8add5064c3
Bump bash to version 4.2 patchlevel 37. Fixes CVE-2012-3410. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
93 lines
3.1 KiB
Diff
93 lines
3.1 KiB
Diff
BASH PATCH REPORT
|
|
=================
|
|
|
|
Bash-Release: 4.2
|
|
Patch-ID: bash42-036
|
|
|
|
Bug-Reported-by: gregrwm <backuppc-users@whitleymott.net>
|
|
Bug-Reference-ID: <CAD+dB9B4JG+qUwZBQUwiQmVt0j6NDn=DDTxr9R+nkA8DL4KLJA@mail.gmail.com>
|
|
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2012-05/msg00108.html
|
|
|
|
Bug-Description:
|
|
|
|
Bash-4.2 produces incorrect word splitting results when expanding
|
|
double-quoted $@ in the same string as and adjacent to other variable
|
|
expansions. The $@ should be split, the other expansions should not.
|
|
|
|
Patch (apply with `patch -p0'):
|
|
|
|
*** ../bash-4.2-patched/subst.c 2012-05-02 12:02:33.000000000 -0400
|
|
--- ./subst.c 2012-07-08 21:19:32.000000000 -0400
|
|
***************
|
|
*** 7923,7927 ****
|
|
/* State flags */
|
|
int had_quoted_null;
|
|
! int has_dollar_at;
|
|
int tflag;
|
|
int pflags; /* flags passed to param_expand */
|
|
--- 7923,7927 ----
|
|
/* State flags */
|
|
int had_quoted_null;
|
|
! int has_dollar_at, temp_has_dollar_at;
|
|
int tflag;
|
|
int pflags; /* flags passed to param_expand */
|
|
***************
|
|
*** 8128,8138 ****
|
|
*expanded_something = 1;
|
|
|
|
! has_dollar_at = 0;
|
|
pflags = (word->flags & W_NOCOMSUB) ? PF_NOCOMSUB : 0;
|
|
if (word->flags & W_NOSPLIT2)
|
|
pflags |= PF_NOSPLIT2;
|
|
tword = param_expand (string, &sindex, quoted, expanded_something,
|
|
! &has_dollar_at, "ed_dollar_at,
|
|
&had_quoted_null, pflags);
|
|
|
|
if (tword == &expand_wdesc_error || tword == &expand_wdesc_fatal)
|
|
--- 8128,8139 ----
|
|
*expanded_something = 1;
|
|
|
|
! temp_has_dollar_at = 0;
|
|
pflags = (word->flags & W_NOCOMSUB) ? PF_NOCOMSUB : 0;
|
|
if (word->flags & W_NOSPLIT2)
|
|
pflags |= PF_NOSPLIT2;
|
|
tword = param_expand (string, &sindex, quoted, expanded_something,
|
|
! &temp_has_dollar_at, "ed_dollar_at,
|
|
&had_quoted_null, pflags);
|
|
+ has_dollar_at += temp_has_dollar_at;
|
|
|
|
if (tword == &expand_wdesc_error || tword == &expand_wdesc_fatal)
|
|
***************
|
|
*** 8275,8281 ****
|
|
temp = (char *)NULL;
|
|
|
|
! has_dollar_at = 0;
|
|
/* Need to get W_HASQUOTEDNULL flag through this function. */
|
|
! list = expand_word_internal (tword, Q_DOUBLE_QUOTES, 0, &has_dollar_at, (int *)NULL);
|
|
|
|
if (list == &expand_word_error || list == &expand_word_fatal)
|
|
--- 8276,8283 ----
|
|
temp = (char *)NULL;
|
|
|
|
! temp_has_dollar_at = 0; /* XXX */
|
|
/* Need to get W_HASQUOTEDNULL flag through this function. */
|
|
! list = expand_word_internal (tword, Q_DOUBLE_QUOTES, 0, &temp_has_dollar_at, (int *)NULL);
|
|
! has_dollar_at += temp_has_dollar_at;
|
|
|
|
if (list == &expand_word_error || list == &expand_word_fatal)
|
|
*** ../bash-4.2-patched/patchlevel.h Sat Jun 12 20:14:48 2010
|
|
--- ./patchlevel.h Thu Feb 24 21:41:34 2011
|
|
***************
|
|
*** 26,30 ****
|
|
looks for to find the patch level (for the sccs version string). */
|
|
|
|
! #define PATCHLEVEL 35
|
|
|
|
#endif /* _PATCHLEVEL_H_ */
|
|
--- 26,30 ----
|
|
looks for to find the patch level (for the sccs version string). */
|
|
|
|
! #define PATCHLEVEL 36
|
|
|
|
#endif /* _PATCHLEVEL_H_ */
|