bash/bash-5.2-check-xform.patch
Siteshwar Vashisht 7c25b00c2a Add a null check in parameter_brace_transform() function
Resolves: CVE-2022-3715
2022-11-22 14:55:48 +01:00

13 lines
429 B
Diff

diff --git a/subst.c b/subst.c
--- a/subst.c
+++ b/subst.c
@@ -7959,7 +7959,7 @@ parameter_brace_transform (varname, value, ind, xform, rtype, quoted, pflags, fl
return ((char *)NULL);
}
- if (valid_parameter_transform (xform) == 0)
+ if (xform[0] == 0 || valid_parameter_transform (xform) == 0)
{
this_command_name = oname;
#if 0 /* TAG: bash-5.2 Martin Schulte <gnu@schrader-schulte.de> 10/2020 */