import bash-4.4.19-14.el8_3

This commit is contained in:
CentOS Sources 2021-05-19 03:08:21 -04:00 committed by Andrew Lukoshko
parent 457649ce62
commit febb0790b3
3 changed files with 142 additions and 48 deletions

View File

@ -0,0 +1,136 @@
From 354efb96f1e4574f458e994163bbe31c76769573 Mon Sep 17 00:00:00 2001
From: Chet Ramey <chet.ramey@case.edu>
Date: Fri, 1 Jun 2018 10:19:56 -0400
Subject: [PATCH] saved background process status hash table loop fixes
---
jobs.c | 62 +++++++++++++++++++++++++++++++++++++++++-----------
patchlevel.h | 2 +-
2 files changed, 50 insertions(+), 14 deletions(-)
diff --git a/jobs.c b/jobs.c
index fc966036..2684632d 100644
--- a/jobs.c
+++ b/jobs.c
@@ -812,8 +812,22 @@ bgp_add (pid, status)
ps_index_t *bucket, psi;
struct pidstat *ps;
- bucket = pshash_getbucket (pid);
- psi = bgp_getindex ();
+ /* bucket == existing chain of pids hashing to same value
+ psi = where were going to put this pid/status */
+
+ bucket = pshash_getbucket (pid); /* index into pidstat_table */
+ psi = bgp_getindex (); /* bgpids.head, index into storage */
+
+ /* XXX - what if psi == *bucket? */
+ if (psi == *bucket)
+ {
+#ifdef DEBUG
+ internal_warning ("hashed pid %d (pid %d) collides with bgpids.head, skipping", psi, pid);
+#endif
+ bgpids.storage[psi].pid = NO_PID; /* make sure */
+ psi = bgp_getindex (); /* skip to next one */
+ }
+
ps = &bgpids.storage[psi];
ps->pid = pid;
@@ -841,32 +855,47 @@ pshash_delindex (psi)
ps_index_t psi;
{
struct pidstat *ps;
+ ps_index_t *bucket;
ps = &bgpids.storage[psi];
if (ps->pid == NO_PID)
return;
- if (ps->bucket_next != NO_PID)
+ if (ps->bucket_next != NO_PIDSTAT)
bgpids.storage[ps->bucket_next].bucket_prev = ps->bucket_prev;
- if (ps->bucket_prev != NO_PID)
+ if (ps->bucket_prev != NO_PIDSTAT)
bgpids.storage[ps->bucket_prev].bucket_next = ps->bucket_next;
else
- *(pshash_getbucket (ps->pid)) = ps->bucket_next;
+ {
+ bucket = pshash_getbucket (ps->pid);
+ *bucket = ps->bucket_next; /* deleting chain head in hash table */
+ }
+
+ /* clear out this cell, just in case */
+ ps->pid = NO_PID;
+ ps->bucket_next = ps->bucket_prev = NO_PIDSTAT;
}
static int
bgp_delete (pid)
pid_t pid;
{
- ps_index_t psi;
+ ps_index_t psi, orig_psi;
if (bgpids.storage == 0 || bgpids.nalloc == 0 || bgpids.npid == 0)
return 0;
/* Search chain using hash to find bucket in pidstat_table */
- for (psi = *(pshash_getbucket (pid)); psi != NO_PIDSTAT; psi = bgpids.storage[psi].bucket_next)
- if (bgpids.storage[psi].pid == pid)
- break;
+ for (orig_psi = psi = *(pshash_getbucket (pid)); psi != NO_PIDSTAT; psi = bgpids.storage[psi].bucket_next)
+ {
+ if (bgpids.storage[psi].pid == pid)
+ break;
+ if (orig_psi == bgpids.storage[psi].bucket_next) /* catch reported bug */
+ {
+ internal_warning ("bgp_delete: LOOP: psi (%d) == storage[psi].bucket_next", psi);
+ return 0;
+ }
+ }
if (psi == NO_PIDSTAT)
return 0; /* not found */
@@ -904,15 +933,22 @@ static int
bgp_search (pid)
pid_t pid;
{
- ps_index_t psi;
+ ps_index_t psi, orig_psi;
if (bgpids.storage == 0 || bgpids.nalloc == 0 || bgpids.npid == 0)
return -1;
/* Search chain using hash to find bucket in pidstat_table */
- for (psi = *(pshash_getbucket (pid)); psi != NO_PIDSTAT; psi = bgpids.storage[psi].bucket_next)
- if (bgpids.storage[psi].pid == pid)
- return (bgpids.storage[psi].status);
+ for (orig_psi = psi = *(pshash_getbucket (pid)); psi != NO_PIDSTAT; psi = bgpids.storage[psi].bucket_next)
+ {
+ if (bgpids.storage[psi].pid == pid)
+ return (bgpids.storage[psi].status);
+ if (orig_psi == bgpids.storage[psi].bucket_next) /* catch reported bug */
+ {
+ internal_warning ("bgp_search: LOOP: psi (%d) == storage[psi].bucket_next", psi);
+ return -1;
+ }
+ }
return -1;
}
diff --git a/patchlevel.h b/patchlevel.h
index a711c495..4a65dc0f 100644
--- a/patchlevel.h
+++ b/patchlevel.h
@@ -25,6 +25,6 @@
regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
looks for to find the patch level (for the sccs version string). */
-#define PATCHLEVEL 19
+#define PATCHLEVEL 20
#endif /* _PATCHLEVEL_H_ */
--
2.29.2

View File

@ -1,41 +0,0 @@
diff --git a/configure.ac b/configure.ac
index e5162c4..b82a33b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -799,10 +799,13 @@ AC_CHECK_DECLS([confstr])
AC_CHECK_DECLS([printf])
AC_CHECK_DECLS([sbrk])
AC_CHECK_DECLS([setregid])
-AC_CHECK_DECLS[(setresuid, setresgid])
+dnl AC_CHECK_DECLS[(setresuid])
+dnl AC_CHECK_DECLS[(setresgid])
AC_CHECK_DECLS([strcpy])
AC_CHECK_DECLS([strsignal])
+AC_CHECK_FUNCS(setresuid setresgid)
+
dnl Extra test to detect the horribly broken HP/UX 11.00 strtold(3)
AC_CHECK_DECLS([strtold], [
AC_MSG_CHECKING([for broken strtold])
diff --git a/shell.c b/shell.c
index 484d8a9..5c24922 100644
--- a/shell.c
+++ b/shell.c
@@ -1286,7 +1286,7 @@ disable_priv_mode ()
{
int e;
-#if HAVE_DECL_SETRESUID
+#if HAVE_SETRESUID
if (setresuid (current_user.uid, current_user.uid, current_user.uid) < 0)
#else
if (setuid (current_user.uid) < 0)
@@ -1299,7 +1299,7 @@ disable_priv_mode ()
exit (e);
#endif
}
-#if HAVE_DECL_SETRESGID
+#if HAVE_SETRESGID
if (setresgid (current_user.gid, current_user.gid, current_user.gid) < 0)
#else
if (setgid (current_user.gid) < 0)

View File

@ -21,7 +21,7 @@ Source3: dot-bash_logout
# Official upstream patches # Official upstream patches
# Patches are converted to apply with '-p1' # Patches are converted to apply with '-p1'
%{lua:for i=1,19 do print(string.format("Patch%u: bash-4.4-patch-%u.patch\n", i, i)) end} %{lua:for i=1,20 do print(string.format("Patch%u: bash-4.4-patch-%u.patch\n", i, i)) end}
# Other patches # Other patches
Patch101: bash-2.02-security.patch Patch101: bash-2.02-security.patch
@ -106,7 +106,6 @@ Patch134: bash-5.0-shellpid-subshell.patch
# 1793943 - CVE-2019-18276: when effective UID is not equal to its real UID the saved UID is # 1793943 - CVE-2019-18276: when effective UID is not equal to its real UID the saved UID is
# not dropped # not dropped
Patch135: bash-5.0-cve-2019-18276.patch Patch135: bash-5.0-cve-2019-18276.patch
Patch136: bash-5.0-cve-2019-18276-2.patch
# 1890888 - Took long time to return when bash -c 'exit 2 & wait $!' run in the big size LimitNPROC # 1890888 - Took long time to return when bash -c 'exit 2 & wait $!' run in the big size LimitNPROC
# values # values
@ -335,14 +334,14 @@ end
%{_libdir}/pkgconfig/%{name}.pc %{_libdir}/pkgconfig/%{name}.pc
%changelog %changelog
* Wed Nov 04 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-14 * Fri Mar 26 2021 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-14
- Fix infinite loop in long running scripts
Resolves: #1943495
* Wed Nov 04 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-13
- Fix hang when limit for nproc is very high - Fix hang when limit for nproc is very high
Resolves: #1890888 Resolves: #1890888
* Fri Oct 09 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-13
- Correctly drop saved UID when effective UID is not equal to its real UID
Resolves: #1793943
* Mon Jun 22 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-12 * Mon Jun 22 2020 Siteshwar Vashisht <svashisht@redhat.com> - 4.4.19-12
- Avoid duplicating user path entries - Avoid duplicating user path entries
Resolves: #1667008 Resolves: #1667008