of double applied patches
- rejects remain unified diffs for unified patches
- far less limitations, e.g. patch lines may be arbitrary long
This addresses PR standards/11220 by changing patch -b behavior to be
POSIX compliant. Old behavior can be obtained using --suffix, which
works since NetBSD 1.4. pkgsrc has been adjusted accordingly.
temprorary directory. Previously, fputs was used without checking the
return value, leading to silent truncation when the temporary
filesystem was full (such as can easily happen when migrating to
tmpfs).