Resolves: CVE-2018-7548 - avoid NULL dereference when using ${(PA)...} on an empty array
This commit is contained in:
parent
d8fb0ec40b
commit
1ae62648a1
28
0004-zsh-5.4.2-CVE-2018-7548.patch
Normal file
28
0004-zsh-5.4.2-CVE-2018-7548.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From fc22af40437f4de42f7505ca93361391eab788e3 Mon Sep 17 00:00:00 2001
|
||||
From: Joey Pabalinas <joeypabalinas@gmail.com>
|
||||
Date: Tue, 23 Jan 2018 22:28:08 -0800
|
||||
Subject: [PATCH 1/2] 42313: avoid null-pointer deref when using ${(PA)...} on
|
||||
an empty array result
|
||||
|
||||
Upstream-commit: 110b13e1090bc31ac1352b28adc2d02b6d25a102
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
Src/subst.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Src/subst.c b/Src/subst.c
|
||||
index 5b1bf89..94b0207 100644
|
||||
--- a/Src/subst.c
|
||||
+++ b/Src/subst.c
|
||||
@@ -2340,7 +2340,7 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt, int pf_flags,
|
||||
val = aval[0];
|
||||
isarr = 0;
|
||||
}
|
||||
- s = dyncat(val, s);
|
||||
+ s = val ? dyncat(val, s) : dupstring(s);
|
||||
/* Now behave po-faced as if it was always like that... */
|
||||
subexp = 0;
|
||||
/*
|
||||
--
|
||||
2.14.3
|
||||
|
8
zsh.spec
8
zsh.spec
@ -1,7 +1,7 @@
|
||||
Summary: Powerful interactive shell
|
||||
Name: zsh
|
||||
Version: 5.4.2
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
License: MIT
|
||||
URL: http://zsh.sourceforge.net/
|
||||
# FIXME: use .xz once available
|
||||
@ -16,6 +16,9 @@ Source6: dotzshrc
|
||||
# make the call depth limit configurable by $FUNCNEST (#1441092)
|
||||
Patch1: 0001-zsh-5.4.2-funcnest.patch
|
||||
|
||||
# avoid NULL dereference when using ${(PA)...} on an empty array (CVE-2018-7548)
|
||||
Patch4: 0004-zsh-5.4.2-CVE-2018-7548.patch
|
||||
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: coreutils
|
||||
BuildRequires: gawk
|
||||
@ -171,6 +174,9 @@ fi
|
||||
%doc Doc/*.html
|
||||
|
||||
%changelog
|
||||
* Tue Mar 06 2018 Kamil Dudka <kdudka@redhat.com> - 5.4.2-7
|
||||
- avoid NULL dereference when using ${(PA)...} on an empty array (CVE-2018-7548)
|
||||
|
||||
* Mon Feb 19 2018 Kamil Dudka <kdudka@redhat.com> - 5.4.2-6
|
||||
- add explicit BR for the gcc compiler
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user