From 498f26e49c642eb425188192a7700585f2a8ccf0 Mon Sep 17 00:00:00 2001 From: Siteshwar Vashisht Date: Fri, 6 Jan 2017 14:41:12 +0100 Subject: [PATCH] Rebase to bash-4.4 Resolves: #1376609 --- .gitignore | 1 + bash-2.05a-interpreter.patch | 65 +++---- bash-2.05b-readline-oom.patch | 11 -- bash-4.2-cve-2014-7169-1.patch | 155 ---------------- bash-4.2-cve-2014-7169-2.patch | 83 --------- bash-4.2-rc2-logout.patch | 27 +-- bash-4.3-cve-2016-0634.patch | 105 ----------- bash-4.3-man-ulimit.patch | 17 +- bash-4.3-noecho.patch | 25 ++- bash-4.3-old-memleak.patch | 24 --- bash-4.3-pathexp-globignore-delim.patch | 15 -- bash-4.3-select-readonly.patch | 12 -- bash-4.4-cve-2016-7543.patch | 29 --- bash-4.4-no-loadable-builtins.patch | 15 ++ bash-bashbug.patch | 40 +++-- bash-infotags.patch | 24 ++- bash-requires.patch | 142 ++++++++------- bash-tilda-race-condition.patch | 44 ----- bash-tty-tests.patch | 39 ++-- bash.spec | 217 ++++++----------------- bash43-001 | 58 ------ bash43-002 | 62 ------- bash43-003 | 48 ----- bash43-004 | 47 ----- bash43-005 | 63 ------- bash43-006 | 48 ----- bash43-007 | 50 ------ bash43-008 | 188 -------------------- bash43-009 | 64 ------- bash43-010 | 157 ----------------- bash43-011 | 49 ------ bash43-012 | 43 ----- bash43-013 | 66 ------- bash43-014 | 102 ----------- bash43-015 | 58 ------ bash43-016 | 132 -------------- bash43-017 | 51 ------ bash43-018 | 44 ----- bash43-019 | 84 --------- bash43-020 | 110 ------------ bash43-021 | 52 ------ bash43-022 | 56 ------ bash43-023 | 104 ----------- bash43-024 | 54 ------ bash43-025 | 123 ------------- bash43-026 | 60 ------- bash43-029 | 59 ------- bash43-030 | 132 -------------- bash43-031 | 112 ------------ bash43-032 | 51 ------ bash43-033 | 225 ------------------------ bash43-034 | 90 ---------- bash43-035 | 63 ------- bash43-036 | 57 ------ bash43-037 | 43 ----- bash43-038 | 88 --------- bash43-039 | 57 ------ bash43-040 | 47 ----- bash43-041 | 72 -------- bash43-042 | 55 ------ bash43-043 | 59 ------- sources | 2 +- 62 files changed, 272 insertions(+), 4003 deletions(-) delete mode 100644 bash-2.05b-readline-oom.patch delete mode 100644 bash-4.2-cve-2014-7169-1.patch delete mode 100644 bash-4.2-cve-2014-7169-2.patch delete mode 100644 bash-4.3-cve-2016-0634.patch delete mode 100644 bash-4.3-old-memleak.patch delete mode 100644 bash-4.3-pathexp-globignore-delim.patch delete mode 100644 bash-4.3-select-readonly.patch delete mode 100644 bash-4.4-cve-2016-7543.patch create mode 100644 bash-4.4-no-loadable-builtins.patch delete mode 100644 bash-tilda-race-condition.patch delete mode 100644 bash43-001 delete mode 100644 bash43-002 delete mode 100644 bash43-003 delete mode 100644 bash43-004 delete mode 100644 bash43-005 delete mode 100644 bash43-006 delete mode 100644 bash43-007 delete mode 100644 bash43-008 delete mode 100644 bash43-009 delete mode 100644 bash43-010 delete mode 100644 bash43-011 delete mode 100644 bash43-012 delete mode 100644 bash43-013 delete mode 100644 bash43-014 delete mode 100644 bash43-015 delete mode 100644 bash43-016 delete mode 100644 bash43-017 delete mode 100644 bash43-018 delete mode 100644 bash43-019 delete mode 100644 bash43-020 delete mode 100644 bash43-021 delete mode 100644 bash43-022 delete mode 100644 bash43-023 delete mode 100644 bash43-024 delete mode 100644 bash43-025 delete mode 100644 bash43-026 delete mode 100644 bash43-029 delete mode 100644 bash43-030 delete mode 100644 bash43-031 delete mode 100644 bash43-032 delete mode 100644 bash43-033 delete mode 100644 bash43-034 delete mode 100644 bash43-035 delete mode 100644 bash43-036 delete mode 100644 bash43-037 delete mode 100644 bash43-038 delete mode 100644 bash43-039 delete mode 100644 bash43-040 delete mode 100644 bash43-041 delete mode 100644 bash43-042 delete mode 100644 bash43-043 diff --git a/.gitignore b/.gitignore index 8cc6f04..8222bbf 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ bash-4.1.tar.gz /bash-4.2-rc2.tar.gz /bash-4.2.tar.gz /bash-4.3.tar.gz +/bash-4.4.tar.gz diff --git a/bash-2.05a-interpreter.patch b/bash-2.05a-interpreter.patch index b9f0da2..ca497c4 100644 --- a/bash-2.05a-interpreter.patch +++ b/bash-2.05a-interpreter.patch @@ -1,9 +1,10 @@ -diff -up bash-4.2-rc2/config.h.in.interpreter bash-4.2-rc2/config.h.in ---- bash-4.2-rc2/config.h.in.interpreter 2011-02-09 07:59:21.000000000 +0100 -+++ bash-4.2-rc2/config.h.in 2011-02-09 07:59:21.000000000 +0100 -@@ -706,6 +706,9 @@ - /* Define if you have the pathconf function. */ - #undef HAVE_PATHCONF +diff --git a/config.h.in b/config.h.in +index a5ad9e7..62a6b32 100644 +--- a/config.h.in ++++ b/config.h.in +@@ -748,6 +748,9 @@ + /* Define if you have the pselect function. */ + #undef HAVE_PSELECT +/* Define if you have the pread function. */ +#undef HAVE_PREAD @@ -11,7 +12,7 @@ diff -up bash-4.2-rc2/config.h.in.interpreter bash-4.2-rc2/config.h.in /* Define if you have the putenv function. */ #undef HAVE_PUTENV -@@ -898,6 +901,9 @@ +@@ -946,6 +949,9 @@ /* Define if you have the header file. */ #undef HAVE_DLFCN_H @@ -21,30 +22,32 @@ diff -up bash-4.2-rc2/config.h.in.interpreter bash-4.2-rc2/config.h.in /* Define if you have the header file. */ #undef HAVE_GRP_H -diff -up bash-4.2-rc2/configure.in.interpreter bash-4.2-rc2/configure.in ---- bash-4.2-rc2/configure.in.interpreter 2011-01-16 21:31:12.000000000 +0100 -+++ bash-4.2-rc2/configure.ac 2011-02-09 08:02:27.000000000 +0100 -@@ -659,7 +659,7 @@ BASH_HEADER_INTTYPES +diff --git a/configure.ac b/configure.ac +index ce4e9b6..eda95d6 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -700,7 +700,7 @@ BASH_HEADER_INTTYPES AC_CHECK_HEADERS(unistd.h stdlib.h stdarg.h varargs.h limits.h string.h \ memory.h locale.h termcap.h termio.h termios.h dlfcn.h \ stdbool.h stddef.h stdint.h netdb.h pwd.h grp.h strings.h \ - regex.h syslog.h ulimit.h) + regex.h syslog.h ulimit.h elf.h) - AC_CHECK_HEADERS(sys/pte.h sys/stream.h sys/select.h sys/file.h \ - sys/resource.h sys/param.h sys/socket.h sys/stat.h \ + AC_CHECK_HEADERS(sys/pte.h sys/stream.h sys/select.h sys/file.h sys/ioctl.h \ + sys/param.h sys/socket.h sys/stat.h \ sys/time.h sys/times.h sys/types.h sys/wait.h) -@@ -723,7 +723,7 @@ dnl checks for system calls +@@ -771,7 +771,7 @@ dnl checks for system calls AC_CHECK_FUNCS(dup2 eaccess fcntl getdtablesize getgroups gethostname \ getpagesize getpeername getrlimit getrusage gettimeofday \ - kill killpg lstat readlink sbrk select setdtablesize \ + kill killpg lstat pselect readlink sbrk select setdtablesize \ - setitimer tcgetpgrp uname ulimit waitpid) + setitimer tcgetpgrp uname ulimit waitpid pread) AC_REPLACE_FUNCS(rename) dnl checks for c library functions -diff -up bash-4.2-rc2/execute_cmd.c.interpreter bash-4.2-rc2/execute_cmd.c ---- bash-4.2-rc2/execute_cmd.c.interpreter 2011-01-20 04:24:47.000000000 +0100 -+++ bash-4.2-rc2/execute_cmd.c 2011-02-09 07:59:21.000000000 +0100 +diff --git a/execute_cmd.c b/execute_cmd.c +index 2a3df6d..b5cd405 100644 +--- a/execute_cmd.c ++++ b/execute_cmd.c @@ -41,6 +41,10 @@ # include #endif @@ -56,31 +59,30 @@ diff -up bash-4.2-rc2/execute_cmd.c.interpreter bash-4.2-rc2/execute_cmd.c #include "posixtime.h" #if defined (HAVE_SYS_RESOURCE_H) && !defined (RLIMTYPE) -@@ -4975,14 +4979,22 @@ shell_execve (command, args, env) +@@ -5486,6 +5490,14 @@ shell_execve (command, args, env) { /* The file has the execute bits set, but the kernel refuses to run it for some reason. See why. */ +#if defined (HAVE_HASH_BANG_EXEC) || defined (HAVE_ELF_H) -+ int fd = open (command, O_RDONLY); ++ int fd = open (command, O_RDONLY); + -+ if (fd >= 0) -+ sample_len = read (fd, sample, sizeof (sample)); -+ else -+ sample_len = -1; ++ if (fd >= 0) ++ sample_len = read (fd, sample, sizeof (sample)); ++ else ++ sample_len = -1; +#endif #if defined (HAVE_HASH_BANG_EXEC) -- READ_SAMPLE_BUF (command, sample, sample_len); - sample[sample_len - 1] = '\0'; - if (sample_len > 2 && sample[0] == '#' && sample[1] == '!') - { + READ_SAMPLE_BUF (command, sample, sample_len); + if (sample_len > 0) +@@ -5495,6 +5507,7 @@ shell_execve (command, args, env) char *interp; int ilen; -+ close (fd); ++ close (fd); interp = getinterp (sample, sample_len, (int *)NULL); ilen = strlen (interp); errno = i; -@@ -4997,6 +5009,136 @@ shell_execve (command, args, env) +@@ -5510,6 +5523,136 @@ shell_execve (command, args, env) return (EX_NOEXEC); } #endif @@ -217,3 +219,6 @@ diff -up bash-4.2-rc2/execute_cmd.c.interpreter bash-4.2-rc2/execute_cmd.c errno = i; file_error (command); } +-- +2.9.3 + diff --git a/bash-2.05b-readline-oom.patch b/bash-2.05b-readline-oom.patch deleted file mode 100644 index f25d780..0000000 --- a/bash-2.05b-readline-oom.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- bash-2.05b/lib/readline/readline.c.oom 2002-03-13 23:10:46.000000000 +0100 -+++ bash-2.05b/lib/readline/readline.c 2002-08-07 12:02:04.000000000 +0200 -@@ -817,7 +817,7 @@ - /* Special case rl_do_lowercase_version (). */ - if (func == rl_do_lowercase_version) - /* Should we do anything special if key == ANYOTHERKEY? */ -- return (_rl_dispatch (_rl_to_lower (key), map)); -+ return (_rl_dispatch (_rl_to_lower ((unsigned char)key), map)); - - rl_executing_keymap = map; - rl_executing_key = key; diff --git a/bash-4.2-cve-2014-7169-1.patch b/bash-4.2-cve-2014-7169-1.patch deleted file mode 100644 index 77c6616..0000000 --- a/bash-4.2-cve-2014-7169-1.patch +++ /dev/null @@ -1,155 +0,0 @@ ---- ../bash-4.2-orig/variables.c 2014-09-25 13:07:59.313209541 +0200 -+++ variables.c 2014-09-25 13:15:29.869420719 +0200 -@@ -268,7 +268,7 @@ - static void propagate_temp_var __P((PTR_T)); - static void dispose_temporary_env __P((sh_free_func_t *)); - --static inline char *mk_env_string __P((const char *, const char *)); -+static inline char *mk_env_string __P((const char *, const char *, int)); - static char **make_env_array_from_var_list __P((SHELL_VAR **)); - static char **make_var_export_array __P((VAR_CONTEXT *)); - static char **make_func_export_array __P((void)); -@@ -301,6 +301,14 @@ - #endif - } - -+/* Prefix and suffix for environment variable names which contain -+ shell functions. */ -+#define FUNCDEF_PREFIX "BASH_FUNC_" -+#define FUNCDEF_PREFIX_LEN (strlen (FUNCDEF_PREFIX)) -+#define FUNCDEF_SUFFIX "()" -+#define FUNCDEF_SUFFIX_LEN (strlen (FUNCDEF_SUFFIX)) -+ -+ - /* Initialize the shell variables from the current environment. - If PRIVMODE is nonzero, don't import functions from ENV or - parse $SHELLOPTS. */ -@@ -338,36 +346,48 @@ - - /* If exported function, define it now. Don't import functions from - the environment in privileged mode. */ -- if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) -- { -- string_length = strlen (string); -- temp_string = (char *)xmalloc (3 + string_length + char_index); -+ if (privmode == 0 && read_but_dont_execute == 0 -+ && STREQN (FUNCDEF_PREFIX, name, FUNCDEF_PREFIX_LEN) -+ && STREQ (name + char_index - FUNCDEF_SUFFIX_LEN, FUNCDEF_SUFFIX) -+ && STREQN ("() {", string, 4)) -+ { -+ size_t name_length -+ = char_index - (FUNCDEF_PREFIX_LEN + FUNCDEF_SUFFIX_LEN); -+ char *temp_name = name + FUNCDEF_PREFIX_LEN; -+ /* Temporarily remove the suffix. */ -+ temp_name[name_length] = '\0'; - -- strcpy (temp_string, name); -- temp_string[char_index] = ' '; -- strcpy (temp_string + char_index + 1, string); -+ string_length = strlen (string); -+ temp_string = (char *)xmalloc (name_length + 1 + string_length + 1); -+ memcpy (temp_string, temp_name, name_length); -+ temp_string[name_length] = ' '; -+ memcpy (temp_string + name_length + 1, string, string_length + 1); - - /* Don't import function names that are invalid identifiers from the - environment, though we still allow them to be defined as shell - variables. */ -- if (legal_identifier (name)) -- parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); -+ if (legal_identifier (temp_name)) -+ parse_and_execute (temp_string, temp_name, -+ SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); - -- if (temp_var = find_function (name)) -+ if (temp_var = find_function (temp_name)) - { - VSETATTR (temp_var, (att_exported|att_imported)); - array_needs_making = 1; - } - else - { - if (temp_var = bind_variable (name, string, 0)) - { - VSETATTR (temp_var, (att_exported | att_imported | att_invisible)); - array_needs_making = 1; - } - last_command_exit_value = 1; - report_error (_("error importing function definition for `%s'"), name); - } -+ -+ /* Restore the original suffix. */ -+ temp_name[name_length] = FUNCDEF_SUFFIX[0]; - } - #if defined (ARRAY_VARS) - # if ARRAY_EXPORT -@@ -2537,7 +2557,7 @@ - var->context = variable_context; /* XXX */ - - INVALIDATE_EXPORTSTR (var); -- var->exportstr = mk_env_string (name, value); -+ var->exportstr = mk_env_string (name, value, 0); - - array_needs_making = 1; - -@@ -3388,22 +3408,43 @@ - /* */ - /* **************************************************************** */ - -+/* Returns the string NAME=VALUE if !FUNCTIONP or if VALUE == NULL (in -+ which case it is treated as empty). Otherwise, decorate NAME with -+ FUNCDEF_PREFIX and FUNCDEF_SUFFIX, and return a string of the form -+ FUNCDEF_PREFIX NAME FUNCDEF_SUFFIX = VALUE (without spaces). */ - static inline char * --mk_env_string (name, value) -+mk_env_string (name, value, functionp) - const char *name, *value; -+ int functionp; - { -- int name_len, value_len; -- char *p; -+ size_t name_len, value_len; -+ char *p, *q; - - name_len = strlen (name); - value_len = STRLEN (value); -- p = (char *)xmalloc (2 + name_len + value_len); -- strcpy (p, name); -- p[name_len] = '='; -+ if (functionp && value != NULL) -+ { -+ p = (char *)xmalloc (FUNCDEF_PREFIX_LEN + name_len + FUNCDEF_SUFFIX_LEN -+ + 1 + value_len + 1); -+ q = p; -+ memcpy (q, FUNCDEF_PREFIX, FUNCDEF_PREFIX_LEN); -+ q += FUNCDEF_PREFIX_LEN; -+ memcpy (q, name, name_len); -+ q += name_len; -+ memcpy (q, FUNCDEF_SUFFIX, FUNCDEF_SUFFIX_LEN); -+ q += FUNCDEF_SUFFIX_LEN; -+ } -+ else -+ { -+ p = (char *)xmalloc (name_len + 1 + value_len + 1); -+ memcpy (p, name, name_len); -+ q = p + name_len; -+ } -+ q[0] = '='; - if (value && *value) -- strcpy (p + name_len + 1, value); -+ memcpy (q + 1, value, value_len + 1); - else -- p[name_len + 1] = '\0'; -+ q[1] = '\0'; - return (p); - } - -@@ -3489,7 +3530,7 @@ - /* Gee, I'd like to get away with not using savestring() if we're - using the cached exportstr... */ - list[list_index] = USE_EXPORTSTR ? savestring (value) -- : mk_env_string (var->name, value); -+ : mk_env_string (var->name, value, function_p (var)); - - if (USE_EXPORTSTR == 0) - SAVE_EXPORTSTR (var, list[list_index]); diff --git a/bash-4.2-cve-2014-7169-2.patch b/bash-4.2-cve-2014-7169-2.patch deleted file mode 100644 index 3da05bb..0000000 --- a/bash-4.2-cve-2014-7169-2.patch +++ /dev/null @@ -1,83 +0,0 @@ ---- ../bash-4.2-orig/parse.y 2014-09-25 13:07:59.218209276 +0200 -+++ parse.y 2014-09-25 15:26:52.813159810 +0200 -@@ -264,9 +264,21 @@ - - /* Variables to manage the task of reading here documents, because we need to - defer the reading until after a complete command has been collected. */ --static REDIRECT *redir_stack[10]; -+static REDIRECT **redir_stack; - int need_here_doc; - -+/* Pushes REDIR onto redir_stack, resizing it as needed. */ -+static void -+push_redir_stack (REDIRECT *redir) -+{ -+ /* Guard against oveflow. */ -+ if (need_here_doc + 1 > INT_MAX / sizeof (*redir_stack)) -+ abort (); -+ redir_stack = xrealloc (redir_stack, -+ (need_here_doc + 1) * sizeof (*redir_stack)); -+ redir_stack[need_here_doc++] = redir; -+} -+ - /* Where shell input comes from. History expansion is performed on each - line when the shell is interactive. */ - static char *shell_input_line = (char *)NULL; -@@ -519,42 +531,42 @@ - source.dest = 0; - redir.filename = $2; - $$ = make_redirection (source, r_reading_until, redir, 0); -- redir_stack[need_here_doc++] = $$; -+ push_redir_stack ($$); - } - | NUMBER LESS_LESS WORD - { - source.dest = $1; - redir.filename = $3; - $$ = make_redirection (source, r_reading_until, redir, 0); -- redir_stack[need_here_doc++] = $$; -+ push_redir_stack ($$); - } - | REDIR_WORD LESS_LESS WORD - { - source.filename = $1; - redir.filename = $3; - $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); -- redir_stack[need_here_doc++] = $$; -+ push_redir_stack ($$); - } - | LESS_LESS_MINUS WORD - { - source.dest = 0; - redir.filename = $2; - $$ = make_redirection (source, r_deblank_reading_until, redir, 0); -- redir_stack[need_here_doc++] = $$; -+ push_redir_stack ($$); - } - | NUMBER LESS_LESS_MINUS WORD - { - source.dest = $1; - redir.filename = $3; - $$ = make_redirection (source, r_deblank_reading_until, redir, 0); -- redir_stack[need_here_doc++] = $$; -+ push_redir_stack ($$); - } - | REDIR_WORD LESS_LESS_MINUS WORD - { - source.filename = $1; - redir.filename = $3; - $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); -- redir_stack[need_here_doc++] = $$; -+ push_redir_stack ($$); - } - | LESS_LESS_LESS WORD - { -@@ -4757,7 +4769,7 @@ - case CASE: - case SELECT: - case FOR: -- if (word_top < MAX_CASE_NEST) -+ if (word_top + 1 < MAX_CASE_NEST) - word_top++; - word_lineno[word_top] = line_number; - break; diff --git a/bash-4.2-rc2-logout.patch b/bash-4.2-rc2-logout.patch index 5aff01a..f63c8b6 100644 --- a/bash-4.2-rc2-logout.patch +++ b/bash-4.2-rc2-logout.patch @@ -1,7 +1,8 @@ -diff -up bash-3.2/config-top.h.logout bash-3.2/config-top.h ---- bash-3.2/config-top.h.logout 2011-04-14 08:55:55.000000000 +0200 -+++ bash-3.2/config-top.h 2011-04-14 08:55:55.000000000 +0200 -@@ -78,7 +78,7 @@ +diff --git a/config-top.h b/config-top.h +index 026d4a4..cb0e002 100644 +--- a/config-top.h ++++ b/config-top.h +@@ -92,7 +92,7 @@ /* #define SYS_BASHRC "/etc/bash.bashrc" */ /* System-wide .bash_logout for login shells. */ @@ -10,12 +11,13 @@ diff -up bash-3.2/config-top.h.logout bash-3.2/config-top.h /* Define this to make non-interactive shells begun with argv[0][0] == '-' run the startup files when not in posix mode. */ -diff -up bash-3.2/doc/bash.1.logout bash-3.2/doc/bash.1 ---- bash-3.2/doc/bash.1.logout 2011-04-14 09:16:32.000000000 +0200 -+++ bash-3.2/doc/bash.1 2011-04-14 11:59:33.000000000 +0200 -@@ -326,8 +326,8 @@ option may be used when the shell is sta - .PP - When a login shell exits, +diff --git a/doc/bash.1 b/doc/bash.1 +index 04ce845..bfde55e 100644 +--- a/doc/bash.1 ++++ b/doc/bash.1 +@@ -335,8 +335,8 @@ option may be used when the shell is started to inhibit this behavior. + When an interactive login shell exits, + or a non-interactive login shell executes the \fBexit\fP builtin command, .B bash -reads and executes commands from the file \fI~/.bash_logout\fP, if it -exists. @@ -24,7 +26,7 @@ diff -up bash-3.2/doc/bash.1.logout bash-3.2/doc/bash.1 .PP When an interactive shell that is not a login shell is started, .B bash -@@ -8814,6 +8814,9 @@ The \fBbash\fP executable +@@ -10558,6 +10558,9 @@ The \fBbash\fP executable .FN /etc/profile The systemwide initialization file, executed for login shells .TP @@ -34,3 +36,6 @@ diff -up bash-3.2/doc/bash.1.logout bash-3.2/doc/bash.1 .FN ~/.bash_profile The personal initialization file, executed for login shells .TP +-- +2.9.3 + diff --git a/bash-4.3-cve-2016-0634.patch b/bash-4.3-cve-2016-0634.patch deleted file mode 100644 index e71931a..0000000 --- a/bash-4.3-cve-2016-0634.patch +++ /dev/null @@ -1,105 +0,0 @@ -From f9dc7ff03a5b63d20ce473c1172e29b736dbea28 Mon Sep 17 00:00:00 2001 -From: "David Kaspar [Dee'Kej]" -Date: Wed, 21 Sep 2016 16:51:08 +0200 -Subject: [PATCH] CVE-2016-0634: upstream patch imported - ---- - parse.y | 20 ++++++++++++++++---- - y.tab.c | 20 ++++++++++++++++---- - 2 files changed, 32 insertions(+), 8 deletions(-) - -diff --git a/parse.y b/parse.y -index 0a7fcaa..5676ad7 100644 ---- a/parse.y -+++ b/parse.y -@@ -5252,7 +5252,7 @@ decode_prompt_string (string) - #if defined (PROMPT_STRING_DECODE) - int result_size, result_index; - int c, n, i; -- char *temp, octal_string[4]; -+ char *temp, *t_host, octal_string[4]; - struct tm *tm; - time_t the_time; - char timebuf[128]; -@@ -5400,7 +5400,11 @@ decode_prompt_string (string) - - case 's': - temp = base_pathname (shell_name); -- temp = savestring (temp); -+ /* Try to quote anything the user can set in the file system */ -+ if (promptvars || posixly_correct) -+ temp = sh_backslash_quote_for_double_quotes (temp); -+ else -+ temp = savestring (temp); - goto add_string; - - case 'v': -@@ -5490,9 +5494,17 @@ decode_prompt_string (string) - - case 'h': - case 'H': -- temp = savestring (current_host_name); -- if (c == 'h' && (t = (char *)strchr (temp, '.'))) -+ t_host = savestring (current_host_name); -+ if (c == 'h' && (t = (char *)strchr (t_host, '.'))) - *t = '\0'; -+ if (promptvars || posixly_correct) -+ /* Make sure that expand_prompt_string is called with a -+ second argument of Q_DOUBLE_QUOTES if we use this -+ function here. */ -+ temp = sh_backslash_quote_for_double_quotes (t_host); -+ else -+ temp = savestring (t_host); -+ free (t_host); - goto add_string; - - case '#': -diff --git a/y.tab.c b/y.tab.c -index 793daf6..726d0de 100644 ---- a/y.tab.c -+++ b/y.tab.c -@@ -7540,7 +7540,7 @@ decode_prompt_string (string) - #if defined (PROMPT_STRING_DECODE) - int result_size, result_index; - int c, n, i; -- char *temp, octal_string[4]; -+ char *temp, *t_host, octal_string[4]; - struct tm *tm; - time_t the_time; - char timebuf[128]; -@@ -7688,7 +7688,11 @@ decode_prompt_string (string) - - case 's': - temp = base_pathname (shell_name); -- temp = savestring (temp); -+ /* Try to quote anything the user can set in the file system */ -+ if (promptvars || posixly_correct) -+ temp = sh_backslash_quote_for_double_quotes (temp); -+ else -+ temp = savestring (temp); - goto add_string; - - case 'v': -@@ -7778,9 +7782,17 @@ decode_prompt_string (string) - - case 'h': - case 'H': -- temp = savestring (current_host_name); -- if (c == 'h' && (t = (char *)strchr (temp, '.'))) -+ t_host = savestring (current_host_name); -+ if (c == 'h' && (t = (char *)strchr (t_host, '.'))) - *t = '\0'; -+ if (promptvars || posixly_correct) -+ /* Make sure that expand_prompt_string is called with a -+ second argument of Q_DOUBLE_QUOTES if we use this -+ function here. */ -+ temp = sh_backslash_quote_for_double_quotes (t_host); -+ else -+ temp = savestring (t_host); -+ free (t_host); - goto add_string; - - case '#': --- -2.7.4 - diff --git a/bash-4.3-man-ulimit.patch b/bash-4.3-man-ulimit.patch index fdba544..0c3fa0a 100644 --- a/bash-4.3-man-ulimit.patch +++ b/bash-4.3-man-ulimit.patch @@ -1,18 +1,9 @@ -From ccd35766d2451677f4c49f66b8e18ad6e274d56a Mon Sep 17 00:00:00 2001 -From: Jan Chaloupka -Date: Mon, 7 Jul 2014 07:15:41 +0200 -Subject: [PATCH] bash.1: posix block size for cf options - ---- - doc/bash.1 | 1 + - 1 file changed, 1 insertion(+) - diff --git a/doc/bash.1 b/doc/bash.1 -index a4ad746..1916515 100644 +index 6e8aebb..e846e68 100644 --- a/doc/bash.1 +++ b/doc/bash.1 -@@ -9451,6 +9451,7 @@ and - which are unscaled values. +@@ -10333,6 +10333,7 @@ and + which are in 512-byte increments. The return status is 0 unless an invalid option or argument is supplied, or an error occurs while setting a new limit. +In POSIX Mode 512-byte blocks are used for the `-c' and `-f' options. @@ -20,5 +11,5 @@ index a4ad746..1916515 100644 .TP \fBumask\fP [\fB\-p\fP] [\fB\-S\fP] [\fImode\fP] -- -1.9.3 +2.9.3 diff --git a/bash-4.3-noecho.patch b/bash-4.3-noecho.patch index 8a2842a..2906fbf 100644 --- a/bash-4.3-noecho.patch +++ b/bash-4.3-noecho.patch @@ -1,6 +1,8 @@ ---- bash-4.3/parse.y 2014-05-29 14:46:09.545543384 +0200 -+++ bash-4.3/parse.y 2014-05-29 14:48:40.758626213 +0200 -@@ -3858,6 +3858,8 @@ xparse_dolparen (base, string, indp, fla +diff --git a/parse.y b/parse.y +index 30425a5..85f1c4f 100644 +--- a/parse.y ++++ b/parse.y +@@ -4228,6 +4228,8 @@ xparse_dolparen (base, string, indp, flags) save_parser_state (&ps); save_input_line_state (&ls); orig_eof_token = shell_eof_token; @@ -9,17 +11,19 @@ /*(*/ parser_state |= PST_CMDSUBST|PST_EOFTOKEN; /* allow instant ')' */ /*(*/ ---- bash-4.3/subst.c 2014-05-29 16:04:35.802784549 +0200 -+++ bash-4.3/subst.c 2014-05-29 16:08:25.021942676 +0200 -@@ -7103,6 +7103,7 @@ param_expand (string, sindex, quoted, ex +diff --git a/subst.c b/subst.c +index f1a4df1..a93a4ce 100644 +--- a/subst.c ++++ b/subst.c +@@ -8513,6 +8513,7 @@ param_expand (string, sindex, quoted, expanded_something, WORD_LIST *list; WORD_DESC *tdesc, *ret; int tflag; + int old_echo_input; + /*itrace("param_expand: `%s' pflags = %d", string+*sindex, pflags);*/ zindex = *sindex; - c = string[++zindex]; -@@ -7401,6 +7402,9 @@ arithsub: +@@ -8831,6 +8832,9 @@ arithsub: } comsub: @@ -29,7 +33,7 @@ if (pflags & PF_NOCOMSUB) /* we need zindex+1 because string[zindex] == RPAREN */ temp1 = substring (string, *sindex, zindex+1); -@@ -7413,6 +7417,7 @@ comsub: +@@ -8843,6 +8847,7 @@ comsub: } FREE (temp); temp = temp1; @@ -37,3 +41,6 @@ break; /* Do POSIX.2d9-style arithmetic substitution. This will probably go +-- +2.9.3 + diff --git a/bash-4.3-old-memleak.patch b/bash-4.3-old-memleak.patch deleted file mode 100644 index ff2b665..0000000 --- a/bash-4.3-old-memleak.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -up bash-4.3/subst.c.old bash-4.3/subst.c ---- bash-4.3/subst.c.old 2015-08-03 10:32:37.353490080 +0200 -+++ bash-4.3/subst.c 2015-08-03 10:33:34.818533408 +0200 -@@ -9492,7 +9492,7 @@ make_internal_declare (word, option) - char *word; - char *option; - { -- int t; -+ int t, r; - WORD_LIST *wl; - WORD_DESC *w; - -@@ -9504,7 +9504,10 @@ make_internal_declare (word, option) - wl = make_word_list (w, (WORD_LIST *)NULL); - wl = make_word_list (make_word (option), wl); - -- return (declare_builtin (wl)); -+ r = declare_builtin (wl); -+ -+ dispose_words (wl); -+ return r; - } - #endif - diff --git a/bash-4.3-pathexp-globignore-delim.patch b/bash-4.3-pathexp-globignore-delim.patch deleted file mode 100644 index 6b019f9..0000000 --- a/bash-4.3-pathexp-globignore-delim.patch +++ /dev/null @@ -1,15 +0,0 @@ -*** ../bash-4.3-patched/pathexp.c 2014-01-31 09:34:33.000000000 -0500 ---- pathexp.c 2014-06-20 15:33:09.000000000 -0400 -*************** -*** 539,543 **** - return 0; - -! n = skip_to_delim (s, i, ":", SD_NOJMP|SD_EXTGLOB); - t = substring (s, i, n); - ---- 539,543 ---- - return 0; - -! n = skip_to_delim (s, i, ":", SD_NOJMP|SD_EXTGLOB|SD_GLOB); - t = substring (s, i, n); - diff --git a/bash-4.3-select-readonly.patch b/bash-4.3-select-readonly.patch deleted file mode 100644 index e64470d..0000000 --- a/bash-4.3-select-readonly.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up bash-4.3/builtins/read.def.old bash-4.3/builtins/read.def ---- bash-4.3/builtins/read.def.old 2015-07-15 11:12:13.884695357 +0200 -+++ bash-4.3/builtins/read.def 2015-07-15 11:10:55.339537361 +0200 -@@ -794,6 +794,8 @@ assign_vars: - else - var = bind_variable ("REPLY", input_string, 0); - VUNSETATTR (var, att_invisible); -+ if (readonly_p (var) || noassign_p (var)) -+ retval = EXECUTION_FAILURE; - - xfree (input_string); - return (retval); diff --git a/bash-4.4-cve-2016-7543.patch b/bash-4.4-cve-2016-7543.patch deleted file mode 100644 index cb7a6a0..0000000 --- a/bash-4.4-cve-2016-7543.patch +++ /dev/null @@ -1,29 +0,0 @@ -From f43310742819253bfa6add2dce406701bb8cc2bb Mon Sep 17 00:00:00 2001 -From: Siteshwar Vashisht -Date: Wed, 28 Sep 2016 18:33:55 +0530 -Subject: [PATCH] CVE-2016-7543: Patch imported from bash-4.4 - ---- - variables.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/variables.c b/variables.c -index ac587f3..ffd39e8 100644 ---- a/variables.c -+++ b/variables.c -@@ -496,7 +496,11 @@ initialize_shell_variables (env, privmode) - #endif - set_if_not ("PS2", secondary_prompt); - } -- set_if_not ("PS4", "+ "); -+ -+ if (current_user.euid == 0) -+ bind_variable ("PS4", "+ ", 0); -+ else -+ set_if_not ("PS4", "+ "); - - /* Don't allow IFS to be imported from the environment. */ - temp_var = bind_variable ("IFS", " \t\n", 0); --- -2.5.5 - diff --git a/bash-4.4-no-loadable-builtins.patch b/bash-4.4-no-loadable-builtins.patch new file mode 100644 index 0000000..b03459d --- /dev/null +++ b/bash-4.4-no-loadable-builtins.patch @@ -0,0 +1,15 @@ +diff --git a/Makefile.in b/Makefile.in +index a1f9483..24c646a 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -800,7 +800,6 @@ install: .made installdirs + infodir=$(infodir) htmldir=$(htmldir) DESTDIR=$(DESTDIR) $@ ) + -( cd $(DEFDIR) ; $(MAKE) $(MFLAGS) DESTDIR=$(DESTDIR) $@ ) + -( cd $(PO_DIR) ; $(MAKE) $(MFLAGS) DESTDIR=$(DESTDIR) $@ ) +- -( cd $(LOADABLES_DIR) && $(MAKE) $(MFLAGS) DESTDIR=$(DESTDIR) $@ ) + + install-strip: + $(MAKE) $(MFLAGS) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' \ +-- +2.9.3 + diff --git a/bash-bashbug.patch b/bash-bashbug.patch index 7ed60d2..aca3bee 100644 --- a/bash-bashbug.patch +++ b/bash-bashbug.patch @@ -1,7 +1,8 @@ -diff -up bash-4.2-rc2/doc/bash.1.bashbug bash-4.2-rc2/doc/bash.1 ---- bash-4.2-rc2/doc/bash.1.bashbug 2011-01-16 21:31:39.000000000 +0100 -+++ bash-4.2-rc2/doc/bash.1 2011-02-09 08:52:14.000000000 +0100 -@@ -9857,7 +9857,7 @@ The latest version is always available f +diff --git a/doc/bash.1 b/doc/bash.1 +index 9a7a384..c21e877 100644 +--- a/doc/bash.1 ++++ b/doc/bash.1 +@@ -10582,7 +10582,7 @@ The latest version is always available from .PP Once you have determined that a bug actually exists, use the .I bashbug @@ -10,7 +11,7 @@ diff -up bash-4.2-rc2/doc/bash.1.bashbug bash-4.2-rc2/doc/bash.1 If you have a fix, you are encouraged to mail that as well! Suggestions and `philosophical' bug reports may be mailed to \fIbug-bash@gnu.org\fP or posted to the Usenet -@@ -9879,10 +9879,6 @@ A description of the bug behaviour +@@ -10604,10 +10604,6 @@ A description of the bug behaviour A short script or `recipe' which exercises the bug .PD .PP @@ -21,10 +22,11 @@ diff -up bash-4.2-rc2/doc/bash.1.bashbug bash-4.2-rc2/doc/bash.1 Comments and bug reports concerning this manual page should be directed to .IR chet.ramey@case.edu . -diff -up bash-4.2-rc2/doc/bashref.texi.bashbug bash-4.2-rc2/doc/bashref.texi ---- bash-4.2-rc2/doc/bashref.texi.bashbug 2011-01-16 21:31:57.000000000 +0100 -+++ bash-4.2-rc2/doc/bashref.texi 2011-02-09 08:47:07.000000000 +0100 -@@ -7635,7 +7635,7 @@ The latest version of Bash is always ava +diff --git a/doc/bashref.texi b/doc/bashref.texi +index c0f4a2f..06957b6 100644 +--- a/doc/bashref.texi ++++ b/doc/bashref.texi +@@ -8435,7 +8435,7 @@ The latest version of Bash is always available for FTP from @uref{ftp://ftp.gnu.org/pub/gnu/bash/}. Once you have determined that a bug actually exists, use the @@ -33,7 +35,7 @@ diff -up bash-4.2-rc2/doc/bashref.texi.bashbug bash-4.2-rc2/doc/bashref.texi If you have a fix, you are encouraged to mail that as well! Suggestions and `philosophical' bug reports may be mailed to @email{bug-bash@@gnu.org} or posted to the Usenet -@@ -7657,9 +7657,6 @@ to reproduce it. +@@ -8457,9 +8457,6 @@ to reproduce it. @end itemize @noindent @@ -43,14 +45,18 @@ diff -up bash-4.2-rc2/doc/bashref.texi.bashbug bash-4.2-rc2/doc/bashref.texi Please send all reports concerning this manual to @email{bug-bash@@gnu.org}. -diff -up bash-4.2-rc2/shell.c.bashbug bash-4.2-rc2/shell.c ---- bash-4.2-rc2/shell.c.bashbug 2011-01-02 22:04:51.000000000 +0100 -+++ bash-4.2-rc2/shell.c 2011-02-09 08:47:07.000000000 +0100 -@@ -1823,7 +1823,6 @@ show_shell_usage (fp, extra) +diff --git a/shell.c b/shell.c +index 45b77f9..7f63969 100644 +--- a/shell.c ++++ b/shell.c +@@ -1958,7 +1958,6 @@ show_shell_usage (fp, extra) { fprintf (fp, _("Type `%s -c \"help set\"' for more information about shell options.\n"), shell_name); fprintf (fp, _("Type `%s -c help' for more information about shell builtin commands.\n"), shell_name); - fprintf (fp, _("Use the `bashbug' command to report bugs.\n")); - } - } - + fprintf (fp, "\n"); + fprintf (fp, _("bash home page: \n")); + fprintf (fp, _("General help using GNU software: \n")); +-- +2.9.3 + diff --git a/bash-infotags.patch b/bash-infotags.patch index 2e50d6e..fe39609 100644 --- a/bash-infotags.patch +++ b/bash-infotags.patch @@ -1,6 +1,8 @@ ---- bash-3.1/doc/Makefile.in.infotags 2006-07-12 13:57:18.000000000 +0100 -+++ bash-3.1/doc/Makefile.in 2006-07-12 13:58:25.000000000 +0100 -@@ -69,7 +69,6 @@ +diff --git a/doc/Makefile.in b/doc/Makefile.in +index 5f0756c..a5fa5a0 100644 +--- a/doc/Makefile.in ++++ b/doc/Makefile.in +@@ -74,7 +74,6 @@ TEXI2DVI = ${SUPPORT_SRCDIR}/texi2dvi TEXI2HTML = ${SUPPORT_SRCDIR}/texi2html MAN2HTML = ${BUILD_DIR}/support/man2html HTMLPOST = ${srcdir}/htmlpost.sh @@ -8,18 +10,9 @@ QUIETPS = #set this to -q to shut up dvips PAPERSIZE = letter # change to a4 for A4-size paper PSDPI = 600 # could be 300 if you like -@@ -146,7 +145,7 @@ - - PSFILES = bash.ps bashbug.ps article.ps builtins.ps rbash.ps - DVIFILES = bashref.dvi bashref.ps --INFOFILES = bashref.info -+INFOFILES = bashref.info bash.info - MAN0FILES = bash.0 bashbug.0 builtins.0 rbash.0 - HTMLFILES = bashref.html bash.html - PDFFILES = bash.pdf bashref.pdf article.pdf rose94.pdf -@@ -167,8 +166,8 @@ +@@ -188,8 +187,8 @@ bashref.pdf: $(BASHREF_FILES) $(HSUSER) $(RLUSER) bashref.html: $(BASHREF_FILES) $(HSUSER) $(RLUSER) - $(TEXI2HTML) -menu -monolithic -I $(TEXINPUTDIR) $(srcdir)/bashref.texi + $(MAKEINFO) --html --no-split -I$(TEXINPUTDIR) $(srcdir)/bashref.texi -bash.info: bashref.info - ${SHELL} ${INFOPOST} < $(srcdir)/bashref.info > $@ ; \ @@ -28,3 +21,6 @@ bash.txt: bash.1 bash.ps: bash.1 +-- +2.9.3 + diff --git a/bash-requires.patch b/bash-requires.patch index 4106a06..36960eb 100644 --- a/bash-requires.patch +++ b/bash-requires.patch @@ -1,19 +1,20 @@ -diff -up bash-4.1/builtins.h.requires bash-4.1/builtins.h ---- bash-4.1/builtins.h.requires 2009-01-04 20:32:23.000000000 +0100 -+++ bash-4.1/builtins.h 2010-08-02 17:42:41.000000000 +0200 -@@ -41,6 +41,8 @@ - #define SPECIAL_BUILTIN 0x08 /* This is a Posix `special' builtin. */ +diff --git a/builtins.h b/builtins.h +index 0cfea18..a6ef958 100644 +--- a/builtins.h ++++ b/builtins.h +@@ -42,6 +42,7 @@ #define ASSIGNMENT_BUILTIN 0x10 /* This builtin takes assignment statements. */ #define POSIX_BUILTIN 0x20 /* This builtins is special in the Posix command search order. */ -+#define REQUIRES_BUILTIN 0x40 /* This builtin requires other files. */ -+ + #define LOCALVAR_BUILTIN 0x40 /* This builtin creates local variables */ ++#define REQUIRES_BUILTIN 0x80 /* This builtin requires other files. */ #define BASE_INDENT 4 -diff -up bash-4.1/builtins/mkbuiltins.c.requires bash-4.1/builtins/mkbuiltins.c ---- bash-4.1/builtins/mkbuiltins.c.requires 2009-01-04 20:32:23.000000000 +0100 -+++ bash-4.1/builtins/mkbuiltins.c 2010-08-02 17:42:41.000000000 +0200 -@@ -69,9 +69,15 @@ extern char *strcpy (); +diff --git a/builtins/mkbuiltins.c b/builtins/mkbuiltins.c +index 4f51201..283bfea 100644 +--- a/builtins/mkbuiltins.c ++++ b/builtins/mkbuiltins.c +@@ -69,10 +69,15 @@ extern char *strcpy (); #define whitespace(c) (((c) == ' ') || ((c) == '\t')) /* Flag values that builtins can have. */ @@ -23,13 +24,13 @@ diff -up bash-4.1/builtins/mkbuiltins.c.requires bash-4.1/builtins/mkbuiltins.c + in ../builtins.h */ #define BUILTIN_FLAG_SPECIAL 0x01 #define BUILTIN_FLAG_ASSIGNMENT 0x02 - #define BUILTIN_FLAG_POSIX_BUILTIN 0x04 -+#define BUILTIN_FLAG_REQUIRES 0x08 -+ + #define BUILTIN_FLAG_LOCALVAR 0x04 + #define BUILTIN_FLAG_POSIX_BUILTIN 0x08 ++#define BUILTIN_FLAG_REQUIRES 0x0f #define BASE_INDENT 4 -@@ -163,10 +169,18 @@ char *posix_builtins[] = +@@ -173,11 +178,20 @@ char *posix_builtins[] = (char *)NULL }; @@ -39,17 +40,19 @@ diff -up bash-4.1/builtins/mkbuiltins.c.requires bash-4.1/builtins/mkbuiltins.c + ".", "command", "exec", "source", "inlib", + (char *)NULL +}; ++ + /* Forward declarations. */ static int is_special_builtin (); static int is_assignment_builtin (); + static int is_localvar_builtin (); static int is_posix_builtin (); +static int is_requires_builtin (); #if !defined (HAVE_RENAME) static int rename (); -@@ -812,6 +826,9 @@ builtin_handler (self, defs, arg) - new->flags |= BUILTIN_FLAG_ASSIGNMENT; +@@ -831,6 +845,9 @@ builtin_handler (self, defs, arg) + new->flags |= BUILTIN_FLAG_LOCALVAR; if (is_posix_builtin (name)) new->flags |= BUILTIN_FLAG_POSIX_BUILTIN; + if (is_requires_builtin (name)) @@ -58,21 +61,22 @@ diff -up bash-4.1/builtins/mkbuiltins.c.requires bash-4.1/builtins/mkbuiltins.c array_add ((char *)new, defs->builtins); building_builtin = 1; -@@ -1229,11 +1246,12 @@ write_builtins (defs, structfile, extern +@@ -1250,12 +1267,13 @@ write_builtins (defs, structfile, externfile) else fprintf (structfile, "(sh_builtin_func_t *)0x0, "); -- fprintf (structfile, "%s%s%s%s, %s_doc,\n", -+ fprintf (structfile, "%s%s%s%s%s, %s_doc,\n", +- fprintf (structfile, "%s%s%s%s%s, %s_doc,\n", ++ fprintf (structfile, "%s%s%s%s%s%s, %s_doc,\n", "BUILTIN_ENABLED | STATIC_BUILTIN", (builtin->flags & BUILTIN_FLAG_SPECIAL) ? " | SPECIAL_BUILTIN" : "", (builtin->flags & BUILTIN_FLAG_ASSIGNMENT) ? " | ASSIGNMENT_BUILTIN" : "", + (builtin->flags & BUILTIN_FLAG_LOCALVAR) ? " | LOCALVAR_BUILTIN" : "", (builtin->flags & BUILTIN_FLAG_POSIX_BUILTIN) ? " | POSIX_BUILTIN" : "", + (builtin->flags & BUILTIN_FLAG_REQUIRES) ? " | REQUIRES_BUILTIN" : "", document_name (builtin)); - if (inhibit_functions) -@@ -1581,6 +1599,13 @@ is_posix_builtin (name) + /* Don't translate short document summaries that are identical +@@ -1645,6 +1663,13 @@ is_posix_builtin (name) return (_find_in_table (name, posix_builtins)); } @@ -86,10 +90,11 @@ diff -up bash-4.1/builtins/mkbuiltins.c.requires bash-4.1/builtins/mkbuiltins.c #if !defined (HAVE_RENAME) static int rename (from, to) -diff -up bash-4.1/doc/bash.1.requires bash-4.1/doc/bash.1 ---- bash-4.1/doc/bash.1.requires 2010-08-02 17:42:41.000000000 +0200 -+++ bash-4.1/doc/bash.1 2010-08-02 18:09:27.000000000 +0200 -@@ -231,6 +231,14 @@ The shell becomes restricted (see +diff --git a/doc/bash.1 b/doc/bash.1 +index c21e877..04ce845 100644 +--- a/doc/bash.1 ++++ b/doc/bash.1 +@@ -238,6 +238,14 @@ The shell becomes restricted (see .B "RESTRICTED SHELL" below). .TP @@ -102,12 +107,13 @@ diff -up bash-4.1/doc/bash.1.requires bash-4.1/doc/bash.1 +builtin are not parsed so some dependencies may be missed. +.TP .B \-\-verbose - Equivalent to \fB\-v\fP. + Equivalent to \fB\-v\fP. .TP -diff -up bash-4.1/doc/bashref.texi.requires bash-4.1/doc/bashref.texi ---- bash-4.1/doc/bashref.texi.requires 2010-08-02 17:42:41.000000000 +0200 -+++ bash-4.1/doc/bashref.texi 2010-08-02 18:11:58.000000000 +0200 -@@ -5343,6 +5343,13 @@ standard. @xref{Bash POSIX Mode}, for a +diff --git a/doc/bashref.texi b/doc/bashref.texi +index 06957b6..e3fe925 100644 +--- a/doc/bashref.texi ++++ b/doc/bashref.texi +@@ -6243,6 +6243,13 @@ standard. @xref{Bash POSIX Mode}, for a description of the Bash @item --restricted Make the shell a restricted shell (@pxref{The Restricted Shell}). @@ -121,18 +127,19 @@ diff -up bash-4.1/doc/bashref.texi.requires bash-4.1/doc/bashref.texi @item --verbose Equivalent to @option{-v}. Print shell input lines as they're read. -diff -up bash-4.1/eval.c.requires bash-4.1/eval.c ---- bash-4.1/eval.c.requires 2009-01-04 20:32:26.000000000 +0100 -+++ bash-4.1/eval.c 2010-08-02 17:42:41.000000000 +0200 -@@ -53,6 +53,7 @@ extern int last_command_exit_value, stdi - extern int need_here_doc; +diff --git a/eval.c b/eval.c +index db863e7..5a5af32 100644 +--- a/eval.c ++++ b/eval.c +@@ -56,6 +56,7 @@ extern int need_here_doc; extern int current_command_number, current_command_line_count, line_number; extern int expand_aliases; + extern char *ps0_prompt; +extern int rpm_requires; #if defined (HAVE_POSIX_SIGNALS) extern sigset_t top_level_mask; -@@ -136,7 +137,7 @@ reader_loop () +@@ -148,7 +149,7 @@ reader_loop () if (read_command () == 0) { @@ -141,10 +148,11 @@ diff -up bash-4.1/eval.c.requires bash-4.1/eval.c { last_command_exit_value = EXECUTION_SUCCESS; dispose_command (global_command); -diff -up bash-4.1/execute_cmd.c.requires bash-4.1/execute_cmd.c ---- bash-4.1/execute_cmd.c.requires 2010-08-02 17:42:41.000000000 +0200 -+++ bash-4.1/execute_cmd.c 2010-08-02 17:42:41.000000000 +0200 -@@ -503,6 +503,8 @@ async_redirect_stdin () +diff --git a/execute_cmd.c b/execute_cmd.c +index b5cd405..88c7a5c 100644 +--- a/execute_cmd.c ++++ b/execute_cmd.c +@@ -533,6 +533,8 @@ async_redirect_stdin () #define DESCRIBE_PID(pid) do { if (interactive) describe_pid (pid); } while (0) @@ -153,7 +161,7 @@ diff -up bash-4.1/execute_cmd.c.requires bash-4.1/execute_cmd.c /* Execute the command passed in COMMAND, perhaps doing it asynchronously. COMMAND is exactly what read_command () places into GLOBAL_COMMAND. ASYNCHROUNOUS, if non-zero, says to do this command in the background. -@@ -534,7 +536,13 @@ execute_command_internal (command, async +@@ -565,7 +567,13 @@ execute_command_internal (command, asynchronous, pipe_in, pipe_out, if (breaking || continuing) return (last_command_exit_value); @@ -168,7 +176,7 @@ diff -up bash-4.1/execute_cmd.c.requires bash-4.1/execute_cmd.c return (EXECUTION_SUCCESS); QUIT; -@@ -5066,7 +5074,7 @@ execute_intern_function (name, function) +@@ -5752,7 +5760,7 @@ execute_intern_function (name, funcdef) if (check_identifier (name, posixly_correct) == 0) { @@ -177,9 +185,10 @@ diff -up bash-4.1/execute_cmd.c.requires bash-4.1/execute_cmd.c { last_command_exit_value = EX_BADUSAGE; jump_to_top_level (ERREXIT); -diff -up bash-4.1/execute_cmd.h.requires bash-4.1/execute_cmd.h ---- bash-4.1/execute_cmd.h.requires 2009-01-16 22:20:15.000000000 +0100 -+++ bash-4.1/execute_cmd.h 2010-08-02 17:42:41.000000000 +0200 +diff --git a/execute_cmd.h b/execute_cmd.h +index 62bec82..d42dc85 100644 +--- a/execute_cmd.h ++++ b/execute_cmd.h @@ -22,6 +22,8 @@ #define _EXECUTE_CMD_H_ @@ -187,11 +196,12 @@ diff -up bash-4.1/execute_cmd.h.requires bash-4.1/execute_cmd.h +#include "variables.h" +#include "command.h" - extern struct fd_bitmap *new_fd_bitmap __P((int)); - extern void dispose_fd_bitmap __P((struct fd_bitmap *)); -diff -up bash-4.1/make_cmd.c.requires bash-4.1/make_cmd.c ---- bash-4.1/make_cmd.c.requires 2009-09-11 23:26:12.000000000 +0200 -+++ bash-4.1/make_cmd.c 2010-08-02 17:42:41.000000000 +0200 + #if defined (ARRAY_VARS) + struct func_array_state +diff --git a/make_cmd.c b/make_cmd.c +index b42e9ff..a982fe0 100644 +--- a/make_cmd.c ++++ b/make_cmd.c @@ -42,11 +42,15 @@ #include "flags.h" #include "make_cmd.h" @@ -208,18 +218,18 @@ diff -up bash-4.1/make_cmd.c.requires bash-4.1/make_cmd.c #if defined (JOB_CONTROL) #include "jobs.h" -@@ -56,6 +60,10 @@ - +@@ -57,6 +61,10 @@ extern int line_number, current_command_line_count, parser_state; extern int last_command_exit_value; + extern int shell_initialized; +extern int rpm_requires; + +static char *alphabet_set = "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; - /* Object caching */ - sh_obj_cache_t wdcache = {0, 0, 0}; -@@ -820,6 +828,27 @@ make_coproc_command (name, command) + int here_doc_first_line = 0; + +@@ -839,6 +847,27 @@ make_coproc_command (name, command) return (make_command (cm_coproc, (SIMPLE_COM *)temp)); } @@ -247,7 +257,7 @@ diff -up bash-4.1/make_cmd.c.requires bash-4.1/make_cmd.c /* Reverse the word list and redirection list in the simple command has just been parsed. It seems simpler to do this here the one time then by any other method that I can think of. */ -@@ -837,6 +866,27 @@ clean_simple_command (command) +@@ -856,6 +885,27 @@ clean_simple_command (command) REVERSE_LIST (command->value.Simple->redirects, REDIRECT *); } @@ -275,12 +285,13 @@ diff -up bash-4.1/make_cmd.c.requires bash-4.1/make_cmd.c parser_state &= ~PST_REDIRLIST; return (command); } -diff -up bash-4.1/shell.c.requires bash-4.1/shell.c ---- bash-4.1/shell.c.requires 2010-08-02 17:42:41.000000000 +0200 -+++ bash-4.1/shell.c 2010-08-02 17:42:41.000000000 +0200 -@@ -193,6 +193,9 @@ int have_devfd = 0; +diff --git a/shell.c b/shell.c +index 7f63969..a0fb7ce 100644 +--- a/shell.c ++++ b/shell.c +@@ -201,6 +201,9 @@ int have_devfd = 0; /* The name of the .(shell)rc file. */ - static char *bashrc_file = "~/.bashrc"; + static char *bashrc_file = DEFAULT_BASHRC; +/* Non-zero if we are finding the scripts requirements. */ +int rpm_requires; @@ -288,7 +299,7 @@ diff -up bash-4.1/shell.c.requires bash-4.1/shell.c /* Non-zero means to act more like the Bourne shell on startup. */ static int act_like_sh; -@@ -251,6 +254,7 @@ static const struct { +@@ -264,6 +267,7 @@ static const struct { { "protected", Int, &protected_mode, (char **)0x0 }, #endif { "rcfile", Charp, (int *)0x0, &bashrc_file }, @@ -296,7 +307,7 @@ diff -up bash-4.1/shell.c.requires bash-4.1/shell.c #if defined (RESTRICTED_SHELL) { "restricted", Int, &restricted, (char **)0x0 }, #endif -@@ -485,6 +489,12 @@ main (argc, argv, env) +@@ -500,6 +504,12 @@ main (argc, argv, env) if (dump_translatable_strings) read_but_dont_execute = 1; @@ -309,3 +320,6 @@ diff -up bash-4.1/shell.c.requires bash-4.1/shell.c if (running_setuid && privileged_mode == 0) disable_priv_mode (); +-- +2.9.3 + diff --git a/bash-tilda-race-condition.patch b/bash-tilda-race-condition.patch deleted file mode 100644 index 10709a2..0000000 --- a/bash-tilda-race-condition.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 262639471df23c1e898b3e74d68db23b02dbbefc Mon Sep 17 00:00:00 2001 -From: Siteshwar Vashisht -Date: Tue, 17 May 2016 18:05:03 +0530 -Subject: [PATCH] Do not set terminate_immediately and interrupt_immediately - while expanding tilda - ---- - general.c | 13 ------------- - 1 file changed, 13 deletions(-) - -diff --git a/general.c b/general.c -index 087689e..220543c 100644 ---- a/general.c -+++ b/general.c -@@ -983,16 +983,6 @@ bash_tilde_expand (s, assign_p) - int old_immed, old_term, r; - char *ret; - -- old_immed = interrupt_immediately; -- old_term = terminate_immediately; -- /* We want to be able to interrupt tilde expansion. Ordinarily, we can just -- jump to top_level, but we don't want to run any trap commands in a signal -- handler context. We might be able to get away with just checking for -- things like SIGINT and SIGQUIT. */ -- if (any_signals_trapped () < 0) -- interrupt_immediately = 1; -- terminate_immediately = 1; -- - tilde_additional_prefixes = assign_p == 0 ? (char **)0 - : (assign_p == 2 ? bash_tilde_prefixes2 : bash_tilde_prefixes); - if (assign_p == 2) -@@ -1001,9 +991,6 @@ bash_tilde_expand (s, assign_p) - r = (*s == '~') ? unquoted_tilde_word (s) : 1; - ret = r ? tilde_expand (s) : savestring (s); - -- interrupt_immediately = old_immed; -- terminate_immediately = old_term; -- - QUIT; - - return (ret); --- -2.5.5 - diff --git a/bash-tty-tests.patch b/bash-tty-tests.patch index 984f1b4..83569b1 100644 --- a/bash-tty-tests.patch +++ b/bash-tty-tests.patch @@ -1,7 +1,8 @@ -diff -up bash-4.2-rc2/tests/exec.right.tty_tests bash-4.2-rc2/tests/exec.right ---- bash-4.2-rc2/tests/exec.right.tty_tests 2011-02-09 10:42:48.000000000 +0100 -+++ bash-4.2-rc2/tests/exec.right 2011-02-09 10:42:59.000000000 +0100 -@@ -50,7 +50,6 @@ this is ohio-state +diff --git a/tests/exec.right b/tests/exec.right +index 81224fa..ff77f09 100644 +--- a/tests/exec.right ++++ b/tests/exec.right +@@ -51,7 +51,6 @@ this is ohio-state 0 1 testb @@ -9,10 +10,11 @@ diff -up bash-4.2-rc2/tests/exec.right.tty_tests bash-4.2-rc2/tests/exec.right 1 1 1 -diff -up bash-4.2-rc2/tests/execscript.tty_tests bash-4.2-rc2/tests/execscript ---- bash-4.2-rc2/tests/execscript.tty_tests 2010-12-27 22:01:02.000000000 +0100 -+++ bash-4.2-rc2/tests/execscript 2011-02-09 10:42:34.000000000 +0100 -@@ -107,8 +107,6 @@ ${THIS_SH} ./exec6.sub +diff --git a/tests/execscript b/tests/execscript +index 3415ae3..75c48a4 100644 +--- a/tests/execscript ++++ b/tests/execscript +@@ -108,8 +108,6 @@ ${THIS_SH} ./exec6.sub # checks for properly deciding what constitutes an executable file ${THIS_SH} ./exec7.sub @@ -20,10 +22,11 @@ diff -up bash-4.2-rc2/tests/execscript.tty_tests bash-4.2-rc2/tests/execscript - ${THIS_SH} ./exec9.sub - true | `echo true` & -diff -up bash-4.2-rc2/tests/read.right.tty_tests bash-4.2-rc2/tests/read.right ---- bash-4.2-rc2/tests/read.right.tty_tests 2010-12-21 16:49:00.000000000 +0100 -+++ bash-4.2-rc2/tests/read.right 2011-02-09 10:42:34.000000000 +0100 + ${THIS_SH} ./exec10.sub +diff --git a/tests/read.right b/tests/read.right +index 73cb704..a92fe7f 100644 +--- a/tests/read.right ++++ b/tests/read.right @@ -33,14 +33,6 @@ a = abcdefg a = xyz a = -xyz 123- @@ -39,10 +42,11 @@ diff -up bash-4.2-rc2/tests/read.right.tty_tests bash-4.2-rc2/tests/read.right ./read3.sub: line 4: read: -1: invalid number abc ab -diff -up bash-4.2-rc2/tests/read.tests.tty_tests bash-4.2-rc2/tests/read.tests ---- bash-4.2-rc2/tests/read.tests.tty_tests 2008-09-06 19:09:11.000000000 +0200 -+++ bash-4.2-rc2/tests/read.tests 2011-02-09 10:42:34.000000000 +0100 -@@ -82,9 +82,6 @@ echo " foo" | { IFS=$':' ; read line; re +diff --git a/tests/read.tests b/tests/read.tests +index fe27dae..10346f7 100644 +--- a/tests/read.tests ++++ b/tests/read.tests +@@ -82,9 +82,6 @@ echo " foo" | { IFS=$':' ; read line; recho "$line"; } # test read -d delim behavior ${THIS_SH} ./read1.sub @@ -52,3 +56,6 @@ diff -up bash-4.2-rc2/tests/read.tests.tty_tests bash-4.2-rc2/tests/read.tests # test read -n nchars behavior ${THIS_SH} ./read3.sub +-- +2.9.3 + diff --git a/bash.spec b/bash.spec index cf7e3e8..c54d750 100644 --- a/bash.spec +++ b/bash.spec @@ -1,14 +1,14 @@ #% define beta_tag rc2 %global _hardened_build 1 -%define patchleveltag .43 -%define baseversion 4.3 +%define patchleveltag .0 +%define baseversion 4.4 %bcond_without tests %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} Version: %{baseversion}%{patchleveltag} Name: bash Summary: The GNU Bourne Again shell -Release: 4%{?dist} +Release: 1%{?dist} Group: System Environment/Shells License: GPLv3+ Url: http://www.gnu.org/software/bash @@ -22,58 +22,7 @@ Source2: dot-bash_profile Source3: dot-bash_logout # Official upstream patches -Patch001: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-001 -Patch002: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-002 -Patch003: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-003 -Patch004: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-004 -Patch005: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-005 -Patch006: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-006 -Patch007: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-007 -Patch008: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-008 -Patch009: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-009 -Patch010: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-010 -Patch011: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-011 -Patch012: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-012 -Patch013: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-013 -Patch014: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-014 -Patch015: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-015 -Patch016: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-016 -Patch017: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-017 -Patch018: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-018 -Patch019: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-019 -Patch020: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-020 -Patch021: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-021 -Patch022: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-022 -Patch023: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-023 -Patch024: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-024 -Patch025: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025 -Patch026: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-026 -# 1146326 - cve-2014-7169 -# we want to keep these patches from Florian Weimer -# instead of the official ones, to match the ()/%% -# detail we already have applied across RHELs and not to -# create incompatibilities in the future -#patchlevel 27 -Patch027: bash-4.2-cve-2014-7169-1.patch -#patchlevel 28 -Patch028: bash-4.2-cve-2014-7169-2.patch - -Patch029: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-029 -Patch030: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-030 -Patch031: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-031 -Patch032: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-032 -Patch033: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-033 -Patch034: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-034 -Patch035: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-035 -Patch036: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-036 -Patch037: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-037 -Patch038: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-038 -Patch039: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-039 -Patch040: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-040 -Patch041: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-041 -Patch042: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-042 -Patch043: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-043 # Other patches Patch101: bash-2.02-security.patch @@ -83,73 +32,52 @@ Patch104: bash-2.05a-interpreter.patch Patch105: bash-2.05b-debuginfo.patch Patch106: bash-2.05b-manso.patch Patch107: bash-2.05b-pgrp_sync.patch -Patch108: bash-2.05b-readline-oom.patch -Patch109: bash-2.05b-xcc.patch -Patch110: bash-3.2-audit.patch -Patch111: bash-3.2-ssh_source_bash.patch -Patch112: bash-bashbug.patch -Patch113: bash-infotags.patch -Patch114: bash-requires.patch -Patch115: bash-setlocale.patch -Patch116: bash-tty-tests.patch +Patch108: bash-2.05b-xcc.patch +Patch109: bash-3.2-audit.patch +Patch110: bash-3.2-ssh_source_bash.patch +Patch111: bash-bashbug.patch +Patch112: bash-infotags.patch +Patch113: bash-requires.patch +Patch114: bash-setlocale.patch +Patch115: bash-tty-tests.patch # 484809, check if interp section is NOBITS -Patch117: bash-4.0-nobits.patch +Patch116: bash-4.0-nobits.patch # Do the same CFLAGS in generated Makefile in examples -Patch118: bash-4.1-examples.patch +Patch117: bash-4.1-examples.patch # Builtins like echo and printf won't report errors # when output does not succeed due to EPIPE -Patch119: bash-4.1-broken_pipe.patch +Patch118: bash-4.1-broken_pipe.patch # Enable system-wide .bash_logout for login shells -Patch120: bash-4.2-rc2-logout.patch +Patch119: bash-4.2-rc2-logout.patch # Static analyzis shows some issues in bash-2.05a-interpreter.patch -Patch121: bash-4.2-coverity.patch +Patch120: bash-4.2-coverity.patch # Don't call malloc in signal handler -Patch122: bash-4.1-defer-sigchld-trap.patch +Patch121: bash-4.1-defer-sigchld-trap.patch # 799958, updated info about trap -Patch123: bash-4.2-manpage_trap.patch +Patch122: bash-4.2-manpage_trap.patch # https://www.securecoding.cert.org/confluence/display/seccode/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow -Patch125: bash-4.2-size_type.patch - -# fix deadlock in trap, backported from devel branch -Patch127: bash-4.2-trap.patch +Patch123: bash-4.2-size_type.patch # 1112710 - mention ulimit -c and -f POSIX block size -Patch128: bash-4.3-man-ulimit.patch - -# A series of patches emitted by upstream since 4.3-18 -#Patch131: bash-4.3-parse-time-keyword.patch -Patch134: bash-4.3-pathexp-globignore-delim.patch +Patch124: bash-4.3-man-ulimit.patch # 1102815 - fix double echoes in vi visual mode -Patch135: bash-4.3-noecho.patch - -# 1182278 - bash crashes on `select' if REPLY is readonly -Patch137: bash-4.3-select-readonly.patch +Patch125: bash-4.3-noecho.patch #1241533,1224855 - bash leaks memory when LC_ALL set -Patch138: bash-4.3-memleak-lc_all.patch +Patch126: bash-4.3-memleak-lc_all.patch -#1245233 - old memleak reappeared, taken from upstream -Patch139: bash-4.3-old-memleak.patch - -#1336800 - Fixes a race condition while expanding tilda -Patch140: bash-tilda-race-condition.patch - -#1377614 - security fix for CVE-2016-0634 (arbitrary code execution via malicious hostname) -# NOTE: This fix is already included in bash-4.4. -Patch141: bash-4.3-cve-2016-0634.patch - -#1379634- security fix CVE-2016-7543 (Specially crafted SHELLOPTS+PS4 variables allows command substitution) -# NOTE: This fix is already included in bash-4.4. -Patch142: bash-4.4-cve-2016-7543.patch +# bash-4.4 builds loadable builtin examples by default +# this patch disables it +Patch127: bash-4.4-no-loadable-builtins.patch BuildRequires: texinfo bison BuildRequires: ncurses-devel @@ -177,49 +105,7 @@ This package contains documentation files for %{name}. %setup -q -n %{name}-%{baseversion} # Official upstream patches -%patch001 -p0 -b .001 -%patch002 -p0 -b .002 -%patch003 -p0 -b .003 -%patch004 -p0 -b .004 -%patch005 -p0 -b .005 -%patch006 -p0 -b .006 -%patch007 -p0 -b .007 -%patch008 -p0 -b .008 -%patch009 -p0 -b .009 -%patch010 -p0 -b .010 -%patch011 -p0 -b .011 -%patch012 -p0 -b .012 -%patch013 -p0 -b .013 -%patch014 -p0 -b .014 -%patch015 -p0 -b .015 -%patch016 -p0 -b .016 -%patch017 -p0 -b .017 -%patch018 -p0 -b .018 -%patch019 -p0 -b .019 -%patch020 -p0 -b .020 -%patch021 -p0 -b .021 -%patch022 -p0 -b .022 -%patch023 -p0 -b .023 -%patch024 -p0 -b .024 -%patch025 -p0 -b .025 -%patch026 -p0 -b .026 -%patch027 -p0 -b .7169-1 -%patch028 -p0 -b .7169-2 -%patch029 -p0 -b .029 -%patch030 -p0 -b .030 -%patch031 -p0 -b .031 -%patch032 -p0 -b .032 -%patch033 -p0 -b .033 -%patch034 -p0 -b .034 -%patch035 -p0 -b .035 -%patch036 -p0 -b .036 -%patch037 -p0 -b .037 -%patch038 -p0 -b .038 -%patch039 -p0 -b .039 -%patch040 -p0 -b .040 -%patch041 -p0 -b .041 -%patch042 -p0 -b .042 -%patch043 -p0 -b .043 + # Other patches %patch101 -p1 -b .security @@ -229,33 +115,26 @@ This package contains documentation files for %{name}. %patch105 -p1 -b .debuginfo %patch106 -p1 -b .manso %patch107 -p1 -b .pgrp_sync -%patch108 -p1 -b .readline_oom -%patch109 -p1 -b .xcc -%patch110 -p1 -b .audit -%patch111 -p1 -b .ssh_source_bash -%patch112 -p1 -b .bashbug -%patch113 -p1 -b .infotags -%patch114 -p1 -b .requires -%patch115 -p1 -b .setlocale -%patch116 -p1 -b .tty_tests -%patch117 -p1 -b .nobits -%patch118 -p1 -b .examples -%patch119 -p1 -b .broken_pipe -%patch120 -p1 -b .logout -%patch121 -p1 -b .coverity -%patch122 -p1 -b .defer_sigchld_trap -%patch123 -p1 -%patch125 -p1 -b .size_type -%patch128 -p1 -b .ulimit -#%patch131 -p0 -b .keyword -%patch134 -p0 -b .delim -%patch135 -p1 -b .noecho -%patch137 -p1 -b .readonly -%patch138 -p1 -b .lc_all -%patch139 -p1 -b .oldleak -%patch140 -p1 -b .tilda_expansion -%patch141 -p1 -b .cve-2016-0634 -%patch142 -p1 -b .cve-2016-7543 +%patch108 -p1 -b .xcc +%patch109 -p1 -b .audit +%patch110 -p1 -b .ssh_source_bash +%patch111 -p1 -b .bashbug +%patch112 -p1 -b .infotags +%patch113 -p1 -b .requires +%patch114 -p1 -b .setlocale +%patch115 -p1 -b .tty_tests +%patch116 -p1 -b .nobits +%patch117 -p1 -b .examples +%patch118 -p1 -b .broken_pipe +%patch119 -p1 -b .logout +%patch120 -p1 -b .coverity +%patch121 -p1 -b .defer_sigchld_trap +%patch122 -p1 +%patch123 -p1 -b .size_type +%patch124 -p1 -b .ulimit +%patch125 -p1 -b .noecho +%patch126 -p1 -b .lc_all +%patch127 -p1 -b .no-loadable-builtins echo %{version} > _distribution echo %{release} > _patchlevel @@ -457,6 +336,10 @@ end %doc doc/*.ps doc/*.0 doc/*.html doc/article.txt %changelog +* Fri Jan 06 2017 Siteshwar Vashisht - 4.4.0-1 +- Rebase to bash-4.4 + Resolves: #1376609 + * Fri Sep 30 2016 Siteshwar Vashisht - 4.3.43-4 - CVE-2016-7543: Fix for arbitrary code execution via SHELLOPTS+PS4 variables Resolves: #1379634 diff --git a/bash43-001 b/bash43-001 deleted file mode 100644 index ea1c6b2..0000000 --- a/bash43-001 +++ /dev/null @@ -1,58 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-001 - -Bug-Reported-by: NBaH -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-02/msg00092.html - -Bug-Description: - -A missing check for a valid option prevented `test -R' from working. There -is another problem that causes bash to look up the wrong variable name when -processing the argument to `test -R'. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/test.c 2014-02-04 16:52:58.000000000 -0500 ---- test.c 2014-02-28 21:22:44.000000000 -0500 -*************** -*** 647,652 **** - - case 'R': -! v = find_variable (arg); -! return (v && invisible_p (v) == 0 && var_isset (v) && nameref_p (v) ? TRUE : FALSE); - } - ---- 647,652 ---- - - case 'R': -! v = find_variable_noref (arg); -! return ((v && invisible_p (v) == 0 && var_isset (v) && nameref_p (v)) ? TRUE : FALSE); - } - -*************** -*** 724,727 **** ---- 724,728 ---- - case 'u': case 'v': case 'w': case 'x': case 'z': - case 'G': case 'L': case 'O': case 'S': case 'N': -+ case 'R': - return (1); - } -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 0 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 1 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-002 b/bash43-002 deleted file mode 100644 index 735b7b8..0000000 --- a/bash43-002 +++ /dev/null @@ -1,62 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-002 - -Bug-Reported-by: Moe Tunes -Bug-Reference-ID: <53103F49.3070100@gmail.com> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-02/msg00086.html - -Bug-Description: - -A change to save state while running the DEBUG trap caused pipelines to hang -on systems which need process group synchronization while building pipelines. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/trap.c 2014-02-05 10:03:21.000000000 -0500 ---- trap.c 2014-02-28 09:51:43.000000000 -0500 -*************** -*** 921,925 **** - - #if defined (JOB_CONTROL) -! save_pipeline (1); /* XXX only provides one save level */ - #endif - ---- 921,926 ---- - - #if defined (JOB_CONTROL) -! if (sig != DEBUG_TRAP) /* run_debug_trap does this */ -! save_pipeline (1); /* XXX only provides one save level */ - #endif - -*************** -*** 941,945 **** - - #if defined (JOB_CONTROL) -! restore_pipeline (1); - #endif - ---- 942,947 ---- - - #if defined (JOB_CONTROL) -! if (sig != DEBUG_TRAP) /* run_debug_trap does this */ -! restore_pipeline (1); - #endif - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 1 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 2 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-003 b/bash43-003 deleted file mode 100644 index 0f32f41..0000000 --- a/bash43-003 +++ /dev/null @@ -1,48 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-003 - -Bug-Reported-by: Anatol Pomozov -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00010.html - -Bug-Description: - -When in callback mode, some readline commands can cause readline to seg -fault by passing invalid contexts to callback functions. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/lib/readline/readline.c 2013-10-28 14:58:06.000000000 -0400 ---- lib/readline/readline.c 2014-03-10 14:15:02.000000000 -0400 -*************** -*** 745,749 **** - - RL_CHECK_SIGNALS (); -! if (r == 0) /* success! */ - { - _rl_keyseq_chain_dispose (); ---- 745,750 ---- - - RL_CHECK_SIGNALS (); -! /* We only treat values < 0 specially to simulate recursion. */ -! if (r >= 0 || (r == -1 && (cxt->flags & KSEQ_SUBSEQ) == 0)) /* success! or failure! */ - { - _rl_keyseq_chain_dispose (); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 2 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 3 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-004 b/bash43-004 deleted file mode 100644 index 010f04a..0000000 --- a/bash43-004 +++ /dev/null @@ -1,47 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-004 - -Bug-Reported-by: Daan van Rossum -Bug-Reference-ID: <20140307072523.GA14250@flash.uchicago.edu> -Bug-Reference-URL: - -Bug-Description: - -The `.' command in vi mode cannot undo multi-key commands beginning with -`c', `d', and `y' (command plus motion specifier). - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/lib/readline/readline.c 2013-10-28 14:58:06.000000000 -0400 ---- lib/readline/readline.c 2014-03-07 15:20:33.000000000 -0500 -*************** -*** 965,969 **** - if (rl_editing_mode == vi_mode && _rl_keymap == vi_movement_keymap && - key != ANYOTHERKEY && -! rl_key_sequence_length == 1 && /* XXX */ - _rl_vi_textmod_command (key)) - _rl_vi_set_last (key, rl_numeric_arg, rl_arg_sign); ---- 965,969 ---- - if (rl_editing_mode == vi_mode && _rl_keymap == vi_movement_keymap && - key != ANYOTHERKEY && -! _rl_dispatching_keymap == vi_movement_keymap && - _rl_vi_textmod_command (key)) - _rl_vi_set_last (key, rl_numeric_arg, rl_arg_sign); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 3 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 4 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-005 b/bash43-005 deleted file mode 100644 index bcd4069..0000000 --- a/bash43-005 +++ /dev/null @@ -1,63 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-005 - -Bug-Reported-by: David Sines -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00037.html - -Bug-Description: - -When in Posix mode, bash did not correctly interpret the ANSI-C-style -$'...' quoting mechanism when performing pattern substitution word -expansions within double quotes. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/parse.y 2014-02-11 09:42:10.000000000 -0500 ---- parse.y 2014-03-07 20:57:15.000000000 -0500 -*************** -*** 3399,3403 **** - unescaped double-quotes or single-quotes, if any, shall occur." */ - /* This was changed in Austin Group Interp 221 */ -! if MBTEST(posixly_correct && shell_compatibility_level > 41 && dolbrace_state != DOLBRACE_QUOTE && (flags & P_DQUOTE) && (flags & P_DOLBRACE) && ch == '\'') - continue; - ---- 3399,3403 ---- - unescaped double-quotes or single-quotes, if any, shall occur." */ - /* This was changed in Austin Group Interp 221 */ -! if MBTEST(posixly_correct && shell_compatibility_level > 41 && dolbrace_state != DOLBRACE_QUOTE && dolbrace_state != DOLBRACE_QUOTE2 && (flags & P_DQUOTE) && (flags & P_DOLBRACE) && ch == '\'') - continue; - -*** ../bash-4.3/y.tab.c 2014-02-11 10:57:47.000000000 -0500 ---- y.tab.c 2014-03-28 10:41:15.000000000 -0400 -*************** -*** 5711,5715 **** - unescaped double-quotes or single-quotes, if any, shall occur." */ - /* This was changed in Austin Group Interp 221 */ -! if MBTEST(posixly_correct && shell_compatibility_level > 41 && dolbrace_state != DOLBRACE_QUOTE && (flags & P_DQUOTE) && (flags & P_DOLBRACE) && ch == '\'') - continue; - ---- 5711,5715 ---- - unescaped double-quotes or single-quotes, if any, shall occur." */ - /* This was changed in Austin Group Interp 221 */ -! if MBTEST(posixly_correct && shell_compatibility_level > 41 && dolbrace_state != DOLBRACE_QUOTE && dolbrace_state != DOLBRACE_QUOTE2 && (flags & P_DQUOTE) && (flags & P_DOLBRACE) && ch == '\'') - continue; - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 4 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 5 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-006 b/bash43-006 deleted file mode 100644 index 24ff057..0000000 --- a/bash43-006 +++ /dev/null @@ -1,48 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-006 - -Bug-Reported-by: Eduardo A . Bustamante Lopez -Bug-Reference-ID: <20140228170013.GA16015@dualbus.me> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-02/msg00091.html - -Bug-Description: - -A shell that started with job control active but was not interactive left -the terminal in the wrong process group when exiting, causing its parent -shell to get a stop signal when it attempted to read from the terminal. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/jobs.c 2014-01-10 09:05:34.000000000 -0500 ---- jobs.c 2014-03-02 18:05:09.000000000 -0500 -*************** -*** 4375,4379 **** - end_job_control () - { -! if (interactive_shell) /* XXX - should it be interactive? */ - { - terminate_stopped_jobs (); ---- 4375,4379 ---- - end_job_control () - { -! if (interactive_shell || job_control) /* XXX - should it be just job_control? */ - { - terminate_stopped_jobs (); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 5 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 6 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-007 b/bash43-007 deleted file mode 100644 index 0d62c9e..0000000 --- a/bash43-007 +++ /dev/null @@ -1,50 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-007 - -Bug-Reported-by: geir.hauge@gmail.com -Bug-Reference-ID: <20140318093650.B181C1C5B0B@gina.itea.ntnu.no> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00095.html - -Bug-Description: - -Using compound assignments for associative arrays like - -assoc=( [x]= [y]=bar ) - -left the value corresponding to the key `x' NULL. This caused subsequent -lookups to interpret it as unset. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/arrayfunc.c 2013-08-02 16:19:59.000000000 -0400 ---- arrayfunc.c 2014-03-18 11:08:15.000000000 -0400 -*************** -*** 598,601 **** ---- 598,606 ---- - { - val = expand_assignment_string_to_string (val, 0); -+ if (val == 0) -+ { -+ val = (char *)xmalloc (1); -+ val[0] = '\0'; /* like do_assignment_internal */ -+ } - free_val = 1; - } -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 6 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 7 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-008 b/bash43-008 deleted file mode 100644 index 0ae7c95..0000000 --- a/bash43-008 +++ /dev/null @@ -1,188 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-008 - -Bug-Reported-by: Stephane Chazelas -Bug-Reference-ID: <20140318135901.GB22158@chaz.gmail.com> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00098.html - -Bug-Description: - -Some extended glob patterns incorrectly matched filenames with a leading -dot, regardless of the setting of the `dotglob' option. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3/lib/glob/gmisc.c 2013-10-28 14:45:25.000000000 -0400 ---- lib/glob/gmisc.c 2014-03-19 09:16:08.000000000 -0400 -*************** -*** 211,214 **** ---- 211,215 ---- - case '!': - case '@': -+ case '?': - return (pat[1] == LPAREN); - default: -*** ../bash-4.3/lib/glob/glob.c 2014-01-31 21:43:51.000000000 -0500 ---- lib/glob/glob.c 2014-03-20 09:01:26.000000000 -0400 -*************** -*** 180,202 **** - int flags; - { -! char *pp, *pe, *t; -! int n, r; - - pp = pat + 2; -! pe = pp + strlen (pp) - 1; /*(*/ -! if (*pe != ')') -! return 0; -! if ((t = strchr (pp, '|')) == 0) /* easy case first */ - { - *pe = '\0'; - r = skipname (pp, dname, flags); /*(*/ - *pe = ')'; - return r; - } - while (t = glob_patscan (pp, pe, '|')) - { - n = t[-1]; - t[-1] = '\0'; - r = skipname (pp, dname, flags); - t[-1] = n; - if (r == 0) /* if any pattern says not skip, we don't skip */ ---- 180,215 ---- - int flags; - { -! char *pp, *pe, *t, *se; -! int n, r, negate; - -+ negate = *pat == '!'; - pp = pat + 2; -! se = pp + strlen (pp) - 1; /* end of string */ -! pe = glob_patscan (pp, se, 0); /* end of extglob pattern (( */ -! /* we should check for invalid extglob pattern here */ -! /* if pe != se we have more of the pattern at the end of the extglob -! pattern. Check the easy case first ( */ -! if (pe == se && *pe == ')' && (t = strchr (pp, '|')) == 0) - { - *pe = '\0'; -+ #if defined (HANDLE_MULTIBYTE) -+ r = mbskipname (pp, dname, flags); -+ #else - r = skipname (pp, dname, flags); /*(*/ -+ #endif - *pe = ')'; - return r; - } -+ -+ /* check every subpattern */ - while (t = glob_patscan (pp, pe, '|')) - { - n = t[-1]; - t[-1] = '\0'; -+ #if defined (HANDLE_MULTIBYTE) -+ r = mbskipname (pp, dname, flags); -+ #else - r = skipname (pp, dname, flags); -+ #endif - t[-1] = n; - if (r == 0) /* if any pattern says not skip, we don't skip */ -*************** -*** 205,219 **** - } /*(*/ - -! if (pp == pe) /* glob_patscan might find end of pattern */ - return r; - -! *pe = '\0'; -! # if defined (HANDLE_MULTIBYTE) -! r = mbskipname (pp, dname, flags); /*(*/ -! # else -! r = skipname (pp, dname, flags); /*(*/ -! # endif -! *pe = ')'; -! return r; - } - #endif ---- 218,227 ---- - } /*(*/ - -! /* glob_patscan might find end of pattern */ -! if (pp == se) - return r; - -! /* but if it doesn't then we didn't match a leading dot */ -! return 0; - } - #endif -*************** -*** 278,289 **** - { - #if EXTENDED_GLOB -! wchar_t *pp, *pe, *t, n; -! int r; - - pp = pat + 2; -! pe = pp + wcslen (pp) - 1; /*(*/ -! if (*pe != L')') -! return 0; -! if ((t = wcschr (pp, L'|')) == 0) - { - *pe = L'\0'; ---- 286,298 ---- - { - #if EXTENDED_GLOB -! wchar_t *pp, *pe, *t, n, *se; -! int r, negate; - -+ negate = *pat == L'!'; - pp = pat + 2; -! se = pp + wcslen (pp) - 1; /*(*/ -! pe = glob_patscan_wc (pp, se, 0); -! -! if (pe == se && *pe == ')' && (t = wcschr (pp, L'|')) == 0) - { - *pe = L'\0'; -*************** -*** 292,295 **** ---- 301,306 ---- - return r; - } -+ -+ /* check every subpattern */ - while (t = glob_patscan_wc (pp, pe, '|')) - { -*************** -*** 306,313 **** - return r; - -! *pe = L'\0'; -! r = wchkname (pp, dname); /*(*/ -! *pe = L')'; -! return r; - #else - return (wchkname (pat, dname)); ---- 317,322 ---- - return r; - -! /* but if it doesn't then we didn't match a leading dot */ -! return 0; - #else - return (wchkname (pat, dname)); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 7 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 8 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-009 b/bash43-009 deleted file mode 100644 index 015835c..0000000 --- a/bash43-009 +++ /dev/null @@ -1,64 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-009 - -Bug-Reported-by: Matthias Klose -Bug-Reference-ID: <53346FC8.6090005@debian.org> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00171.html - -Bug-Description: - -There is a problem with unsigned sign extension when attempting to reallocate -the input line when it is fewer than 3 characters long and there has been a -history expansion. The sign extension causes the shell to not reallocate the -line, which results in a segmentation fault when it writes past the end. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/parse.y 2014-02-11 09:42:10.000000000 -0500 ---- parse.y 2014-03-27 16:33:29.000000000 -0400 -*************** -*** 2425,2429 **** - if (shell_input_line_terminator != EOF) - { -! if (shell_input_line_size < SIZE_MAX && shell_input_line_len > shell_input_line_size - 3) - shell_input_line = (char *)xrealloc (shell_input_line, - 1 + (shell_input_line_size += 2)); ---- 2425,2429 ---- - if (shell_input_line_terminator != EOF) - { -! if (shell_input_line_size < SIZE_MAX-3 && (shell_input_line_len+3 > shell_input_line_size)) - shell_input_line = (char *)xrealloc (shell_input_line, - 1 + (shell_input_line_size += 2)); -*** ../bash-4.3-patched/y.tab.c 2014-03-28 11:17:06.000000000 -0400 ---- y.tab.c 2014-04-07 11:48:31.000000000 -0400 -*************** -*** 4737,4741 **** - if (shell_input_line_terminator != EOF) - { -! if (shell_input_line_size < SIZE_MAX && shell_input_line_len > shell_input_line_size - 3) - shell_input_line = (char *)xrealloc (shell_input_line, - 1 + (shell_input_line_size += 2)); ---- 4737,4741 ---- - if (shell_input_line_terminator != EOF) - { -! if (shell_input_line_size < SIZE_MAX-3 && (shell_input_line_len+3 > shell_input_line_size)) - shell_input_line = (char *)xrealloc (shell_input_line, - 1 + (shell_input_line_size += 2)); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 8 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 9 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-010 b/bash43-010 deleted file mode 100644 index 835a96e..0000000 --- a/bash43-010 +++ /dev/null @@ -1,157 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-010 - -Bug-Reported-by: Albert Shih -Bug-Reference-ID: Wed, 5 Mar 2014 23:01:40 +0100 -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00028.html - -Bug-Description: - -Patch (apply with `patch -p0'): - -This patch changes the behavior of programmable completion to compensate -for two assumptions made by the bash-completion package. Bash-4.3 changed -to dequote the argument to programmable completion only under certain -circumstances, to make the behavior of compgen more consistent when run -from the command line -- closer to the behavior when run by a shell function -run as part of programmable completion. Bash-completion can pass quoted -arguments to compgen when the original word to be completed was not quoted, -expecting programmable completion to dequote the word before attempting -completion. - -This patch fixes two cases: - -1. An empty string that bash-completion passes to compgen as a quoted null - string (''). - -2. An unquoted word that bash-completion quotes using single quotes or - backslashes before passing it to compgen. - -In these cases, since readline did not detect a quote character in the original -word to be completed, bash-4.3 - -*** ../bash-4.3/externs.h 2014-01-02 14:58:20.000000000 -0500 ---- externs.h 2014-03-13 14:42:57.000000000 -0400 -*************** -*** 325,328 **** ---- 325,329 ---- - extern char *sh_backslash_quote_for_double_quotes __P((char *)); - extern int sh_contains_shell_metas __P((char *)); -+ extern int sh_contains_quotes __P((char *)); - - /* declarations for functions defined in lib/sh/spell.c */ -*** ../bash-4.3/lib/sh/shquote.c 2013-03-31 21:53:32.000000000 -0400 ---- lib/sh/shquote.c 2014-03-13 14:42:57.000000000 -0400 -*************** -*** 312,313 **** ---- 312,327 ---- - return (0); - } -+ -+ int -+ sh_contains_quotes (string) -+ char *string; -+ { -+ char *s; -+ -+ for (s = string; s && *s; s++) -+ { -+ if (*s == '\'' || *s == '"' || *s == '\\') -+ return 1; -+ } -+ return 0; -+ } -*** ../bash-4.3/pcomplete.c 2013-08-26 15:23:45.000000000 -0400 ---- pcomplete.c 2014-03-25 17:23:23.000000000 -0400 -*************** -*** 184,187 **** ---- 184,188 ---- - COMPSPEC *pcomp_curcs; - const char *pcomp_curcmd; -+ const char *pcomp_curtxt; - - #ifdef DEBUG -*************** -*** 754,757 **** ---- 755,784 ---- - dfn = (*rl_filename_dequoting_function) ((char *)text, rl_completion_quote_character); - } -+ /* Intended to solve a mismatched assumption by bash-completion. If -+ the text to be completed is empty, but bash-completion turns it into -+ a quoted string ('') assuming that this code will dequote it before -+ calling readline, do the dequoting. */ -+ else if (iscompgen && iscompleting && -+ pcomp_curtxt && *pcomp_curtxt == 0 && -+ text && (*text == '\'' || *text == '"') && text[1] == text[0] && text[2] == 0 && -+ rl_filename_dequoting_function) -+ dfn = (*rl_filename_dequoting_function) ((char *)text, rl_completion_quote_character); -+ /* Another mismatched assumption by bash-completion. If compgen is being -+ run as part of bash-completion, and the argument to compgen is not -+ the same as the word originally passed to the programmable completion -+ code, dequote the argument if it has quote characters. It's an -+ attempt to detect when bash-completion is quoting its filename -+ argument before calling compgen. */ -+ /* We could check whether gen_shell_function_matches is in the call -+ stack by checking whether the gen-shell-function-matches tag is in -+ the unwind-protect stack, but there's no function to do that yet. -+ We could simply check whether we're executing in a function by -+ checking variable_context, and may end up doing that. */ -+ else if (iscompgen && iscompleting && rl_filename_dequoting_function && -+ pcomp_curtxt && text && -+ STREQ (pcomp_curtxt, text) == 0 && -+ variable_context && -+ sh_contains_quotes (text)) /* guess */ -+ dfn = (*rl_filename_dequoting_function) ((char *)text, rl_completion_quote_character); - else - dfn = savestring (text); -*************** -*** 1523,1527 **** - { - COMPSPEC *cs, *oldcs; -! const char *oldcmd; - STRINGLIST *ret; - ---- 1550,1554 ---- - { - COMPSPEC *cs, *oldcs; -! const char *oldcmd, *oldtxt; - STRINGLIST *ret; - -*************** -*** 1546,1552 **** ---- 1573,1581 ---- - oldcs = pcomp_curcs; - oldcmd = pcomp_curcmd; -+ oldtxt = pcomp_curtxt; - - pcomp_curcs = cs; - pcomp_curcmd = cmd; -+ pcomp_curtxt = word; - - ret = gen_compspec_completions (cs, cmd, word, start, end, foundp); -*************** -*** 1554,1557 **** ---- 1583,1587 ---- - pcomp_curcs = oldcs; - pcomp_curcmd = oldcmd; -+ pcomp_curtxt = oldtxt; - - /* We need to conditionally handle setting *retryp here */ -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 9 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 10 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-011 b/bash43-011 deleted file mode 100644 index cdc1572..0000000 --- a/bash43-011 +++ /dev/null @@ -1,49 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-011 - -Bug-Reported-by: Egmont Koblinger -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00153.html - -Bug-Description: - -The signal handling changes to bash and readline (to avoid running any code -in a signal handler context) cause the cursor to be placed on the wrong -line of a multi-line command after a ^C interrupts editing. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/lib/readline/display.c 2013-12-27 13:10:56.000000000 -0500 ---- lib/readline/display.c 2014-03-27 11:52:45.000000000 -0400 -*************** -*** 2678,2682 **** - if (_rl_echoing_p) - { -! _rl_move_vert (_rl_vis_botlin); - _rl_vis_botlin = 0; - fflush (rl_outstream); ---- 2678,2683 ---- - if (_rl_echoing_p) - { -! if (_rl_vis_botlin > 0) /* minor optimization plus bug fix */ -! _rl_move_vert (_rl_vis_botlin); - _rl_vis_botlin = 0; - fflush (rl_outstream); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 10 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 11 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-012 b/bash43-012 deleted file mode 100644 index 176fa15..0000000 --- a/bash43-012 +++ /dev/null @@ -1,43 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-012 - -Bug-Reported-by: Eduardo A. Bustamante López -Bug-Reference-ID: <5346B54C.4070205@case.edu> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-04/msg00051.html - -Bug-Description: - -When a SIGCHLD trap runs a command containing a shell builtin while -a script is running `wait' to wait for all running children to complete, -the SIGCHLD trap will not be run once for each child that terminates. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/jobs.c 2014-03-28 10:54:19.000000000 -0400 ---- jobs.c 2014-04-15 08:47:03.000000000 -0400 -*************** -*** 3598,3601 **** ---- 3598,3602 ---- - unwind_protect_pointer (the_pipeline); - unwind_protect_pointer (subst_assign_varlist); -+ unwind_protect_pointer (this_shell_builtin); - - /* We have to add the commands this way because they will be run -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 11 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 12 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-013 b/bash43-013 deleted file mode 100644 index 8f4006b..0000000 --- a/bash43-013 +++ /dev/null @@ -1,66 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-013 - -Bug-Reported-by: -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-04/msg00069.html - -Bug-Description: - -Using reverse-i-search when horizontal scrolling is enabled does not redisplay -the entire line containing the successful search results. - -Patch (apply with `patch -p0'): -*** ../bash-4.3-patched/lib/readline/display.c 2014-04-08 18:19:36.000000000 -0400 ---- lib/readline/display.c 2014-04-20 18:32:52.000000000 -0400 -*************** -*** 1638,1642 **** - the spot of first difference is before the end of the invisible chars, - lendiff needs to be adjusted. */ -! if (current_line == 0 && !_rl_horizontal_scroll_mode && - current_invis_chars != visible_wrap_offset) - { ---- 1638,1642 ---- - the spot of first difference is before the end of the invisible chars, - lendiff needs to be adjusted. */ -! if (current_line == 0 && /* !_rl_horizontal_scroll_mode && */ - current_invis_chars != visible_wrap_offset) - { -*************** -*** 1826,1831 **** - _rl_last_c_pos += bytes_to_insert; - - if (_rl_horizontal_scroll_mode && ((oe-old) > (ne-new))) -! goto clear_rest_of_line; - } - } ---- 1826,1836 ---- - _rl_last_c_pos += bytes_to_insert; - -+ /* XXX - we only want to do this if we are at the end of the line -+ so we move there with _rl_move_cursor_relative */ - if (_rl_horizontal_scroll_mode && ((oe-old) > (ne-new))) -! { -! _rl_move_cursor_relative (ne-new, new); -! goto clear_rest_of_line; -! } - } - } -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 12 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 13 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-014 b/bash43-014 deleted file mode 100644 index f837196..0000000 --- a/bash43-014 +++ /dev/null @@ -1,102 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-014 - -Bug-Reported-by: Greg Wooledge -Bug-Reference-ID: <20140418202123.GB7660@eeg.ccf.org> -Bug-Reference-URL: http://lists.gnu.org/archive/html/help-bash/2014-04/msg00004.html - -Bug-Description: - -Under certain circumstances, $@ is expanded incorrectly in contexts where -word splitting is not performed. - -Patch (apply with `patch -p0'): -*** ../bash-4.3-patched/subst.c 2014-01-23 16:26:37.000000000 -0500 ---- subst.c 2014-04-19 15:41:26.000000000 -0400 -*************** -*** 3249,3254 **** ---- 3249,3256 ---- - return ((char *)NULL); - -+ expand_no_split_dollar_star = 1; - w->flags |= W_NOSPLIT2; - l = call_expand_word_internal (w, 0, 0, (int *)0, (int *)0); -+ expand_no_split_dollar_star = 0; - if (l) - { -*************** -*** 7848,7851 **** ---- 7850,7857 ---- - according to POSIX.2, this expands to a list of the positional - parameters no matter what IFS is set to. */ -+ /* XXX - what to do when in a context where word splitting is not -+ performed? Even when IFS is not the default, posix seems to imply -+ that we behave like unquoted $* ? Maybe we should use PF_NOSPLIT2 -+ here. */ - temp = string_list_dollar_at (list, (pflags & PF_ASSIGNRHS) ? (quoted|Q_DOUBLE_QUOTES) : quoted); - -*************** -*** 8817,8820 **** ---- 8823,8827 ---- - { - char *ifs_chars; -+ char *tstring; - - ifs_chars = (quoted_dollar_at || has_dollar_at) ? ifs_value : (char *)NULL; -*************** -*** 8831,8834 **** ---- 8838,8865 ---- - if (split_on_spaces) - list = list_string (istring, " ", 1); /* XXX quoted == 1? */ -+ /* If we have $@ (has_dollar_at != 0) and we are in a context where we -+ don't want to split the result (W_NOSPLIT2), and we are not quoted, -+ we have already separated the arguments with the first character of -+ $IFS. In this case, we want to return a list with a single word -+ with the separator possibly replaced with a space (it's what other -+ shells seem to do). -+ quoted_dollar_at is internal to this function and is set if we are -+ passed an argument that is unquoted (quoted == 0) but we encounter a -+ double-quoted $@ while expanding it. */ -+ else if (has_dollar_at && quoted_dollar_at == 0 && ifs_chars && quoted == 0 && (word->flags & W_NOSPLIT2)) -+ { -+ /* Only split and rejoin if we have to */ -+ if (*ifs_chars && *ifs_chars != ' ') -+ { -+ list = list_string (istring, *ifs_chars ? ifs_chars : " ", 1); -+ tstring = string_list (list); -+ } -+ else -+ tstring = istring; -+ tword = make_bare_word (tstring); -+ if (tstring != istring) -+ free (tstring); -+ goto set_word_flags; -+ } - else if (has_dollar_at && ifs_chars) - list = list_string (istring, *ifs_chars ? ifs_chars : " ", 1); -*************** -*** 8836,8839 **** ---- 8867,8871 ---- - { - tword = make_bare_word (istring); -+ set_word_flags: - if ((quoted & (Q_DOUBLE_QUOTES|Q_HERE_DOCUMENT)) || (quoted_state == WHOLLY_QUOTED)) - tword->flags |= W_QUOTED; -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 13 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 14 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-015 b/bash43-015 deleted file mode 100644 index 9c4e5ea..0000000 --- a/bash43-015 +++ /dev/null @@ -1,58 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-015 - -Bug-Reported-by: Clark Wang -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-04/msg00095.html - -Bug-Description: - -When completing directory names, the directory name is dequoted twice. -This causes problems for directories with single and double quotes in -their names. - -Patch (apply with `patch -p0'): -*** ../bash-4.3-patched/bashline.c 2014-02-09 19:56:58.000000000 -0500 ---- bashline.c 2014-04-25 14:57:52.000000000 -0400 -*************** -*** 4168,4174 **** - - qc = rl_dispatching ? rl_completion_quote_character : 0; -! dfn = bash_dequote_filename ((char *)text, qc); - m1 = rl_completion_matches (dfn, rl_filename_completion_function); -! free (dfn); - - if (m1 == 0 || m1[0] == 0) ---- 4209,4222 ---- - - qc = rl_dispatching ? rl_completion_quote_character : 0; -! /* If rl_completion_found_quote != 0, rl_completion_matches will call the -! filename dequoting function, causing the directory name to be dequoted -! twice. */ -! if (rl_dispatching && rl_completion_found_quote == 0) -! dfn = bash_dequote_filename ((char *)text, qc); -! else -! dfn = (char *)text; - m1 = rl_completion_matches (dfn, rl_filename_completion_function); -! if (dfn != text) -! free (dfn); - - if (m1 == 0 || m1[0] == 0) -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 14 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 15 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-016 b/bash43-016 deleted file mode 100644 index 882d593..0000000 --- a/bash43-016 +++ /dev/null @@ -1,132 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-016 - -Bug-Reported-by: Pierre Gaston -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-04/msg00100.html - -Bug-Description: - -An extended glob pattern containing a slash (`/') causes the globbing code -to misinterpret it as a directory separator. - -Patch (apply with `patch -p0'): -*** ../bash-4.3-patched/lib/glob/glob.c 2014-03-28 10:54:23.000000000 -0400 ---- lib/glob/glob.c 2014-05-02 10:24:28.000000000 -0400 -*************** -*** 124,127 **** ---- 124,129 ---- - extern wchar_t *glob_patscan_wc __P((wchar_t *, wchar_t *, int)); - -+ extern char *glob_dirscan __P((char *, int)); -+ - /* Compile `glob_loop.c' for single-byte characters. */ - #define CHAR unsigned char -*************** -*** 188,191 **** ---- 190,196 ---- - pe = glob_patscan (pp, se, 0); /* end of extglob pattern (( */ - /* we should check for invalid extglob pattern here */ -+ if (pe == 0) -+ return 0; -+ - /* if pe != se we have more of the pattern at the end of the extglob - pattern. Check the easy case first ( */ -*************** -*** 1016,1020 **** - char **result; - unsigned int result_size; -! char *directory_name, *filename, *dname; - unsigned int directory_len; - int free_dirname; /* flag */ ---- 1021,1025 ---- - char **result; - unsigned int result_size; -! char *directory_name, *filename, *dname, *fn; - unsigned int directory_len; - int free_dirname; /* flag */ -*************** -*** 1032,1035 **** ---- 1037,1052 ---- - /* Find the filename. */ - filename = strrchr (pathname, '/'); -+ #if defined (EXTENDED_GLOB) -+ if (filename && extended_glob) -+ { -+ fn = glob_dirscan (pathname, '/'); -+ #if DEBUG_MATCHING -+ if (fn != filename) -+ fprintf (stderr, "glob_filename: glob_dirscan: fn (%s) != filename (%s)\n", fn ? fn : "(null)", filename); -+ #endif -+ filename = fn; -+ } -+ #endif -+ - if (filename == NULL) - { -*** ../bash-4.3-patched/lib/glob/gmisc.c 2014-03-28 10:54:23.000000000 -0400 ---- lib/glob/gmisc.c 2014-05-02 09:35:57.000000000 -0400 -*************** -*** 43,46 **** ---- 43,48 ---- - #define WRPAREN L')' - -+ extern char *glob_patscan __P((char *, char *, int)); -+ - /* Return 1 of the first character of WSTRING could match the first - character of pattern WPAT. Wide character version. */ -*************** -*** 376,377 **** ---- 378,410 ---- - return matlen; - } -+ -+ /* Skip characters in PAT and return the final occurrence of DIRSEP. This -+ is only called when extended_glob is set, so we have to skip over extglob -+ patterns x(...) */ -+ char * -+ glob_dirscan (pat, dirsep) -+ char *pat; -+ int dirsep; -+ { -+ char *p, *d, *pe, *se; -+ -+ d = pe = se = 0; -+ for (p = pat; p && *p; p++) -+ { -+ if (extglob_pattern_p (p)) -+ { -+ if (se == 0) -+ se = p + strlen (p) - 1; -+ pe = glob_patscan (p + 2, se, 0); -+ if (pe == 0) -+ continue; -+ else if (*pe == 0) -+ break; -+ p = pe - 1; /* will do increment above */ -+ continue; -+ } -+ if (*p == dirsep) -+ d = p; -+ } -+ return d; -+ } - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 15 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 16 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-017 b/bash43-017 deleted file mode 100644 index 4016fb9..0000000 --- a/bash43-017 +++ /dev/null @@ -1,51 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-017 - -Bug-Reported-by: Dan Douglas -Bug-Reference-ID: <7781746.RhfoTROLxF@smorgbox> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-05/msg00026.html - -Bug-Description: - -The code that creates local variables should not clear the `invisible' -attribute when returning an existing local variable. Let the code that -actually assigns a value clear it. - -Patch (apply with `patch -p0'): -*** ../bash-4.3-patched/variables.c 2014-02-14 11:55:12.000000000 -0500 ---- variables.c 2014-05-07 10:53:57.000000000 -0400 -*************** -*** 2198,2205 **** - old_var = find_variable (name); - if (old_var && local_p (old_var) && old_var->context == variable_context) -! { -! VUNSETATTR (old_var, att_invisible); /* XXX */ -! return (old_var); -! } - - was_tmpvar = old_var && tempvar_p (old_var); ---- 2260,2264 ---- - old_var = find_variable (name); - if (old_var && local_p (old_var) && old_var->context == variable_context) -! return (old_var); - - was_tmpvar = old_var && tempvar_p (old_var); - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 16 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 17 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-018 b/bash43-018 deleted file mode 100644 index 39499f6..0000000 --- a/bash43-018 +++ /dev/null @@ -1,44 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-018 - -Bug-Reported-by: Geir Hauge -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-05/msg00040.html - -Bug-Description: - -When assigning an array variable using the compound assignment syntax, -but using `declare' with the rhs of the compound assignment quoted, the -shell did not mark the variable as visible after successfully performing -the assignment. - -Patch (apply with `patch -p0'): -*** ../bash-4.3-patched/arrayfunc.c 2014-03-28 10:54:21.000000000 -0400 ---- arrayfunc.c 2014-05-12 11:19:00.000000000 -0400 -*************** -*** 180,183 **** ---- 180,184 ---- - FREE (newval); - -+ VUNSETATTR (entry, att_invisible); /* no longer invisible */ - return (entry); - } - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 17 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 18 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-019 b/bash43-019 deleted file mode 100644 index a93714b..0000000 --- a/bash43-019 +++ /dev/null @@ -1,84 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-019 - -Bug-Reported-by: John Lenton -Bug-Reference-ID: -Bug-Reference-URL: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1317476 - -Bug-Description: - -The -t timeout option to `read' does not work when the -e option is used. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/lib/readline/input.c 2014-01-10 15:07:08.000000000 -0500 ---- lib/readline/input.c 2014-05-22 18:40:59.000000000 -0400 -*************** -*** 535,540 **** ---- 538,551 ---- - else if (_rl_caught_signal == SIGHUP || _rl_caught_signal == SIGTERM) - return (RL_ISSTATE (RL_STATE_READCMD) ? READERR : EOF); -+ /* keyboard-generated signals of interest */ - else if (_rl_caught_signal == SIGINT || _rl_caught_signal == SIGQUIT) - RL_CHECK_SIGNALS (); -+ /* non-keyboard-generated signals of interest */ -+ else if (_rl_caught_signal == SIGALRM -+ #if defined (SIGVTALRM) -+ || _rl_caught_signal == SIGVTALRM -+ #endif -+ ) -+ RL_CHECK_SIGNALS (); - - if (rl_signal_event_hook) -*** ../bash-4.3-patched/builtins/read.def 2013-09-02 11:54:00.000000000 -0400 ---- builtins/read.def 2014-05-08 11:43:35.000000000 -0400 -*************** -*** 443,447 **** - #if defined (READLINE) - if (edit) -! add_unwind_protect (reset_attempted_completion_function, (char *)NULL); - #endif - falarm (tmsec, tmusec); ---- 443,450 ---- - #if defined (READLINE) - if (edit) -! { -! add_unwind_protect (reset_attempted_completion_function, (char *)NULL); -! add_unwind_protect (bashline_reset_event_hook, (char *)NULL); -! } - #endif - falarm (tmsec, tmusec); -*************** -*** 1022,1025 **** ---- 1025,1029 ---- - old_attempted_completion_function = rl_attempted_completion_function; - rl_attempted_completion_function = (rl_completion_func_t *)NULL; -+ bashline_set_event_hook (); - if (itext) - { -*************** -*** 1033,1036 **** ---- 1037,1041 ---- - rl_attempted_completion_function = old_attempted_completion_function; - old_attempted_completion_function = (rl_completion_func_t *)NULL; -+ bashline_reset_event_hook (); - - if (ret == 0) -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 18 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 19 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-020 b/bash43-020 deleted file mode 100644 index 5f533ef..0000000 --- a/bash43-020 +++ /dev/null @@ -1,110 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-020 - -Bug-Reported-by: Jared Yanovich -Bug-Reference-ID: <20140417073654.GB26875@nightderanger.psc.edu> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-04/msg00065.html - -Bug-Description: - -When PS2 contains a command substitution, here-documents entered in an -interactive shell can sometimes cause a segmentation fault. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/shell.h 2012-12-25 21:11:01.000000000 -0500 ---- shell.h 2014-06-03 09:24:28.000000000 -0400 -*************** -*** 169,173 **** - int expand_aliases; - int echo_input_at_read; -! - } sh_parser_state_t; - ---- 169,174 ---- - int expand_aliases; - int echo_input_at_read; -! int need_here_doc; -! - } sh_parser_state_t; - -*** ../bash-4.3-patched/parse.y 2014-05-14 09:16:40.000000000 -0400 ---- parse.y 2014-04-30 09:27:59.000000000 -0400 -*************** -*** 2643,2647 **** - - r = 0; -! while (need_here_doc) - { - parser_state |= PST_HEREDOC; ---- 2643,2647 ---- - - r = 0; -! while (need_here_doc > 0) - { - parser_state |= PST_HEREDOC; -*************** -*** 6076,6079 **** ---- 6076,6080 ---- - ps->expand_aliases = expand_aliases; - ps->echo_input_at_read = echo_input_at_read; -+ ps->need_here_doc = need_here_doc; - - ps->token = token; -*************** -*** 6124,6127 **** ---- 6125,6129 ---- - expand_aliases = ps->expand_aliases; - echo_input_at_read = ps->echo_input_at_read; -+ need_here_doc = ps->need_here_doc; - - FREE (token); -*** ../bash-4.3-patched/y.tab.c 2014-04-07 11:56:12.000000000 -0400 ---- y.tab.c 2014-07-30 09:55:57.000000000 -0400 -*************** -*** 4955,4959 **** - - r = 0; -! while (need_here_doc) - { - parser_state |= PST_HEREDOC; ---- 5151,5155 ---- - - r = 0; -! while (need_here_doc > 0) - { - parser_state |= PST_HEREDOC; -*************** -*** 8388,8391 **** ---- 8584,8588 ---- - ps->expand_aliases = expand_aliases; - ps->echo_input_at_read = echo_input_at_read; -+ ps->need_here_doc = need_here_doc; - - ps->token = token; -*************** -*** 8436,8439 **** ---- 8633,8637 ---- - expand_aliases = ps->expand_aliases; - echo_input_at_read = ps->echo_input_at_read; -+ need_here_doc = ps->need_here_doc; - - FREE (token); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 19 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 20 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-021 b/bash43-021 deleted file mode 100644 index fd1c945..0000000 --- a/bash43-021 +++ /dev/null @@ -1,52 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-021 - -Bug-Reported-by: Jared Yanovich -Bug-Reference-ID: <20140625225019.GJ17044@nightderanger.psc.edu> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00070.html - -Bug-Description: - -When the readline `revert-all-at-newline' option is set, pressing newline -when the current line is one retrieved from history results in a double free -and a segmentation fault. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/lib/readline/misc.c 2012-09-01 18:03:11.000000000 -0400 ---- lib/readline/misc.c 2014-06-30 13:41:19.000000000 -0400 -*************** -*** 462,465 **** ---- 462,466 ---- - /* Set up rl_line_buffer and other variables from history entry */ - rl_replace_from_history (entry, 0); /* entry->line is now current */ -+ entry->data = 0; /* entry->data is now current undo list */ - /* Undo all changes to this history entry */ - while (rl_undo_list) -*************** -*** 469,473 **** - FREE (entry->line); - entry->line = savestring (rl_line_buffer); -- entry->data = 0; - } - entry = previous_history (); ---- 470,473 ---- - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 20 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 21 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-022 b/bash43-022 deleted file mode 100644 index 7ce39ec..0000000 --- a/bash43-022 +++ /dev/null @@ -1,56 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-022 - -Bug-Reported-by: scorp.dev.null@gmail.com -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00061.html - -Bug-Description: - -Using nested pipelines within loops with the `lastpipe' option set can result -in a segmentation fault. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/execute_cmd.c 2014-01-31 10:54:52.000000000 -0500 ---- execute_cmd.c 2014-06-19 08:05:49.000000000 -0400 -*************** -*** 2410,2414 **** - lstdin = wait_for (lastpid); - #if defined (JOB_CONTROL) -! exec_result = job_exit_status (lastpipe_jid); - #endif - unfreeze_jobs_list (); ---- 2425,2438 ---- - lstdin = wait_for (lastpid); - #if defined (JOB_CONTROL) -! /* If wait_for removes the job from the jobs table, use result of last -! command as pipeline's exit status as usual. The jobs list can get -! frozen and unfrozen at inconvenient times if there are multiple pipelines -! running simultaneously. */ -! if (INVALID_JOB (lastpipe_jid) == 0) -! exec_result = job_exit_status (lastpipe_jid); -! else if (pipefail_opt) -! exec_result = exec_result | lstdin; /* XXX */ -! /* otherwise we use exec_result */ -! - #endif - unfreeze_jobs_list (); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 21 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 22 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-023 b/bash43-023 deleted file mode 100644 index d1e4e9d..0000000 --- a/bash43-023 +++ /dev/null @@ -1,104 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-023 - -Bug-Reported-by: Tim Friske -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00056.html - -Bug-Description: - -Bash does not correctly parse process substitution constructs that contain -unbalanced parentheses as part of the contained command. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/subst.h 2014-01-11 21:02:27.000000000 -0500 ---- subst.h 2014-07-20 17:25:01.000000000 -0400 -*************** -*** 83,87 **** - Start extracting at (SINDEX) as if we had just seen "<(". - Make (SINDEX) get the position just after the matching ")". */ -! extern char *extract_process_subst __P((char *, char *, int *)); - #endif /* PROCESS_SUBSTITUTION */ - ---- 83,87 ---- - Start extracting at (SINDEX) as if we had just seen "<(". - Make (SINDEX) get the position just after the matching ")". */ -! extern char *extract_process_subst __P((char *, char *, int *, int)); - #endif /* PROCESS_SUBSTITUTION */ - -*** ../bash-4.3-patched/subst.c 2014-05-15 08:26:45.000000000 -0400 ---- subst.c 2014-07-20 17:26:44.000000000 -0400 -*************** -*** 1193,1202 **** - Make (SINDEX) get the position of the matching ")". */ /*))*/ - char * -! extract_process_subst (string, starter, sindex) - char *string; - char *starter; - int *sindex; - { - return (extract_delimited_string (string, sindex, starter, "(", ")", SX_COMMAND)); - } - #endif /* PROCESS_SUBSTITUTION */ ---- 1193,1208 ---- - Make (SINDEX) get the position of the matching ")". */ /*))*/ - char * -! extract_process_subst (string, starter, sindex, xflags) - char *string; - char *starter; - int *sindex; -+ int xflags; - { -+ #if 0 - return (extract_delimited_string (string, sindex, starter, "(", ")", SX_COMMAND)); -+ #else -+ xflags |= (no_longjmp_on_fatal_error ? SX_NOLONGJMP : 0); -+ return (xparse_dolparen (string, string+*sindex, sindex, xflags)); -+ #endif - } - #endif /* PROCESS_SUBSTITUTION */ -*************** -*** 1786,1790 **** - if (string[si] == '\0') - CQ_RETURN(si); -! temp = extract_process_subst (string, (c == '<') ? "<(" : ">(", &si); - free (temp); /* no SX_ALLOC here */ - i = si; ---- 1792,1796 ---- - if (string[si] == '\0') - CQ_RETURN(si); -! temp = extract_process_subst (string, (c == '<') ? "<(" : ">(", &si, 0); - free (temp); /* no SX_ALLOC here */ - i = si; -*************** -*** 8250,8254 **** - t_index = sindex + 1; /* skip past both '<' and LPAREN */ - -! temp1 = extract_process_subst (string, (c == '<') ? "<(" : ">(", &t_index); /*))*/ - sindex = t_index; - ---- 8256,8260 ---- - t_index = sindex + 1; /* skip past both '<' and LPAREN */ - -! temp1 = extract_process_subst (string, (c == '<') ? "<(" : ">(", &t_index, 0); /*))*/ - sindex = t_index; - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 22 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 23 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-024 b/bash43-024 deleted file mode 100644 index a24b8fb..0000000 --- a/bash43-024 +++ /dev/null @@ -1,54 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-024 - -Bug-Reported-by: Corentin Peuvrel -Bug-Reference-ID: <53CE9E5D.6050203@pom-monitoring.com> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-07/msg00021.html - -Bug-Description: - -Indirect variable references do not work correctly if the reference -variable expands to an array reference using a subscript other than 0 -(e.g., foo='bar[1]' ; echo ${!foo}). - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/subst.c 2014-06-03 09:32:44.000000000 -0400 ---- subst.c 2014-07-23 09:58:19.000000000 -0400 -*************** -*** 7375,7379 **** - - if (want_indir) -! tdesc = parameter_brace_expand_indir (name + 1, var_is_special, quoted, quoted_dollar_atp, contains_dollar_at); - else - tdesc = parameter_brace_expand_word (name, var_is_special, quoted, PF_IGNUNBOUND|(pflags&(PF_NOSPLIT2|PF_ASSIGNRHS)), &ind); ---- 7445,7455 ---- - - if (want_indir) -! { -! tdesc = parameter_brace_expand_indir (name + 1, var_is_special, quoted, quoted_dollar_atp, contains_dollar_at); -! /* Turn off the W_ARRAYIND flag because there is no way for this function -! to return the index we're supposed to be using. */ -! if (tdesc && tdesc->flags) -! tdesc->flags &= ~W_ARRAYIND; -! } - else - tdesc = parameter_brace_expand_word (name, var_is_special, quoted, PF_IGNUNBOUND|(pflags&(PF_NOSPLIT2|PF_ASSIGNRHS)), &ind); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 23 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 24 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-025 b/bash43-025 deleted file mode 100644 index 721aca0..0000000 --- a/bash43-025 +++ /dev/null @@ -1,123 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-025 - -Bug-Reported-by: Stephane Chazelas -Bug-Reference-ID: -Bug-Reference-URL: - -Bug-Description: - -Under certain circumstances, bash will execute user code while processing the -environment for exported function definitions. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/builtins/common.h 2013-07-08 16:54:47.000000000 -0400 ---- builtins/common.h 2014-09-12 14:25:47.000000000 -0400 -*************** -*** 34,37 **** ---- 49,54 ---- - #define SEVAL_PARSEONLY 0x020 - #define SEVAL_NOLONGJMP 0x040 -+ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ -+ #define SEVAL_ONECMD 0x100 /* only allow a single command */ - - /* Flags for describe_command, shared between type.def and command.def */ -*** ../bash-4.3-patched/builtins/evalstring.c 2014-02-11 09:42:10.000000000 -0500 ---- builtins/evalstring.c 2014-09-14 14:15:13.000000000 -0400 -*************** -*** 309,312 **** ---- 313,324 ---- - struct fd_bitmap *bitmap; - -+ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) -+ { -+ internal_warning ("%s: ignoring function definition attempt", from_file); -+ should_jump_to_top_level = 0; -+ last_result = last_command_exit_value = EX_BADUSAGE; -+ break; -+ } -+ - bitmap = new_fd_bitmap (FD_BITMAP_SIZE); - begin_unwind_frame ("pe_dispose"); -*************** -*** 369,372 **** ---- 381,387 ---- - dispose_fd_bitmap (bitmap); - discard_unwind_frame ("pe_dispose"); -+ -+ if (flags & SEVAL_ONECMD) -+ break; - } - } -*** ../bash-4.3-patched/variables.c 2014-05-15 08:26:50.000000000 -0400 ---- variables.c 2014-09-14 14:23:35.000000000 -0400 -*************** -*** 359,369 **** - strcpy (temp_string + char_index + 1, string); - -! if (posixly_correct == 0 || legal_identifier (name)) -! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); -! -! /* Ancient backwards compatibility. Old versions of bash exported -! functions like name()=() {...} */ -! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') -! name[char_index - 2] = '\0'; - - if (temp_var = find_function (name)) ---- 364,372 ---- - strcpy (temp_string + char_index + 1, string); - -! /* Don't import function names that are invalid identifiers from the -! environment, though we still allow them to be defined as shell -! variables. */ -! if (legal_identifier (name)) -! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); - - if (temp_var = find_function (name)) -*************** -*** 382,389 **** - report_error (_("error importing function definition for `%s'"), name); - } -- -- /* ( */ -- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') -- name[char_index - 2] = '('; /* ) */ - } - #if defined (ARRAY_VARS) ---- 385,388 ---- -*** ../bash-4.3-patched/subst.c 2014-08-11 11:16:35.000000000 -0400 ---- subst.c 2014-09-12 15:31:04.000000000 -0400 -*************** -*** 8048,8052 **** - goto return0; - } -! else if (var = find_variable_last_nameref (temp1)) - { - temp = nameref_cell (var); ---- 8118,8124 ---- - goto return0; - } -! else if (var && (invisible_p (var) || var_isset (var) == 0)) -! temp = (char *)NULL; -! else if ((var = find_variable_last_nameref (temp1)) && var_isset (var) && invisible_p (var) == 0) - { - temp = nameref_cell (var); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 24 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 25 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-026 b/bash43-026 deleted file mode 100644 index d5d5b1d..0000000 --- a/bash43-026 +++ /dev/null @@ -1,60 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-026 - -Bug-Reported-by: Tavis Ormandy -Bug-Reference-ID: -Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 - -Bug-Description: - -Under certain circumstances, bash can incorrectly save a lookahead character and -return it on a subsequent call, even when reading a new line. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3.25/parse.y 2014-07-30 10:14:31.000000000 -0400 ---- parse.y 2014-09-25 20:20:21.000000000 -0400 -*************** -*** 2954,2957 **** ---- 2954,2959 ---- - word_desc_to_read = (WORD_DESC *)NULL; - -+ eol_ungetc_lookahead = 0; -+ - current_token = '\n'; /* XXX */ - last_read_token = '\n'; -*** ../bash-4.3.25/y.tab.c 2014-07-30 10:14:32.000000000 -0400 ---- y.tab.c 2014-09-25 20:21:48.000000000 -0400 -*************** -*** 5266,5269 **** ---- 5266,5271 ---- - word_desc_to_read = (WORD_DESC *)NULL; - -+ eol_ungetc_lookahead = 0; -+ - current_token = '\n'; /* XXX */ - last_read_token = '\n'; -*************** -*** 8540,8542 **** - } - #endif /* HANDLE_MULTIBYTE */ -- ---- 8542,8543 ---- -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 25 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 26 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-029 b/bash43-029 deleted file mode 100644 index f8a9e77..0000000 --- a/bash43-029 +++ /dev/null @@ -1,59 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-029 - -Bug-Reported-by: Michal Zalewski -Bug-Reference-ID: -Bug-Reference-URL: - -Bug-Description: - -When bash is parsing a function definition that contains a here-document -delimited by end-of-file (or end-of-string), it leaves the closing delimiter -uninitialized. This can result in an invalid memory access when the parsed -function is later copied. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3.28/make_cmd.c 2011-12-16 08:08:01.000000000 -0500 ---- make_cmd.c 2014-10-02 11:24:23.000000000 -0400 -*************** -*** 693,696 **** ---- 693,697 ---- - temp->redirector = source; - temp->redirectee = dest_and_filename; -+ temp->here_doc_eof = 0; - temp->instruction = instruction; - temp->flags = 0; -*** ../bash-4.3.28/copy_cmd.c 2009-09-11 16:28:02.000000000 -0400 ---- copy_cmd.c 2014-10-02 11:24:23.000000000 -0400 -*************** -*** 127,131 **** - case r_reading_until: - case r_deblank_reading_until: -! new_redirect->here_doc_eof = savestring (redirect->here_doc_eof); - /*FALLTHROUGH*/ - case r_reading_string: ---- 127,131 ---- - case r_reading_until: - case r_deblank_reading_until: -! new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0; - /*FALLTHROUGH*/ - case r_reading_string: -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 26 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 29 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-030 b/bash43-030 deleted file mode 100644 index 9e115a3..0000000 --- a/bash43-030 +++ /dev/null @@ -1,132 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-030 - -Bug-Reported-by: Michal Zalewski -Bug-Reference-ID: -Bug-Reference-URL: - -Bug-Description: - -A combination of nested command substitutions and function importing from -the environment can cause bash to execute code appearing in the environment -variable value following the function definition. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3.29/builtins/evalstring.c 2014-10-01 12:57:47.000000000 -0400 ---- builtins/evalstring.c 2014-10-03 11:57:04.000000000 -0400 -*************** -*** 309,318 **** - struct fd_bitmap *bitmap; - -! if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) - { -! internal_warning ("%s: ignoring function definition attempt", from_file); -! should_jump_to_top_level = 0; -! last_result = last_command_exit_value = EX_BADUSAGE; -! break; - } - ---- 313,335 ---- - struct fd_bitmap *bitmap; - -! if (flags & SEVAL_FUNCDEF) - { -! char *x; -! -! /* If the command parses to something other than a straight -! function definition, or if we have not consumed the entire -! string, or if the parser has transformed the function -! name (as parsing will if it begins or ends with shell -! whitespace, for example), reject the attempt */ -! if (command->type != cm_function_def || -! ((x = parser_remaining_input ()) && *x) || -! (STREQ (from_file, command->value.Function_def->name->word) == 0)) -! { -! internal_warning (_("%s: ignoring function definition attempt"), from_file); -! should_jump_to_top_level = 0; -! last_result = last_command_exit_value = EX_BADUSAGE; -! reset_parser (); -! break; -! } - } - -*************** -*** 379,383 **** - - if (flags & SEVAL_ONECMD) -! break; - } - } ---- 396,403 ---- - - if (flags & SEVAL_ONECMD) -! { -! reset_parser (); -! break; -! } - } - } -*** ../bash-4.3.29/parse.y 2014-10-01 12:58:43.000000000 -0400 ---- parse.y 2014-10-03 14:48:59.000000000 -0400 -*************** -*** 2539,2542 **** ---- 2539,2552 ---- - } - -+ char * -+ parser_remaining_input () -+ { -+ if (shell_input_line == 0) -+ return 0; -+ if (shell_input_line_index < 0 || shell_input_line_index >= shell_input_line_len) -+ return '\0'; /* XXX */ -+ return (shell_input_line + shell_input_line_index); -+ } -+ - #ifdef INCLUDE_UNUSED - /* Back the input pointer up by one, effectively `ungetting' a character. */ -*************** -*** 4028,4033 **** - /* reset_parser clears shell_input_line and associated variables */ - restore_input_line_state (&ls); -! if (interactive) -! token_to_read = 0; - - /* Need to find how many characters parse_and_execute consumed, update ---- 4053,4058 ---- - /* reset_parser clears shell_input_line and associated variables */ - restore_input_line_state (&ls); -! -! token_to_read = 0; - - /* Need to find how many characters parse_and_execute consumed, update -*** ../bash-4.3.29/shell.h 2014-10-01 12:57:39.000000000 -0400 ---- shell.h 2014-10-03 14:49:12.000000000 -0400 -*************** -*** 181,184 **** ---- 181,186 ---- - - /* Let's try declaring these here. */ -+ extern char *parser_remaining_input __P((void)); -+ - extern sh_parser_state_t *save_parser_state __P((sh_parser_state_t *)); - extern void restore_parser_state __P((sh_parser_state_t *)); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 29 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 30 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-031 b/bash43-031 deleted file mode 100644 index a651956..0000000 --- a/bash43-031 +++ /dev/null @@ -1,112 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-031 - -Bug-Reported-by: lolilolicon -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00139.html - -Bug-Description: - -The new nameref assignment functionality introduced in bash-4.3 did not perform -enough validation on the variable value and would create variables with -invalid names. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/subst.h 2014-01-11 21:02:27.000000000 -0500 ---- subst.h 2014-09-01 12:16:56.000000000 -0400 -*************** -*** 48,51 **** ---- 48,52 ---- - #define ASS_MKGLOBAL 0x0008 /* force global assignment */ - #define ASS_NAMEREF 0x0010 /* assigning to nameref variable */ -+ #define ASS_FROMREF 0x0020 /* assigning from value of nameref variable */ - - /* Flags for the string extraction functions. */ -*** ../bash-4.3-patched/variables.c 2014-05-15 08:26:50.000000000 -0400 ---- variables.c 2014-09-01 14:37:44.000000000 -0400 -*************** -*** 2504,2511 **** - int hflags, aflags; - { -! char *newval; - SHELL_VAR *entry; - - entry = (hflags & HASH_NOSRCH) ? (SHELL_VAR *)NULL : hash_lookup (name, table); - /* Follow the nameref chain here if this is the global variables table */ - if (entry && nameref_p (entry) && (invisible_p (entry) == 0) && table == global_variables->table) ---- 2566,2590 ---- - int hflags, aflags; - { -! char *newname, *newval; - SHELL_VAR *entry; -+ #if defined (ARRAY_VARS) -+ arrayind_t ind; -+ char *subp; -+ int sublen; -+ #endif - -+ newname = 0; -+ #if defined (ARRAY_VARS) -+ if ((aflags & ASS_FROMREF) && (hflags & HASH_NOSRCH) == 0 && valid_array_reference (name)) -+ { -+ newname = array_variable_name (name, &subp, &sublen); -+ if (newname == 0) -+ return (SHELL_VAR *)NULL; /* XXX */ -+ entry = hash_lookup (newname, table); -+ } -+ else -+ #endif - entry = (hflags & HASH_NOSRCH) ? (SHELL_VAR *)NULL : hash_lookup (name, table); -+ - /* Follow the nameref chain here if this is the global variables table */ - if (entry && nameref_p (entry) && (invisible_p (entry) == 0) && table == global_variables->table) -*************** -*** 2538,2541 **** ---- 2617,2630 ---- - } - } -+ #if defined (ARRAY_VARS) -+ else if (entry == 0 && newname) -+ { -+ entry = make_new_array_variable (newname); /* indexed array by default */ -+ if (entry == 0) -+ return entry; -+ ind = array_expand_index (name, subp, sublen); -+ bind_array_element (entry, ind, value, aflags); -+ } -+ #endif - else if (entry == 0) - { -*************** -*** 2658,2662 **** - if (nameref_cell (nv) == 0) - return (bind_variable_internal (nv->name, value, nvc->table, 0, flags)); -! return (bind_variable_internal (nameref_cell (nv), value, nvc->table, 0, flags)); - } - else ---- 2747,2752 ---- - if (nameref_cell (nv) == 0) - return (bind_variable_internal (nv->name, value, nvc->table, 0, flags)); -! /* XXX - bug here with ref=array[index] */ -! return (bind_variable_internal (nameref_cell (nv), value, nvc->table, 0, flags|ASS_FROMREF)); - } - else -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 30 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 31 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-032 b/bash43-032 deleted file mode 100644 index 0843719..0000000 --- a/bash43-032 +++ /dev/null @@ -1,51 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-032 - -Bug-Reported-by: crispusfairbairn@gmail.com -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-09/msg00013.html - -Bug-Description: - -When bash is running in Posix mode, it allows signals -- including SIGCHLD -- -to interrupt the `wait' builtin, as Posix requires. However, the interrupt -causes bash to not run a SIGCHLD trap for all exited children. This patch -fixes the issue and restores the documented behavior in Posix mode. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/jobs.c 2014-05-14 09:20:15.000000000 -0400 ---- jobs.c 2014-09-09 11:50:38.000000000 -0400 -*************** -*** 3340,3344 **** - { - interrupt_immediately = 0; -! trap_handler (SIGCHLD); /* set pending_traps[SIGCHLD] */ - wait_signal_received = SIGCHLD; - /* If we're in a signal handler, let CHECK_WAIT_INTR pick it up; ---- 3346,3352 ---- - { - interrupt_immediately = 0; -! /* This was trap_handler (SIGCHLD) but that can lose traps if -! children_exited > 1 */ -! queue_sigchld_trap (children_exited); - wait_signal_received = SIGCHLD; - /* If we're in a signal handler, let CHECK_WAIT_INTR pick it up; -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 31 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 32 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-033 b/bash43-033 deleted file mode 100644 index 5f5147f..0000000 --- a/bash43-033 +++ /dev/null @@ -1,225 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-033 - -Bug-Reported-by: mickael9@gmail.com, Jan Rome -Bug-Reference-ID: <20140907224046.382ED3610CC@mickael-laptop.localdomain>, - <540D661D.50908@gmail.com> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-09/msg00029.html - http://lists.gnu.org/archive/html/bug-bash/2014-09/msg00030.html - -Bug-Description: - -Bash does not clean up the terminal state in all cases where bash or -readline modifies it and bash is subsequently terminated by a fatal signal. -This happens when the `read' builtin modifies the terminal settings, both -when readline is active and when it is not. It occurs most often when a script -installs a trap that exits on a signal without re-sending the signal to itself. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/shell.c 2014-01-14 08:04:32.000000000 -0500 ---- shell.c 2014-12-22 10:27:50.000000000 -0500 -*************** -*** 74,77 **** ---- 74,78 ---- - - #if defined (READLINE) -+ # include - # include "bashline.h" - #endif -*************** -*** 910,913 **** ---- 912,923 ---- - fflush (stderr); - -+ /* Clean up the terminal if we are in a state where it's been modified. */ -+ #if defined (READLINE) -+ if (RL_ISSTATE (RL_STATE_TERMPREPPED) && rl_deprep_term_function) -+ (*rl_deprep_term_function) (); -+ #endif -+ if (read_tty_modified ()) -+ read_tty_cleanup (); -+ - /* Do trap[0] if defined. Allow it to override the exit status - passed to us. */ -*** ../bash-4.3-patched/builtins/read.def 2014-10-01 12:57:38.000000000 -0400 ---- builtins/read.def 2014-12-22 10:48:54.000000000 -0500 -*************** -*** 141,148 **** - int sigalrm_seen; - -! static int reading; - static SigHandler *old_alrm; - static unsigned char delim; - - /* In all cases, SIGALRM just sets a flag that we check periodically. This - avoids problems with the semi-tricky stuff we do with the xfree of ---- 141,150 ---- - int sigalrm_seen; - -! static int reading, tty_modified; - static SigHandler *old_alrm; - static unsigned char delim; - -+ static struct ttsave termsave; -+ - /* In all cases, SIGALRM just sets a flag that we check periodically. This - avoids problems with the semi-tricky stuff we do with the xfree of -*************** -*** 189,193 **** - SHELL_VAR *var; - TTYSTRUCT ttattrs, ttset; -- struct ttsave termsave; - #if defined (ARRAY_VARS) - WORD_LIST *alist; ---- 191,194 ---- -*************** -*** 222,226 **** - USE_VAR(lastsig); - -! sigalrm_seen = reading = 0; - - i = 0; /* Index into the string that we are reading. */ ---- 223,227 ---- - USE_VAR(lastsig); - -! sigalrm_seen = reading = tty_modified = 0; - - i = 0; /* Index into the string that we are reading. */ -*************** -*** 439,442 **** ---- 440,445 ---- - goto assign_vars; - } -+ if (interactive_shell == 0) -+ initialize_terminating_signals (); - old_alrm = set_signal_handler (SIGALRM, sigalrm); - add_unwind_protect (reset_alarm, (char *)NULL); -*************** -*** 483,487 **** ---- 486,493 ---- - if (i < 0) - sh_ttyerror (1); -+ tty_modified = 1; - add_unwind_protect ((Function *)ttyrestore, (char *)&termsave); -+ if (interactive_shell == 0) -+ initialize_terminating_signals (); - } - } -*************** -*** 498,502 **** ---- 504,511 ---- - sh_ttyerror (1); - -+ tty_modified = 1; - add_unwind_protect ((Function *)ttyrestore, (char *)&termsave); -+ if (interactive_shell == 0) -+ initialize_terminating_signals (); - } - -*************** -*** 589,592 **** ---- 598,603 ---- - else - lastsig = 0; -+ if (terminating_signal && tty_modified) -+ ttyrestore (&termsave); /* fix terminal before exiting */ - CHECK_TERMSIG; - eof = 1; -*************** -*** 979,982 **** ---- 990,1007 ---- - { - ttsetattr (ttp->fd, ttp->attrs); -+ tty_modified = 0; -+ } -+ -+ void -+ read_tty_cleanup () -+ { -+ if (tty_modified) -+ ttyrestore (&termsave); -+ } -+ -+ int -+ read_tty_modified () -+ { -+ return (tty_modified); - } - -*** ../bash-4.3-patched/builtins/common.h 2014-10-01 12:57:47.000000000 -0400 ---- builtins/common.h 2014-12-22 10:10:14.000000000 -0500 -*************** -*** 123,126 **** ---- 141,148 ---- - extern void getopts_reset __P((int)); - -+ /* Functions from read.def */ -+ extern void read_tty_cleanup __P((void)); -+ extern int read_tty_modified __P((void)); -+ - /* Functions from set.def */ - extern int minus_o_option_value __P((char *)); -*** ../bash-4.3-patched/bashline.c 2014-05-14 09:22:39.000000000 -0400 ---- bashline.c 2014-09-08 11:28:56.000000000 -0400 -*************** -*** 203,206 **** ---- 203,207 ---- - extern int array_needs_making; - extern int posixly_correct, no_symbolic_links; -+ extern int sigalrm_seen; - extern char *current_prompt_string, *ps1_prompt; - extern STRING_INT_ALIST word_token_alist[]; -*************** -*** 4209,4214 **** - /* If we're going to longjmp to top_level, make sure we clean up readline. - check_signals will call QUIT, which will eventually longjmp to top_level, -! calling run_interrupt_trap along the way. */ -! if (interrupt_state) - rl_cleanup_after_signal (); - bashline_reset_event_hook (); ---- 4262,4268 ---- - /* If we're going to longjmp to top_level, make sure we clean up readline. - check_signals will call QUIT, which will eventually longjmp to top_level, -! calling run_interrupt_trap along the way. The check for sigalrm_seen is -! to clean up the read builtin's state. */ -! if (terminating_signal || interrupt_state || sigalrm_seen) - rl_cleanup_after_signal (); - bashline_reset_event_hook (); -*** ../bash-4.3-patched/sig.c 2014-01-10 15:06:06.000000000 -0500 ---- sig.c 2014-09-08 11:26:33.000000000 -0400 -*************** -*** 533,538 **** - /* Set the event hook so readline will call it after the signal handlers - finish executing, so if this interrupted character input we can get -! quick response. */ -! if (interactive_shell && interactive && no_line_editing == 0) - bashline_set_event_hook (); - #endif ---- 533,540 ---- - /* Set the event hook so readline will call it after the signal handlers - finish executing, so if this interrupted character input we can get -! quick response. If readline is active or has modified the terminal we -! need to set this no matter what the signal is, though the check for -! RL_STATE_TERMPREPPED is possibly redundant. */ -! if (RL_ISSTATE (RL_STATE_SIGHANDLER) || RL_ISSTATE (RL_STATE_TERMPREPPED)) - bashline_set_event_hook (); - #endif -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 32 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 33 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-034 b/bash43-034 deleted file mode 100644 index 17372aa..0000000 --- a/bash43-034 +++ /dev/null @@ -1,90 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-034 - -Bug-Reported-by: Dreamcat4 -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-05/msg00001.html - -Bug-Description: - -If neither the -f nor -v options is supplied to unset, and a name argument is -found to be a function and unset, subsequent name arguments are not treated as -variables before attempting to unset a function by that name. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/builtins/set.def 2013-04-19 07:20:34.000000000 -0400 ---- builtins/set.def 2015-05-05 13:25:36.000000000 -0400 -*************** -*** 752,758 **** ---- 797,805 ---- - { - int unset_function, unset_variable, unset_array, opt, nameref, any_failed; -+ int global_unset_func, global_unset_var; - char *name; - - unset_function = unset_variable = unset_array = nameref = any_failed = 0; -+ global_unset_func = global_unset_var = 0; - - reset_internal_getopt (); -*************** -*** 762,769 **** - { - case 'f': -! unset_function = 1; - break; - case 'v': -! unset_variable = 1; - break; - case 'n': ---- 809,816 ---- - { - case 'f': -! global_unset_func = 1; - break; - case 'v': -! global_unset_var = 1; - break; - case 'n': -*************** -*** 778,782 **** - list = loptend; - -! if (unset_function && unset_variable) - { - builtin_error (_("cannot simultaneously unset a function and a variable")); ---- 825,829 ---- - list = loptend; - -! if (global_unset_func && global_unset_var) - { - builtin_error (_("cannot simultaneously unset a function and a variable")); -*************** -*** 796,799 **** ---- 843,849 ---- - name = list->word->word; - -+ unset_function = global_unset_func; -+ unset_variable = global_unset_var; -+ - #if defined (ARRAY_VARS) - unset_array = 0; - -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 33 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 34 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-035 b/bash43-035 deleted file mode 100644 index f18bc60..0000000 --- a/bash43-035 +++ /dev/null @@ -1,63 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-035 - -Bug-Reported-by: -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00045.html - -Bug-Description: - -A locale with a long name can trigger a buffer overflow and core dump. This -applies on systems that do not have locale_charset in libc, are not using -GNU libiconv, and are not using the libintl that ships with bash in lib/intl. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/lib/sh/unicode.c 2014-01-30 16:47:19.000000000 -0500 ---- lib/sh/unicode.c 2015-05-01 08:58:30.000000000 -0400 -*************** -*** 79,83 **** - if (s) - { -! strcpy (charsetbuf, s+1); - t = strchr (charsetbuf, '@'); - if (t) ---- 79,84 ---- - if (s) - { -! strncpy (charsetbuf, s+1, sizeof (charsetbuf) - 1); -! charsetbuf[sizeof (charsetbuf) - 1] = '\0'; - t = strchr (charsetbuf, '@'); - if (t) -*************** -*** 85,89 **** - return charsetbuf; - } -! strcpy (charsetbuf, locale); - return charsetbuf; - } ---- 86,91 ---- - return charsetbuf; - } -! strncpy (charsetbuf, locale, sizeof (charsetbuf) - 1); -! charsetbuf[sizeof (charsetbuf) - 1] = '\0'; - return charsetbuf; - } -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 34 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 35 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-036 b/bash43-036 deleted file mode 100644 index 5b42c24..0000000 --- a/bash43-036 +++ /dev/null @@ -1,57 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-036 - -Bug-Reported-by: emanuelczirai@cryptolab.net -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00071.html - -Bug-Description: - -When evaluating and setting integer variables, and the assignment fails to -create a variable (for example, when performing an operation on an array -variable with an invalid subscript), bash attempts to dereference a null -pointer, causing a segmentation violation. - -Patch (apply with `patch -p0'): - -*** ../bash-20150206/variables.c 2015-01-23 20:39:27.000000000 -0500 ---- variables.c 2015-02-19 13:56:12.000000000 -0500 -*************** -*** 2834,2841 **** - v = bind_variable (lhs, rhs, 0); - -! if (v && isint) -! VSETATTR (v, att_integer); -! -! VUNSETATTR (v, att_invisible); - - return (v); ---- 2834,2843 ---- - v = bind_variable (lhs, rhs, 0); - -! if (v) -! { -! if (isint) -! VSETATTR (v, att_integer); -! VUNSETATTR (v, att_invisible); -! } - - return (v); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 35 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 36 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-037 b/bash43-037 deleted file mode 100644 index f04012b..0000000 --- a/bash43-037 +++ /dev/null @@ -1,43 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-037 - -Bug-Reported-by: Greg Wooledge -Bug-Reference-ID: <20150204144240.GN13956@eeg.ccf.org> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00007.html - -Bug-Description: - -If an associative array uses `@' or `*' as a subscript, `declare -p' produces -output that cannot be reused as input. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/assoc.c 2011-11-05 16:39:05.000000000 -0400 ---- assoc.c 2015-02-04 15:28:25.000000000 -0500 -*************** -*** 437,440 **** ---- 440,445 ---- - if (sh_contains_shell_metas (tlist->key)) - istr = sh_double_quote (tlist->key); -+ else if (ALL_ELEMENT_SUB (tlist->key[0]) && tlist->key[1] == '\0') -+ istr = sh_double_quote (tlist->key); - else - istr = tlist->key; -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 36 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 37 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-038 b/bash43-038 deleted file mode 100644 index e0de74e..0000000 --- a/bash43-038 +++ /dev/null @@ -1,88 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-038 - -Bug-Reported-by: worley@alum.mit.edu (Dale R. Worley) -Bug-Reference-ID: <201406100051.s5A0pCeB014978@hobgoblin.ariadne.com> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-06/msg00028.html - -Bug-Description: - -There are a number of instances where `time' is not recognized as a reserved -word when the shell grammar says it should be. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/parse.y 2014-04-07 11:56:12.000000000 -0400 ---- parse.y 2014-06-11 10:25:53.000000000 -0400 -*************** -*** 2819,2827 **** - case OR_OR: - case '&': - case DO: - case THEN: - case ELSE: - case '{': /* } */ -! case '(': /* ) */ - case BANG: /* ! time pipeline */ - case TIME: /* time time pipeline */ ---- 2819,2832 ---- - case OR_OR: - case '&': -+ case WHILE: - case DO: -+ case UNTIL: -+ case IF: - case THEN: -+ case ELIF: - case ELSE: - case '{': /* } */ -! case '(': /* )( */ -! case ')': /* only valid in case statement */ - case BANG: /* ! time pipeline */ - case TIME: /* time time pipeline */ -*** ../bash-4.3-patched/y.tab.c 2014-10-05 13:52:50.000000000 -0400 ---- y.tab.c 2015-05-19 15:08:43.000000000 -0400 -*************** -*** 5131,5139 **** - case OR_OR: - case '&': - case DO: - case THEN: - case ELSE: - case '{': /* } */ -! case '(': /* ) */ - case BANG: /* ! time pipeline */ - case TIME: /* time time pipeline */ ---- 5131,5144 ---- - case OR_OR: - case '&': -+ case WHILE: - case DO: -+ case UNTIL: -+ case IF: - case THEN: -+ case ELIF: - case ELSE: - case '{': /* } */ -! case '(': /* )( */ -! case ')': /* only valid in case statement */ - case BANG: /* ! time pipeline */ - case TIME: /* time time pipeline */ -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 37 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 38 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-039 b/bash43-039 deleted file mode 100644 index e5e3887..0000000 --- a/bash43-039 +++ /dev/null @@ -1,57 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-039 - -Bug-Reported-by: SN -Bug-Reference-ID: <54E2554C.205@gazeta.pl> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-02/msg00060.html - -Bug-Description: - -Using the output of `declare -p' when run in a function can result in variables -that are invisible to `declare -p'. This problem occurs when an assignment -builtin such as `declare' receives a quoted compound array assignment as one of -its arguments. - -Patch (apply with `patch -p0'): - -*** /usr/src/local/bash/bash-4.3-patched/arrayfunc.c 2014-10-01 13:08:48.000000000 -0400 ---- arrayfunc.c 2015-02-19 14:33:05.000000000 -0500 -*************** -*** 405,408 **** ---- 405,411 ---- - else - array_insert (a, i, l->word->word); -+ -+ VUNSETATTR (var, att_invisible); /* no longer invisible */ -+ - return var; - } -*************** -*** 635,638 **** ---- 638,645 ---- - if (nlist) - dispose_words (nlist); -+ -+ if (var) -+ VUNSETATTR (var, att_invisible); /* no longer invisible */ -+ - return (var); - } -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 38 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 39 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-040 b/bash43-040 deleted file mode 100644 index 978ce1c..0000000 --- a/bash43-040 +++ /dev/null @@ -1,47 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-040 - -Bug-Reported-by: Jean Delvare -Bug-Reference-ID: <20150609180231.5f463695@endymion.delvare> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-06/msg00033.html - -Bug-Description: - -There is a memory leak that occurs when bash expands an array reference on -the rhs of an assignment statement. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/subst.c 2014-10-01 12:57:47.000000000 -0400 ---- subst.c 2015-06-22 09:16:53.000000000 -0400 -*************** -*** 5783,5787 **** - if (pflags & PF_ASSIGNRHS) - { -! temp = array_variable_name (name, &tt, (int *)0); - if (ALL_ELEMENT_SUB (tt[0]) && tt[1] == ']') - temp = array_value (name, quoted|Q_DOUBLE_QUOTES, 0, &atype, &ind); ---- 5783,5787 ---- - if (pflags & PF_ASSIGNRHS) - { -! var = array_variable_part (name, &tt, (int *)0); - if (ALL_ELEMENT_SUB (tt[0]) && tt[1] == ']') - temp = array_value (name, quoted|Q_DOUBLE_QUOTES, 0, &atype, &ind); -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 39 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 40 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-041 b/bash43-041 deleted file mode 100644 index a040a2a..0000000 --- a/bash43-041 +++ /dev/null @@ -1,72 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-041 - -Bug-Reported-by: Hanno Böck -Bug-Reference-ID: <20150623131106.6f111da9@pc1>, <20150707004640.0e61d2f9@pc1> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-06/msg00089.html, - http://lists.gnu.org/archive/html/bug-bash/2015-07/msg00018.html - -Bug-Description: - -There are several out-of-bounds read errors that occur when completing command -lines where assignment statements appear before the command name. The first -two appear only when programmable completion is enabled; the last one only -happens when listing possible completions. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3.40/bashline.c 2014-12-29 14:39:43.000000000 -0500 ---- bashline.c 2015-08-12 10:21:58.000000000 -0400 -*************** -*** 1469,1476 **** ---- 1469,1489 ---- - os = start; - n = 0; -+ was_assignment = 0; - s = find_cmd_start (os); - e = find_cmd_end (end); - do - { -+ /* Don't read past the end of rl_line_buffer */ -+ if (s > rl_end) -+ { -+ s1 = s = e1; -+ break; -+ } -+ /* Or past point if point is within an assignment statement */ -+ else if (was_assignment && s > rl_point) -+ { -+ s1 = s = e1; -+ break; -+ } - /* Skip over assignment statements preceding a command name. If we - don't find a command name at all, we can perform command name -*** ../bash-4.3.40/lib/readline/complete.c 2013-10-14 09:27:10.000000000 -0400 ---- lib/readline/complete.c 2015-07-31 09:34:39.000000000 -0400 -*************** -*** 690,693 **** ---- 690,695 ---- - if (temp == 0 || *temp == '\0') - return (pathname); -+ else if (temp[1] == 0 && temp == pathname) -+ return (pathname); - /* If the basename is NULL, we might have a pathname like '/usr/src/'. - Look for a previous slash and, if one is found, return the portion -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 40 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 41 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-042 b/bash43-042 deleted file mode 100644 index cc3e17c..0000000 --- a/bash43-042 +++ /dev/null @@ -1,55 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-042 - -Bug-Reported-by: Nathan Neulinger -Bug-Reference-ID: <558EFDF2.7060402@neulinger.org> -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-06/msg00096.html - -Bug-Description: - -There is a problem when parsing command substitutions containing `case' -commands within pipelines that causes the parser to not correctly identify -the end of the command substitution. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/parse.y 2015-05-18 19:27:05.000000000 -0400 ---- parse.y 2015-06-29 10:59:27.000000000 -0400 -*************** -*** 3709,3712 **** ---- 3709,3714 ---- - tflags |= LEX_INWORD; - lex_wlen = 0; -+ if (tflags & LEX_RESWDOK) -+ lex_rwlen = 0; - } - } -*** ../bash-4.3-patched/parse.y 2015-05-18 19:27:05.000000000 -0400 ---- y.tab.c 2015-06-29 10:59:27.000000000 -0400 -*************** -*** 6021,6024 **** ---- 6021,6026 ---- - tflags |= LEX_INWORD; - lex_wlen = 0; -+ if (tflags & LEX_RESWDOK) -+ lex_rwlen = 0; - } - } -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 41 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 42 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-043 b/bash43-043 deleted file mode 100644 index ad82c29..0000000 --- a/bash43-043 +++ /dev/null @@ -1,59 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-043 - -Bug-Reported-by: lolilolicon -Bug-Reference-ID: -Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00040.html - -Bug-Description: - -When the lastpipe option is enabled, the last component can contain nested -pipelines and cause a segmentation fault under certain circumestances. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3-patched/execute_cmd.c 2014-07-30 10:26:52.000000000 -0400 ---- execute_cmd.c 2014-08-15 08:55:24.000000000 -0400 -*************** -*** 2406,2412 **** - { - #if defined (JOB_CONTROL) -! append_process (savestring (the_printed_command), dollar_dollar_pid, exec_result, lastpipe_jid); -! #endif - lstdin = wait_for (lastpid); - #if defined (JOB_CONTROL) - /* If wait_for removes the job from the jobs table, use result of last ---- 2433,2447 ---- - { - #if defined (JOB_CONTROL) -! if (INVALID_JOB (lastpipe_jid) == 0) -! { -! append_process (savestring (the_printed_command_except_trap), dollar_dollar_pid, exec_result, lastpipe_jid); -! lstdin = wait_for (lastpid); -! } -! else -! lstdin = wait_for_single_pid (lastpid); /* checks bgpids list */ -! #else - lstdin = wait_for (lastpid); -+ #endif -+ - #if defined (JOB_CONTROL) - /* If wait_for removes the job from the jobs table, use result of last -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 42 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 43 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/sources b/sources index 6e00bea..fd6bdf9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -81348932d5da294953e15d4814c74dd1 bash-4.3.tar.gz +SHA512 (bash-4.4.tar.gz) = 73de3b425faaac55e45456b0f6f6d8077b5dfa7bb76e0d1894a19361b4a2b6bd4fbbe182117ddbfe9b07b4d898fba03537c261badc9533dd3c0da891764c7f29