Disable unescaped slashes in bracket expressions
Resolves: RHEL-92267 Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
This commit is contained in:
Siteshwar Vashisht
parent
8aaece81f3
commit
3ee228b797
40
bash-5.0-glob-disable-slash.patch
Normal file
40
bash-5.0-glob-disable-slash.patch
Normal file
@ -0,0 +1,40 @@
|
||||
diff --git a/pathexp.c b/pathexp.c
|
||||
--- a/pathexp.c
|
||||
+++ b/pathexp.c
|
||||
@@ -58,7 +58,10 @@ int extended_glob = EXTGLOB_DEFAULT;
|
||||
/* Control enabling special handling of `**' */
|
||||
int glob_star = 0;
|
||||
|
||||
-/* Return nonzero if STRING has any unquoted special globbing chars in it. */
|
||||
+/* Return nonzero if STRING has any unquoted special globbing chars in it.
|
||||
+ This is supposed to be called when pathname expansion is performed, so
|
||||
+ it implements the rules in Posix 2.13.3, specifically that an unquoted
|
||||
+ slash cannot appear in a bracket expression. */
|
||||
int
|
||||
unquoted_glob_pattern_p (string)
|
||||
register char *string;
|
||||
@@ -89,6 +92,10 @@ unquoted_glob_pattern_p (string)
|
||||
return (1);
|
||||
continue;
|
||||
|
||||
+ case '/':
|
||||
+ if (open)
|
||||
+ open = 0;
|
||||
+
|
||||
case '+':
|
||||
case '@':
|
||||
case '!':
|
||||
@@ -98,7 +105,12 @@ unquoted_glob_pattern_p (string)
|
||||
|
||||
case CTLESC:
|
||||
case '\\':
|
||||
- if (*string++ == '\0')
|
||||
+ if (open && *string == '/')
|
||||
+ {
|
||||
+ string++; /* quoted slashes in bracket expressions are ok */
|
||||
+ continue;
|
||||
+ }
|
||||
+ else if (*string++ == '\0')
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
Version: %{baseversion}%{patchleveltag}
|
||||
Name: bash
|
||||
Summary: The GNU Bourne Again shell
|
||||
Release: 5%{?dist}
|
||||
Release: 6%{?dist}
|
||||
License: GPLv3+
|
||||
Url: https://www.gnu.org/software/bash
|
||||
Source0: https://ftp.gnu.org/gnu/bash/bash-%{baseversion}.tar.gz
|
||||
@ -120,6 +120,9 @@ Patch139: bash-4.4-fix-buffered_getchar-crash.patch
|
||||
# Enable audit logs
|
||||
Patch140: bash-4.3-audit.patch
|
||||
|
||||
# Disable unescaped slashes in bracket expressions
|
||||
Patch141: bash-5.0-glob-disable-slash.patch
|
||||
|
||||
BuildRequires: texinfo bison
|
||||
BuildRequires: ncurses-devel
|
||||
BuildRequires: autoconf, gettext
|
||||
@ -344,6 +347,10 @@ end
|
||||
%{_libdir}/pkgconfig/%{name}.pc
|
||||
|
||||
%changelog
|
||||
* Thu May 29 2025 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.20-6
|
||||
- Disable unescaped slashes in bracket expressions
|
||||
Resolves: RHEL-92267
|
||||
|
||||
* Fri Feb 09 2024 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.20-5
|
||||
- Restore audit logs in bash-4.3 or newer versions
|
||||
Resolves: RHEL-24990
|
||||
|
||||
Loading…
Reference in New Issue
Block a user