Patchlevel 45

Signed-off-by: Roman Rakus <rrakus@redhat.com>
2013-03-11 20:43:32 +01:00 · 2013-03-11 20:43:32 +01:00 · f6ffed783f
commit f6ffed783f
parent 932fd80d30
4 changed files with 199 additions and 2 deletions
--- a/bash.spec
+++ b/bash.spec
@ -1,12 +1,12 @@
 #% define beta_tag rc2
-%define patchleveltag .42
+%define patchleveltag .45
 %define baseversion 4.2
 %bcond_without tests

 Version: %{baseversion}%{patchleveltag}
 Name: bash
 Summary: The GNU Bourne Again shell
-Release: 3%{?dist}
+Release: 1%{?dist}
 Group: System Environment/Shells
 License: GPLv3+
 Url: http://www.gnu.org/software/bash
@ -62,6 +62,9 @@ Patch039: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-039
 Patch040: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-040
 Patch041: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-041
 Patch042: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-042
+Patch043: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-043
+Patch044: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-044
+Patch045: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-045

 # Other patches
 Patch101: bash-2.02-security.patch
@ -182,6 +185,9 @@ This package contains documentation files for %{name}.
 %patch040 -p0 -b .040
 %patch041 -p0 -b .041
 %patch042 -p0 -b .042
+%patch043 -p0 -b .043
+%patch044 -p0 -b .044
+%patch045 -p0 -b .045

 # Other patches
 %patch101 -p1 -b .security
@ -402,6 +408,9 @@ end
 #%doc doc/*.ps doc/*.0 doc/*.html doc/article.txt

 %changelog
+* Mon Mar 11 2013 Roman Rakus <rrakus@redhat.com> - 4.2.45-1
+- Patchlevel 45
+
 * Thu Jan 31 2013 Roman Rakus <rrakus@redhat.com> - 4.2.42-3
 - Fix usage of partial unitialized structure
  Resolves: #857948
--- a/65
+++ b/65
@ -0,0 +1,65 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.2
+Patch-ID:	bash42-043
+
+Bug-Reported-by:	konsolebox <konsolebox@gmail.com>
+Bug-Reference-ID:	<CAJnmqwZuGKLgMsMwxRK4LL+2NN+HgvmKzrnode99QBGrcgX1Lw@mail.gmail.com>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2013-01/msg00138.html
+
+Bug-Description:
+
+When SIGCHLD is trapped, and a SIGCHLD trap handler runs when a pending
+`read -t' invocation times out and generates SIGALRM, bash can crash with
+a segmentation fault.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/builtins/read.def	2012-10-31 21:22:51.000517000 -0400
+--- builtins/read.def	2013-01-25 10:28:16.000038000 -0500
+***************
+*** 386,393 ****
+  	  /* Tricky.  The top of the unwind-protect stack is the free of
+  	     input_string.  We want to run all the rest and use input_string,
+! 	     so we have to remove it from the stack. */
+! 	  remove_unwind_protect ();
+! 	  run_unwind_frame ("read_builtin");
+  	  input_string[i] = '\0';	/* make sure it's terminated */
+  	  retval = 128+SIGALRM;
+  	  goto assign_vars;
+--- 386,403 ----
+  	  /* Tricky.  The top of the unwind-protect stack is the free of
+  	     input_string.  We want to run all the rest and use input_string,
+! 	     so we have to save input_string temporarily, run the unwind-
+! 	     protects, then restore input_string so we can use it later. */
+! 
+  	  input_string[i] = '\0';	/* make sure it's terminated */
+ 	  if (i == 0)
+ 	    {
+ 	      t = (char *)xmalloc (1);
+ 	      t[0] = 0;
+ 	    }
+ 	  else
+ 	    t = savestring (input_string);
+ 
+ 	  run_unwind_frame ("read_builtin");
+ 	  input_string = t;
+  	  retval = 128+SIGALRM;
+  	  goto assign_vars;
+
+*** ../bash-4.2-patched/patchlevel.h	Sat Jun 12 20:14:48 2010
+--- patchlevel.h	Thu Feb 24 21:41:34 2011
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 42
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 43
+  
+  #endif /* _PATCHLEVEL_H_ */
--- a/70
+++ b/70
@ -0,0 +1,70 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.2
+Patch-ID:	bash42-044
+
+Bug-Reported-by:	"Dashing" <dashing@hushmail.com>
+Bug-Reference-ID:	<20130211175049.D90786F446@smtp.hushmail.com>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2013-02/msg00030.html
+
+Bug-Description:
+
+When converting a multibyte string to a wide character string as part of
+pattern matching, bash does not handle the end of the string correctly,
+causing the search for the NUL to go beyond the end of the string and
+reference random memory.  Depending on the contents of that memory, bash
+can produce errors or crash. 
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/lib/glob/xmbsrtowcs.c	2012-07-08 21:53:19.000000000 -0400
+--- lib/glob/xmbsrtowcs.c	2013-02-12 12:00:39.000000000 -0500
+***************
+*** 217,220 ****
+--- 217,226 ----
+        n = mbsnrtowcs(wsbuf+wcnum, &p, nms, wsbuf_size-wcnum, &state);
+  
+       if (n == 0 && p == 0)
+ 	{
+ 	  wsbuf[wcnum] = L'\0';
+ 	  break;
+ 	}
+ 
+        /* Compensate for taking single byte on wcs conversion failure above. */
+        if (wcslength == 1 && (n == 0 || n == (size_t)-1))
+***************
+*** 222,226 ****
+  	  state = tmp_state;
+  	  p = tmp_p;
+! 	  wsbuf[wcnum++] = *p++;
+  	}
+        else
+--- 228,238 ----
+  	  state = tmp_state;
+  	  p = tmp_p;
+! 	  wsbuf[wcnum] = *p;
+! 	  if (*p == 0)
+! 	    break;
+! 	  else
+! 	    {
+! 	      wcnum++; p++;
+! 	    }
+  	}
+        else
+
+*** ../bash-4.2-patched/patchlevel.h	Sat Jun 12 20:14:48 2010
+--- patchlevel.h	Thu Feb 24 21:41:34 2011
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 43
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 44
+  
+  #endif /* _PATCHLEVEL_H_ */
--- a/53
+++ b/53
@ -0,0 +1,53 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.2
+Patch-ID:	bash42-045
+
+Bug-Reported-by:	Stephane Chazelas <stephane.chazelas@gmail.com>
+Bug-Reference-ID:	<20130218195539.GA9620@chaz.gmail.com>
+Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2013-02/msg00080.html
+
+Bug-Description:
+
+The <&n- and >&n- redirections, which move one file descriptor to another,
+leave the file descriptor closed when applied to builtins or compound
+commands.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/redir.c	2013-01-30 11:56:09.000000000 -0500
+--- redir.c	2013-02-19 09:38:36.000000000 -0500
+***************
+*** 1008,1011 ****
+--- 1008,1021 ----
+  	      REDIRECTION_ERROR (r, errno, -1);
+  	    }
+ 	  if ((flags & RX_UNDOABLE) && (ri == r_move_input || ri == r_move_output))
+ 	    {
+ 	      /* r_move_input and r_move_output add an additional close()
+ 		 that needs to be undone */
+ 	      if (fcntl (redirector, F_GETFD, 0) != -1)
+ 		{
+ 		  r = add_undo_redirect (redir_fd, r_close_this, -1);
+ 		  REDIRECTION_ERROR (r, errno, -1);
+ 		}
+ 	    }
+  #if defined (BUFFERED_INPUT)
+  	  check_bash_input (redirector);
+
+*** ../bash-4.2-patched/patchlevel.h	Sat Jun 12 20:14:48 2010
+--- patchlevel.h	Thu Feb 24 21:41:34 2011
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 44
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 45
+  
+  #endif /* _PATCHLEVEL_H_ */