zsh/0004-zsh-5.4.2-CVE-2018-7548.patch

From fc22af40437f4de42f7505ca93361391eab788e3 Mon Sep 17 00:00:00 2001
From: Joey Pabalinas <joeypabalinas@gmail.com>
Date: Tue, 23 Jan 2018 22:28:08 -0800
Subject: [PATCH 1/2] 42313: avoid null-pointer deref when using ${(PA)...} on
 an empty array result

Upstream-commit: 110b13e1090bc31ac1352b28adc2d02b6d25a102
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
 Src/subst.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Src/subst.c b/Src/subst.c
index 5b1bf89..94b0207 100644
--- a/Src/subst.c
+++ b/Src/subst.c
@@ -2340,7 +2340,7 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt, int pf_flags,
 		val = aval[0];
 		isarr = 0;
 	    }
-	    s = dyncat(val, s);
+	    s = val ? dyncat(val, s) : dupstring(s);
 	    /* Now behave po-faced as if it was always like that... */
 	    subexp = 0;
 	    /*
-- 
2.14.3
Resolves: CVE-2018-7548 - avoid NULL dereference when using ${(PA)...} on an empty array 2018-03-06 15:22:12 +00:00			`From fc22af40437f4de42f7505ca93361391eab788e3 Mon Sep 17 00:00:00 2001`
			`From: Joey Pabalinas <joeypabalinas@gmail.com>`
			`Date: Tue, 23 Jan 2018 22:28:08 -0800`
			`Subject: [PATCH 1/2] 42313: avoid null-pointer deref when using ${(PA)...} on`
			`an empty array result`

			`Upstream-commit: 110b13e1090bc31ac1352b28adc2d02b6d25a102`
			`Signed-off-by: Kamil Dudka <kdudka@redhat.com>`
			`---`
			`Src/subst.c \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/Src/subst.c b/Src/subst.c`
			`index 5b1bf89..94b0207 100644`
			`--- a/Src/subst.c`
			`+++ b/Src/subst.c`
			`@@ -2340,7 +2340,7 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt, int pf_flags,`
			`val = aval[0];`
			`isarr = 0;`
			`}`
			`- s = dyncat(val, s);`
			`+ s = val ? dyncat(val, s) : dupstring(s);`
			`/* Now behave po-faced as if it was always like that... */`
			`subexp = 0;`
			`/*`
			`--`
			`2.14.3`