diff options
author | Jay Freeman <saurik@saurik.com> | 2014-09-26 10:03:21 +0000 |
---|---|---|
committer | Jay Freeman <saurik@saurik.com> | 2014-09-26 10:03:21 +0000 |
commit | d513c95110fbec3a9c1f6bb3d56e5ecf0971f058 (patch) | |
tree | 2183c599c8b9648ee8da49512604fe296c066c31 | |
parent | eaacbeade6c101df568afad2308bae83ebd56359 (diff) |
Fix the shellshock vulnerability (not regression).
git-svn-id: http://svn.telesphoreo.org/trunk@793 514c082c-b64e-11dc-b46d-3d985efe055d
-rw-r--r-- | data/bash/_metadata/version | 2 | ||||
-rw-r--r-- | data/bash/bash40-018 | 78 | ||||
-rw-r--r-- | data/bash/bash40-019 | 125 | ||||
-rw-r--r-- | data/bash/bash40-020 | 83 | ||||
-rw-r--r-- | data/bash/bash40-021 | 48 | ||||
-rw-r--r-- | data/bash/bash40-022 | 48 | ||||
-rw-r--r-- | data/bash/bash40-023 | 62 | ||||
-rw-r--r-- | data/bash/bash40-024 | 112 | ||||
-rw-r--r-- | data/bash/bash40-025 | 104 | ||||
-rw-r--r-- | data/bash/bash40-026 | 56 | ||||
-rw-r--r-- | data/bash/bash40-027 | 67 | ||||
-rw-r--r-- | data/bash/bash40-028 | 172 | ||||
-rw-r--r-- | data/bash/bash40-029 | 106 | ||||
-rw-r--r-- | data/bash/bash40-030 | 64 | ||||
-rw-r--r-- | data/bash/bash40-031 | 62 | ||||
-rw-r--r-- | data/bash/bash40-032 | 46 | ||||
-rw-r--r-- | data/bash/bash40-033 | 50 | ||||
-rw-r--r-- | data/bash/bash40-034 | 59 | ||||
-rw-r--r-- | data/bash/bash40-035 | 62 | ||||
-rw-r--r-- | data/bash/bash40-036 | 90 | ||||
-rw-r--r-- | data/bash/bash40-037 | 60 | ||||
-rw-r--r-- | data/bash/bash40-038 | 56 | ||||
-rw-r--r-- | data/bash/bash40-039 | 104 | ||||
-rw-r--r-- | data/bash/bash40-040 | 60 |
24 files changed, 1775 insertions, 1 deletions
diff --git a/data/bash/_metadata/version b/data/bash/_metadata/version index 9d58a584e..266f85706 100644 --- a/data/bash/_metadata/version +++ b/data/bash/_metadata/version @@ -1 +1 @@ -4.0.17 +4.0.40 diff --git a/data/bash/bash40-018 b/data/bash/bash40-018 new file mode 100644 index 000000000..35f33e5fe --- /dev/null +++ b/data/bash/bash40-018 @@ -0,0 +1,78 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-018 + +Bug-Reported-by: Dan Price <dp@eng.sun.com> +Bug-Reference-ID: <20090324171502.GA20582@eng.sun.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-03/msg00184.html + +Bug-Description: + +A missing include file results in an empty function definition and a no-op +when checking whether or not the window size has changed. + +Patch: + +*** ../bash-4.0-patched/lib/sh/winsize.c 2008-08-12 13:53:51.000000000 -0400 +--- lib/sh/winsize.c 2009-04-06 10:44:20.000000000 -0400 +*************** +*** 31,44 **** + #include <sys/ioctl.h> + +! #if !defined (STRUCT_WINSIZE_IN_SYS_IOCTL) +! /* For struct winsize on SCO */ +! /* sys/ptem.h has winsize but needs mblk_t from sys/stream.h */ +! # if defined (HAVE_SYS_PTEM_H) && defined (TIOCGWINSZ) && defined (SIGWINCH) +! # if defined (HAVE_SYS_STREAM_H) +! # include <sys/stream.h> +! # endif + # include <sys/ptem.h> +! # endif /* HAVE_SYS_PTEM_H && TIOCGWINSZ && SIGWINCH */ +! #endif /* !STRUCT_WINSIZE_IN_SYS_IOCTL */ + + #include <stdio.h> +--- 31,57 ---- + #include <sys/ioctl.h> + +! /* Try to find the definitions of `struct winsize' and TIOGCWINSZ */ +! +! #if defined (GWINSZ_IN_SYS_IOCTL) && !defined (TIOCGWINSZ) +! # include <sys/ioctl.h> +! #endif /* GWINSZ_IN_SYS_IOCTL && !TIOCGWINSZ */ +! +! #if defined (STRUCT_WINSIZE_IN_TERMIOS) && !defined (STRUCT_WINSIZE_IN_SYS_IOCTL) +! # include <termios.h> +! #endif /* STRUCT_WINSIZE_IN_TERMIOS && !STRUCT_WINSIZE_IN_SYS_IOCTL */ +! +! /* Not in either of the standard places, look around. */ +! #if !defined (STRUCT_WINSIZE_IN_TERMIOS) && !defined (STRUCT_WINSIZE_IN_SYS_IOCTL) +! # if defined (HAVE_SYS_STREAM_H) +! # include <sys/stream.h> +! # endif /* HAVE_SYS_STREAM_H */ +! # if defined (HAVE_SYS_PTEM_H) /* SVR4.2, at least, has it here */ + # include <sys/ptem.h> +! # define _IO_PTEM_H /* work around SVR4.2 1.1.4 bug */ +! # endif /* HAVE_SYS_PTEM_H */ +! # if defined (HAVE_SYS_PTE_H) /* ??? */ +! # include <sys/pte.h> +! # endif /* HAVE_SYS_PTE_H */ +! #endif /* !STRUCT_WINSIZE_IN_TERMIOS && !STRUCT_WINSIZE_IN_SYS_IOCTL */ + + #include <stdio.h> +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 18 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-019 b/data/bash/bash40-019 new file mode 100644 index 000000000..30efd6806 --- /dev/null +++ b/data/bash/bash40-019 @@ -0,0 +1,125 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-019 + +Bug-Reported-by: Oleksiy Melnyk <lex@upc.ua> +Bug-Reference-ID: <20090224142233.D2FEFC004@floyd.upc.ua> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-02/msg00200.html + +Bug-Description: + +Using an external command as part of the DEBUG trap when job control is +enabled causes pipelines to misbehave. The problem has to do with process +groups assigned to the pipeline and terminal. + +Patch: + +*** ../bash-4.0-patched/jobs.c 2009-01-29 17:09:49.000000000 -0500 +--- jobs.c 2009-04-17 21:08:20.000000000 -0400 +*************** +*** 443,447 **** + the_pipeline = saved_pipeline; + already_making_children = saved_already_making_children; +! if (discard) + discard_pipeline (old_pipeline); + } +--- 443,447 ---- + the_pipeline = saved_pipeline; + already_making_children = saved_already_making_children; +! if (discard && old_pipeline) + discard_pipeline (old_pipeline); + } +*************** +*** 4203,4205 **** +--- 4204,4225 ---- + } + ++ void ++ save_pgrp_pipe (p, clear) ++ int *p; ++ int clear; ++ { ++ p[0] = pgrp_pipe[0]; ++ p[1] = pgrp_pipe[1]; ++ if (clear) ++ pgrp_pipe[0] = pgrp_pipe[1] = -1; ++ } ++ ++ void ++ restore_pgrp_pipe (p) ++ int *p; ++ { ++ pgrp_pipe[0] = p[0]; ++ pgrp_pipe[1] = p[1]; ++ } ++ + #endif /* PGRP_PIPE */ +*** ../bash-4.0-patched/jobs.h 2009-01-04 14:32:29.000000000 -0500 +--- jobs.h 2009-04-17 15:07:51.000000000 -0400 +*************** +*** 236,239 **** +--- 236,241 ---- + + extern void close_pgrp_pipe __P((void)); ++ extern void save_pgrp_pipe __P((int *, int)); ++ extern void restore_pgrp_pipe __P((int *)); + + #if defined (JOB_CONTROL) +*** ../bash-4.0-patched/trap.c 2009-01-16 17:07:53.000000000 -0500 +--- trap.c 2009-04-17 22:22:36.000000000 -0400 +*************** +*** 799,802 **** +--- 799,804 ---- + { + int trap_exit_value; ++ pid_t save_pgrp; ++ int save_pipe[2]; + + /* XXX - question: should the DEBUG trap inherit the RETURN trap? */ +*************** +*** 804,808 **** +--- 806,832 ---- + if ((sigmodes[DEBUG_TRAP] & SIG_TRAPPED) && ((sigmodes[DEBUG_TRAP] & SIG_IGNORED) == 0) && ((sigmodes[DEBUG_TRAP] & SIG_INPROGRESS) == 0)) + { ++ #if defined (JOB_CONTROL) ++ save_pgrp = pipeline_pgrp; ++ pipeline_pgrp = 0; ++ save_pipeline (1); ++ # if defined (PGRP_PIPE) ++ save_pgrp_pipe (save_pipe, 1); ++ # endif ++ stop_making_children (); ++ #endif ++ + trap_exit_value = _run_trap_internal (DEBUG_TRAP, "debug trap"); ++ ++ #if defined (JOB_CONTROL) ++ pipeline_pgrp = save_pgrp; ++ restore_pipeline (1); ++ # if defined (PGRP_PIPE) ++ close_pgrp_pipe (); ++ restore_pgrp_pipe (save_pipe); ++ # endif ++ if (pipeline_pgrp > 0) ++ give_terminal_to (pipeline_pgrp, 1); ++ notify_and_cleanup (); ++ #endif + + #if defined (DEBUGGER) +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 18 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 19 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-020 b/data/bash/bash40-020 new file mode 100644 index 000000000..885f15efe --- /dev/null +++ b/data/bash/bash40-020 @@ -0,0 +1,83 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-020 + +Bug-Reported-by: Nicolai Lissner <nlissne@linux01.org> +Bug-Reference-ID: <20090412020510.GA29658@lilith> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-04/msg00104.html + +Bug-Description: + +If a SIGWINCH arrives while bash is performing redisplay, multi-line prompts +are displayed incorrectly due to the display code being called recursively. + +Patch: + +*** ../bash-4.0-patched/lib/readline/readline.h 2009-01-04 14:32:33.000000000 -0500 +--- lib/readline/readline.h 2009-04-13 08:47:00.000000000 -0400 +*************** +*** 815,820 **** + #define RL_STATE_MULTIKEY 0x200000 /* reading multiple-key command */ + #define RL_STATE_VICMDONCE 0x400000 /* entered vi command mode at least once */ + +! #define RL_STATE_DONE 0x800000 /* done; accepted line */ + + #define RL_SETSTATE(x) (rl_readline_state |= (x)) +--- 815,821 ---- + #define RL_STATE_MULTIKEY 0x200000 /* reading multiple-key command */ + #define RL_STATE_VICMDONCE 0x400000 /* entered vi command mode at least once */ ++ #define RL_STATE_REDISPLAYING 0x800000 /* updating terminal display */ + +! #define RL_STATE_DONE 0x1000000 /* done; accepted line */ + + #define RL_SETSTATE(x) (rl_readline_state |= (x)) +*** ../bash-4.0-patched/lib/readline/display.c 2009-01-04 14:32:32.000000000 -0500 +--- lib/readline/display.c 2009-04-13 08:29:54.000000000 -0400 +*************** +*** 513,516 **** +--- 513,517 ---- + data structures. */ + _rl_block_sigint (); ++ RL_SETSTATE (RL_STATE_REDISPLAYING); + + if (!rl_display_prompt) +*************** +*** 1237,1240 **** +--- 1238,1242 ---- + } + ++ RL_UNSETSTATE (RL_STATE_REDISPLAYING); + _rl_release_sigint (); + } +*** ../bash-4.0-patched/lib/readline/terminal.c 2009-01-04 14:32:34.000000000 -0500 +--- lib/readline/terminal.c 2009-04-13 08:43:00.000000000 -0400 +*************** +*** 356,360 **** + if (CUSTOM_REDISPLAY_FUNC ()) + rl_forced_update_display (); +! else + _rl_redisplay_after_sigwinch (); + } +--- 356,360 ---- + if (CUSTOM_REDISPLAY_FUNC ()) + rl_forced_update_display (); +! else if (RL_ISSTATE(RL_STATE_REDISPLAYING) == 0) + _rl_redisplay_after_sigwinch (); + } +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 19 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 20 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-021 b/data/bash/bash40-021 new file mode 100644 index 000000000..cf6ee1f5a --- /dev/null +++ b/data/bash/bash40-021 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-021 + +Bug-Reported-by: Matt Zyzik <matt.zyzik@nyu.edu> +Bug-Reference-ID: <20090319015542.696F62B8E8@ice.filescope.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-03/msg00149.html + +Bug-Description: + +When not in a locale supporting multibyte characters, readline will occasionally +not erase characters between the cursor position and the end of the line +when killing text backwards. + +Patch: + +*** ../bash-4.0-patched/lib/readline/display.c 2009-01-04 14:32:32.000000000 -0500 +--- lib/readline/display.c 2009-04-14 14:00:18.000000000 -0400 +*************** +*** 1775,1779 **** + adjust col_lendiff based on the difference between _rl_last_c_pos + and _rl_screenwidth */ +! if (col_lendiff && (_rl_last_c_pos < _rl_screenwidth)) + #endif + { +--- 1775,1779 ---- + adjust col_lendiff based on the difference between _rl_last_c_pos + and _rl_screenwidth */ +! if (col_lendiff && ((MB_CUR_MAX == 1 || rl_byte_oriented) || (_rl_last_c_pos < _rl_screenwidth))) + #endif + { +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 20 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 21 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-022 b/data/bash/bash40-022 new file mode 100644 index 000000000..5b6853805 --- /dev/null +++ b/data/bash/bash40-022 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-022 + +Bug-Reported-by: Bernd Eggink <monoped@sudrala.de> +Bug-Reference-ID: <49E65407.5010206@sudrala.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-04/msg00118.html + +Bug-Description: + +When parsing case statements in command substitutions, the shell did not +note that a newline is a shell metacharacter and can legally be followed +by a reserved word (e.g., `esac'). + +Patch: + +*** ../bash-4.0-patched/parse.y 2009-03-08 21:24:47.000000000 -0400 +--- parse.y 2009-04-15 22:27:56.000000000 -0400 +*************** +*** 3355,3359 **** + + /* Meta-characters that can introduce a reserved word. Not perfect yet. */ +! if MBTEST((tflags & LEX_RESWDOK) == 0 && (tflags & LEX_CKCASE) && (tflags & LEX_INCOMMENT) == 0 && shellmeta(ch)) + { + /* Add this character. */ +--- 3375,3379 ---- + + /* Meta-characters that can introduce a reserved word. Not perfect yet. */ +! if MBTEST((tflags & LEX_RESWDOK) == 0 && (tflags & LEX_CKCASE) && (tflags & LEX_INCOMMENT) == 0 && (shellmeta(ch) || ch == '\n')) + { + /* Add this character. */ +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 21 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 22 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-023 b/data/bash/bash40-023 new file mode 100644 index 000000000..d2376c7da --- /dev/null +++ b/data/bash/bash40-023 @@ -0,0 +1,62 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-023 + +Bug-Reported-by: Andreas Schwab <schwab@linux-m68k.org> +Bug-Reference-ID: <m21vrhhx08.fsf@igel.home> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-04/msg00160.html + +Bug-Description: + +If the prompt length exactly matches the screen width, and the prompt ends +with invisible characters, readline positions the cursor incorrectly. + +Patch: + +*** ../bash-4.0-patched/lib/readline/display.c 2009-01-04 14:32:32.000000000 -0500 +--- lib/readline/display.c 2009-04-25 21:42:18.000000000 -0400 +*************** +*** 1895,1898 **** +--- 1897,1904 ---- + woff = WRAP_OFFSET (_rl_last_v_pos, wrap_offset); + cpos = _rl_last_c_pos; ++ ++ if (cpos == 0 && cpos == new) ++ return; ++ + #if defined (HANDLE_MULTIBYTE) + /* If we have multibyte characters, NEW is indexed by the buffer point in +*************** +*** 1908,1914 **** + desired display position. */ + if ((new > prompt_last_invisible) || /* XXX - don't use woff here */ +! (prompt_physical_chars > _rl_screenwidth && + _rl_last_v_pos == prompt_last_screen_line && +! wrap_offset >= woff && + new > (prompt_last_invisible-(_rl_screenwidth*_rl_last_v_pos)-wrap_offset))) + /* XXX last comparison might need to be >= */ +--- 1914,1920 ---- + desired display position. */ + if ((new > prompt_last_invisible) || /* XXX - don't use woff here */ +! (prompt_physical_chars >= _rl_screenwidth && + _rl_last_v_pos == prompt_last_screen_line && +! wrap_offset >= woff && dpos >= woff && + new > (prompt_last_invisible-(_rl_screenwidth*_rl_last_v_pos)-wrap_offset))) + /* XXX last comparison might need to be >= */ +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 22 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 23 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-024 b/data/bash/bash40-024 new file mode 100644 index 000000000..ac2058ae3 --- /dev/null +++ b/data/bash/bash40-024 @@ -0,0 +1,112 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-024 + +Bug-Reported-by: Matt Zyzik <matt.zyzik@nyu.edu> +Bug-Reference-ID: <20090405205428.4FDEA1C7175@ice.filescope.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-04/msg00021.html + +Bug-Description: + +When using the ** globbing operator, bash will incorrectly add an extra +directory name when the preceding directory name ends with `*' or an empty +string when there is no preceding directory name. + +Patch: + +*** ../bash-4.0-patched/lib/glob/glob.c 2009-01-04 14:32:30.000000000 -0500 +--- lib/glob/glob.c 2009-04-28 10:22:29.000000000 -0400 +*************** +*** 357,361 **** + if (ep) + *ep = 0; +! if (r) + free (r); + return (struct globval *)0; +--- 357,361 ---- + if (ep) + *ep = 0; +! if (r && r != &glob_error_return) + free (r); + return (struct globval *)0; +*************** +*** 666,671 **** + } + +! /* compat: if GX_ALLDIRS, add the passed directory also */ +! if (add_current) + { + sdlen = strlen (dir); +--- 666,672 ---- + } + +! /* compat: if GX_ALLDIRS, add the passed directory also, but don't add an +! empty directory name. */ +! if (add_current && (flags & GX_NULLDIR) == 0) + { + sdlen = strlen (dir); +*************** +*** 679,686 **** + nextlink->next = lastlink; + lastlink = nextlink; +! if (flags & GX_NULLDIR) +! nextname[0] = '\0'; +! else +! bcopy (dir, nextname, sdlen + 1); + ++count; + } +--- 680,684 ---- + nextlink->next = lastlink; + lastlink = nextlink; +! bcopy (dir, nextname, sdlen + 1); + ++count; + } +*************** +*** 943,947 **** + register unsigned int l; + +! array = glob_dir_to_array (directories[i], temp_results, flags); + l = 0; + while (array[l] != NULL) +--- 941,950 ---- + register unsigned int l; + +! /* If we're expanding **, we don't need to glue the directory +! name to the results; we've already done it in glob_vector */ +! if ((dflags & GX_ALLDIRS) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0') +! array = temp_results; +! else +! array = glob_dir_to_array (directories[i], temp_results, flags); + l = 0; + while (array[l] != NULL) +*************** +*** 960,964 **** + + /* Note that the elements of ARRAY are not freed. */ +! free ((char *) array); + } + } +--- 963,968 ---- + + /* Note that the elements of ARRAY are not freed. */ +! if (array != temp_results) +! free ((char *) array); + } + } +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 23 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 24 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-025 b/data/bash/bash40-025 new file mode 100644 index 000000000..30b38ba31 --- /dev/null +++ b/data/bash/bash40-025 @@ -0,0 +1,104 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-025 + +Bug-Reported-by: Matt Zyzik <matt.zyzik@nyu.edu> +Bug-Reference-ID: <20090519011418.GA21431@ice.filescope.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-05/msg00044.html + +Bug-Description: + +bash40-024 introduced a regression for constructs like **/*.cs; that +expansion would no longer include matching files in the current directory. +This patch undoes portions of bash40-024 and fixes the original problem +in a different way. + +Patch: + +*** ../bash-4.0-patched/lib/glob/glob.c 2009-05-22 12:32:26.000000000 -0400 +--- lib/glob/glob.c 2009-05-22 12:35:55.000000000 -0400 +*************** +*** 666,672 **** + } + +! /* compat: if GX_ALLDIRS, add the passed directory also, but don't add an +! empty directory name. */ +! if (add_current && (flags & GX_NULLDIR) == 0) + { + sdlen = strlen (dir); +--- 666,673 ---- + } + +! /* compat: if GX_ADDCURDIR, add the passed directory also. Add an empty +! directory name as a placeholder if GX_NULLDIR (in which case the passed +! directory name is "."). */ +! if (add_current) + { + sdlen = strlen (dir); +*************** +*** 680,684 **** + nextlink->next = lastlink; + lastlink = nextlink; +! bcopy (dir, nextname, sdlen + 1); + ++count; + } +--- 681,688 ---- + nextlink->next = lastlink; + lastlink = nextlink; +! if (flags & GX_NULLDIR) +! nextname[0] = '\0'; +! else +! bcopy (dir, nextname, sdlen + 1); + ++count; + } +*************** +*** 1008,1016 **** + /* Just return what glob_vector () returns appended to the + directory name. */ + dflags = flags & ~GX_MARKDIRS; + if (directory_len == 0) + dflags |= GX_NULLDIR; + if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0') +! dflags |= GX_ALLDIRS|GX_ADDCURDIR; + temp_results = glob_vector (filename, + (directory_len == 0 ? "." : directory_name), +--- 1012,1033 ---- + /* Just return what glob_vector () returns appended to the + directory name. */ ++ /* If flags & GX_ALLDIRS, we're called recursively */ + dflags = flags & ~GX_MARKDIRS; + if (directory_len == 0) + dflags |= GX_NULLDIR; + if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0') +! { +! dflags |= GX_ALLDIRS|GX_ADDCURDIR; +! #if 0 +! /* If we want all directories (dflags & GX_ALLDIRS) and we're not +! being called recursively as something like `echo **/*.o' +! ((flags & GX_ALLDIRS) == 0), we want to prevent glob_vector from +! adding a null directory name to the front of the temp_results +! array. We turn off ADDCURDIR if not called recursively and +! dlen == 0 */ +! #endif +! if (directory_len == 0 && (flags & GX_ALLDIRS) == 0) +! dflags &= ~GX_ADDCURDIR; +! } + temp_results = glob_vector (filename, + (directory_len == 0 ? "." : directory_name), +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 24 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 25 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-026 b/data/bash/bash40-026 new file mode 100644 index 000000000..412b2c71b --- /dev/null +++ b/data/bash/bash40-026 @@ -0,0 +1,56 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-026 + +Bug-Reported-by: Sergei Steshenko <sergstesh@yahoo.com> +Bug-Reference-ID: <670181.38883.qm@web35204.mail.mud.yahoo.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-05/msg00059.html + +Bug-Description: + +A forgotten line in externs.h caused compilation errors to occur on some +systems (e.g., Cygwin). + +Patch: + +*** ../bash-4.0-patched/externs.h 2009-01-18 18:29:29.000000000 -0500 +--- externs.h 2009-06-02 09:05:40.000000000 -0400 +*************** +*** 193,196 **** +--- 193,198 ---- + + /* Declarations for functions defined in lib/sh/fpurge.c */ ++ ++ #if defined NEED_FPURGE_DECL + #if !HAVE_DECL_FPURGE + +*************** +*** 201,205 **** + + #endif /* HAVE_DECL_FPURGE */ +! + + /* Declarations for functions defined in lib/sh/getcwd.c */ +--- 203,207 ---- + + #endif /* HAVE_DECL_FPURGE */ +! #endif /* NEED_FPURGE_DECL */ + + /* Declarations for functions defined in lib/sh/getcwd.c */ +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 25 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 26 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-027 b/data/bash/bash40-027 new file mode 100644 index 000000000..a96ce4b1a --- /dev/null +++ b/data/bash/bash40-027 @@ -0,0 +1,67 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-027 + +Bug-Reported-by: jim@jim.sh +Bug-Reference-ID: <200905262140.n4QLeO4X030664@psychosis.jim.sh> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-05/msg00074.html + +Bug-Description: + +There are occasional cursor positioning errors when using readline's +horizontal scroll mode. + +Patch: + +*** ../bash-4.0-patched/lib/readline/display.c 2009-05-22 12:32:25.000000000 -0400 +--- lib/readline/display.c 2009-05-29 23:32:20.000000000 -0400 +*************** +*** 1190,1196 **** + line[t - 1] = '>'; + +! if (!rl_display_fixed || forced_display || lmargin != last_lmargin) + { + forced_display = 0; + update_line (&visible_line[last_lmargin], + &invisible_line[lmargin], +--- 1192,1200 ---- + line[t - 1] = '>'; + +! if (rl_display_fixed == 0 || forced_display || lmargin != last_lmargin) + { + forced_display = 0; ++ o_cpos = _rl_last_c_pos; ++ cpos_adjusted = 0; + update_line (&visible_line[last_lmargin], + &invisible_line[lmargin], +*************** +*** 1200,1203 **** +--- 1204,1214 ---- + 0); + ++ if ((MB_CUR_MAX > 1 && rl_byte_oriented == 0) && ++ cpos_adjusted == 0 && ++ _rl_last_c_pos != o_cpos && ++ _rl_last_c_pos > wrap_offset && ++ o_cpos < prompt_last_invisible) ++ _rl_last_c_pos -= prompt_invis_chars_first_line; /* XXX - was wrap_offset */ ++ + /* If the visible new line is shorter than the old, but the number + of invisible characters is greater, and we are at the end of +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 26 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 27 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-028 b/data/bash/bash40-028 new file mode 100644 index 000000000..a5b0b60a3 --- /dev/null +++ b/data/bash/bash40-028 @@ -0,0 +1,172 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-028 + +Bug-Reported-by: martin f krafft <madduck@debian.org> +Bug-Reference-ID: <4A4E39E7.5080807@debian.org> +Bug-Reference-URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519165 + http://lists.gnu.org/archive/html/bug-bash/2009-07/msg00011.html + +Bug-Description: + +bash-4.0 reverted to the historical shell behavior of raising an error +when $@ or $* was expanded after `set -u' had been executed and there +were no positional parameters. The Posix working group has since +clarified the standard's position on the issue, and $@ and $* are now the +only variables, parameters, or special parameters that do not raise an +error when unset if set -u is enabled. + +Patch: + +*** ../bash-4.0-patched/subst.c Mon Mar 23 11:34:55 2009 +--- subst.c Wed Jun 17 18:12:18 2009 +*************** +*** 6768,6778 **** + + case RBRACE: +! if (var_is_set == 0 && unbound_vars_is_error) + { + err_unboundvar (name); + FREE (value); + FREE (temp); + free (name); +- last_command_exit_value = EXECUTION_FAILURE; + return (interactive_shell ? &expand_wdesc_error : &expand_wdesc_fatal); + } +--- 6794,6804 ---- + + case RBRACE: +! if (var_is_set == 0 && unbound_vars_is_error && ((name[0] != '@' && name[0] != '*') || name[1])) + { ++ last_command_exit_value = EXECUTION_FAILURE; + err_unboundvar (name); + FREE (value); + FREE (temp); + free (name); + return (interactive_shell ? &expand_wdesc_error : &expand_wdesc_fatal); + } +*************** +*** 6991,6994 **** +--- 7017,7029 ---- + list = list_rest_of_args (); + ++ #if 0 ++ /* According to austin-group posix proposal by Geoff Clare in ++ <20090505091501.GA10097@squonk.masqnet> of 5 May 2009: ++ ++ "The shell shall write a message to standard error and ++ immediately exit when it tries to expand an unset parameter ++ other than the '@' and '*' special parameters." ++ */ ++ + if (list == 0 && unbound_vars_is_error && (pflags & PF_IGNUNBOUND) == 0) + { +*************** +*** 6996,7003 **** + uerror[1] = '*'; + uerror[2] = '\0'; +- err_unboundvar (uerror); + last_command_exit_value = EXECUTION_FAILURE; + return (interactive_shell ? &expand_wdesc_error : &expand_wdesc_fatal); + } + + /* If there are no command-line arguments, this should just +--- 7031,7039 ---- + uerror[1] = '*'; + uerror[2] = '\0'; + last_command_exit_value = EXECUTION_FAILURE; ++ err_unboundvar (uerror); + return (interactive_shell ? &expand_wdesc_error : &expand_wdesc_fatal); + } ++ #endif + + /* If there are no command-line arguments, this should just +*************** +*** 7053,7056 **** +--- 7089,7101 ---- + list = list_rest_of_args (); + ++ #if 0 ++ /* According to austin-group posix proposal by Geoff Clare in ++ <20090505091501.GA10097@squonk.masqnet> of 5 May 2009: ++ ++ "The shell shall write a message to standard error and ++ immediately exit when it tries to expand an unset parameter ++ other than the '@' and '*' special parameters." ++ */ ++ + if (list == 0 && unbound_vars_is_error && (pflags & PF_IGNUNBOUND) == 0) + { +*************** +*** 7058,7065 **** + uerror[1] = '@'; + uerror[2] = '\0'; +- err_unboundvar (uerror); + last_command_exit_value = EXECUTION_FAILURE; + return (interactive_shell ? &expand_wdesc_error : &expand_wdesc_fatal); + } + + /* We want to flag the fact that we saw this. We can't turn +--- 7103,7111 ---- + uerror[1] = '@'; + uerror[2] = '\0'; + last_command_exit_value = EXECUTION_FAILURE; ++ err_unboundvar (uerror); + return (interactive_shell ? &expand_wdesc_error : &expand_wdesc_fatal); + } ++ #endif + + /* We want to flag the fact that we saw this. We can't turn +*** ../bash-4.0-patched/doc/bash.1 Wed Feb 18 15:13:56 2009 +--- doc/bash.1 Wed Jun 17 08:51:19 2009 +*************** +*** 8258,8264 **** + .TP 8 + .B \-u +! Treat unset variables as an error when performing + parameter expansion. If expansion is attempted on an +! unset variable, the shell prints an error message, and, + if not interactive, exits with a non-zero status. + .TP 8 +--- 8274,8281 ---- + .TP 8 + .B \-u +! Treat unset variables and parameters other than the special +! parameters "@" and "*" as an error when performing + parameter expansion. If expansion is attempted on an +! unset variable or parameter, the shell prints an error message, and, + if not interactive, exits with a non-zero status. + .TP 8 +*** ../bash-4.0-patched/doc/bashref.texi Wed Feb 18 15:14:43 2009 +--- doc/bashref.texi Wed Jun 17 08:50:46 2009 +*************** +*** 4139,4143 **** + + @item -u +! Treat unset variables as an error when performing parameter expansion. + An error message will be written to the standard error, and a non-interactive + shell will exit. +--- 4151,4156 ---- + + @item -u +! Treat unset variables and parameters other than the special parameters +! @samp{@@} or @samp{*} as an error when performing parameter expansion. + An error message will be written to the standard error, and a non-interactive + shell will exit. +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 27 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 28 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-029 b/data/bash/bash40-029 new file mode 100644 index 000000000..a13176de2 --- /dev/null +++ b/data/bash/bash40-029 @@ -0,0 +1,106 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-029 + +Bug-Reported-by: Christian Krause <chkr@plauener.de> +Bug-Reference-ID: Thu, 25 Jun 2009 21:47:59 +0200 +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-06/msg00078.html + +Bug-Description: + +Previous versions of bash accepted strings in the initial environment +that were not valid shell variable assignments, usually because the +names were invalid, but still created shell variables from them and +passed them to child processes in the environment. + +Bash-4.0 ignores those names and does not pass them to child processes. +Some users and automated processes depend on invalid variables being +ignored and passed to child processes. + +This patch makes bash continue to ignore the invalid names, but pass +them to child processes in the export environment. + +Patch: + +*** ../bash-4.0-patched/variables.c 2009-01-04 14:32:46.000000000 -0500 +--- variables.c 2009-06-29 09:17:20.000000000 -0400 +*************** +*** 253,256 **** +--- 255,259 ---- + static int visible_var __P((SHELL_VAR *)); + static int visible_and_exported __P((SHELL_VAR *)); ++ static int export_environment_candidate __P((SHELL_VAR *)); + static int local_and_exported __P((SHELL_VAR *)); + static int variable_in_context __P((SHELL_VAR *)); +*************** +*** 376,383 **** + # endif + #endif + else if (legal_identifier (name)) + { + temp_var = bind_variable (name, string, 0); +! VSETATTR (temp_var, (att_exported | att_imported)); + array_needs_making = 1; + } +--- 379,393 ---- + # endif + #endif ++ #if 0 + else if (legal_identifier (name)) ++ #else ++ else ++ #endif + { + temp_var = bind_variable (name, string, 0); +! if (legal_identifier (name)) +! VSETATTR (temp_var, (att_exported | att_imported)); +! else +! VSETATTR (temp_var, (att_exported | att_imported | att_invisible)); + array_needs_making = 1; + } +*************** +*** 3083,3086 **** +--- 3098,3111 ---- + } + ++ /* Candidate variables for the export environment are either valid variables ++ with the export attribute or invalid variables inherited from the initial ++ environment and simply passed through. */ ++ static int ++ export_environment_candidate (var) ++ SHELL_VAR *var; ++ { ++ return (exported_p (var) && (invisible_p (var) == 0 || imported_p (var))); ++ } ++ + /* Return non-zero if VAR is a local variable in the current context and + is exported. */ +*************** +*** 3439,3443 **** +--- 3464,3472 ---- + SHELL_VAR **vars; + ++ #if 0 + vars = map_over (visible_and_exported, vcxt); ++ #else ++ vars = map_over (export_environment_candidate, vcxt); ++ #endif + + if (vars == 0) +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 28 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 29 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-030 b/data/bash/bash40-030 new file mode 100644 index 000000000..e4f038933 --- /dev/null +++ b/data/bash/bash40-030 @@ -0,0 +1,64 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-030 + +Bug-Reported-by: Henning Bekel <h.bekel@googlemail.com> +Bug-Reference-ID: <7c6eacF262ctuU1@mid.individual.net> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-07/msg00054.html + +Bug-Description: + +A shell function invoked with `bind -x' is supposed to be able to move the +cursor by setting READLINE_POINT. The effects of this assignment were +sometimes ignored. + +Patch: + +*** ../bash-4.0-patched/bashline.c 2009-01-08 09:29:24.000000000 -0500 +--- bashline.c 2009-07-16 14:13:41.000000000 -0400 +*************** +*** 3389,3393 **** + register int i; + intmax_t mi; +- int save_point; + sh_parser_state_t ps; + char *cmd, *value, *l; +--- 3389,3392 ---- +*************** +*** 3433,3437 **** + VSETATTR (v, att_exported); + l = value_cell (v); +- save_point = rl_point; + value = inttostr (rl_point, ibuf, sizeof (ibuf)); + v = bind_int_variable ("READLINE_POINT", value); +--- 3432,3435 ---- +*************** +*** 3451,3455 **** + { + i = mi; +! if (i != save_point) + { + rl_point = i; +--- 3449,3453 ---- + { + i = mi; +! if (i != rl_point) + { + rl_point = i; +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 29 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 30 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-031 b/data/bash/bash40-031 new file mode 100644 index 000000000..db46aa3fc --- /dev/null +++ b/data/bash/bash40-031 @@ -0,0 +1,62 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-031 + +Bug-Reported-by: Roman Rakus <rrakus@redhat.com> +Bug-Reference-ID: <4A93F6E9.4050401@redhat.com> +Bug-Reference-URL: + +Bug-Description: + +An implicit assignment to index "0" of an existing array variable caused +the shell to crash when the variable was unset. + +Patch: + +*** ../bash-4.0-patched/arrayfunc.c 2009-03-08 21:24:39.000000000 -0400 +--- arrayfunc.c 2009-08-24 09:29:43.000000000 -0400 +*************** +*** 99,103 **** + hash = assoc_create (0); + if (oldval) +! assoc_insert (hash, "0", oldval); + + FREE (value_cell (var)); +--- 99,103 ---- + hash = assoc_create (0); + if (oldval) +! assoc_insert (hash, savestring ("0"), oldval); + + FREE (value_cell (var)); +*** ../bash-4.0-patched/variables.c 2009-01-04 14:32:46.000000000 -0500 +--- variables.c 2009-08-24 09:29:58.000000000 -0400 +*************** +*** 2218,2222 **** + else if (assoc_p (entry)) + { +! assoc_insert (assoc_cell (entry), "0", newval); + free (newval); + } +--- 2218,2222 ---- + else if (assoc_p (entry)) + { +! assoc_insert (assoc_cell (entry), savestring ("0"), newval); + free (newval); + } +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 30 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 31 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-032 b/data/bash/bash40-032 new file mode 100644 index 000000000..0c9ba74da --- /dev/null +++ b/data/bash/bash40-032 @@ -0,0 +1,46 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-032 + +Bug-Reported-by: muszi@muszi.kite.hu +Bug-Reference-ID: <20090826113159.18815.qmail@muszi.kite.hu> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-08/msg00090.html + +Bug-Description: + +Bash-4.0 has a memory leak when processing ${!prefix@}. + +Patch: + +*** ../bash-4.0-patched/subst.c 2009-07-22 23:18:55.000000000 -0400 +--- subst.c 2009-08-26 23:08:51.000000000 -0400 +*************** +*** 6607,6611 **** + } + free (x); +! free (xlist); + free (temp1); + *indexp = sindex; +--- 6769,6773 ---- + } + free (x); +! dispose_words (xlist); + free (temp1); + *indexp = sindex; +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 31 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 32 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-033 b/data/bash/bash40-033 new file mode 100644 index 000000000..80fcb6be3 --- /dev/null +++ b/data/bash/bash40-033 @@ -0,0 +1,50 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-033 + +Bug-Reported-by: Dr. Werner Fink <werner@suse.de> +Bug-Reference-ID: <200907010951.n619p76I013912@boole.suse.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-07/msg00000.html + +Bug-Description: + +Bash-4.0 has a memory leak in the `read' builtin when the number of fields +read is not the same as the number of variables passed as arguments. + +Patch: + +*** ../bash-4.0-patched/builtins/read.def 2009-03-08 21:24:45.000000000 -0400 +--- builtins/read.def 2009-07-01 15:32:42.000000000 -0400 +*************** +*** 764,768 **** + tofree = input_string = t; + else +! input_string = strip_trailing_ifs_whitespace (t1, ifs_chars, saw_escape); + } + #endif +--- 764,771 ---- + tofree = input_string = t; + else +! { +! input_string = strip_trailing_ifs_whitespace (t1, ifs_chars, saw_escape); +! tofree = t; +! } + } + #endif +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 32 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 33 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-034 b/data/bash/bash40-034 new file mode 100644 index 000000000..bacb33ce1 --- /dev/null +++ b/data/bash/bash40-034 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-034 + +Bug-Reported-by: Anders Kaseorg <andersk@mit.edu> +Bug-Reference-ID: <1252856832.991059.8162.nullmailer@balanced-tree.mit.edu> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-09/msg00043.html + +Bug-Description: + +When using the globstar option, bash incorrectly interprets wildcarded path +components between a **/ and the last / as matching any path, even if the +constructed path does not match any files. + +Patch: + +*** ../bash-4.0-patched/lib/glob/glob.c 2009-07-22 23:18:50.000000000 -0400 +--- lib/glob/glob.c 2009-09-18 17:53:25.000000000 -0400 +*************** +*** 920,928 **** + char **temp_results; + + /* Scan directory even on a NULL filename. That way, `*h/' + returns only directories ending in `h', instead of all + files ending in `h' with a `/' appended. */ + dname = directories[i]; +! dflags = flags & ~GX_MARKDIRS; + if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0') + dflags |= GX_ALLDIRS|GX_ADDCURDIR; +--- 927,938 ---- + char **temp_results; + ++ /* XXX -- we've recursively scanned any directories resulting from ++ a `**', so turn off the flag. We turn it on again below if ++ filename is `**' */ + /* Scan directory even on a NULL filename. That way, `*h/' + returns only directories ending in `h', instead of all + files ending in `h' with a `/' appended. */ + dname = directories[i]; +! dflags = flags & ~(GX_MARKDIRS|GX_ALLDIRS|GX_ADDCURDIR); + if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0') + dflags |= GX_ALLDIRS|GX_ADDCURDIR; +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 33 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 34 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-035 b/data/bash/bash40-035 new file mode 100644 index 000000000..3b1af7505 --- /dev/null +++ b/data/bash/bash40-035 @@ -0,0 +1,62 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-035 + +Bug-Reported-by: Freddy Vulto <fvulto@gmail.com> +Bug-Reference-ID: <e9c463930909171341p7cbe6e43pa3788ebbe3adec4d@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-09/msg00044.html + +Bug-Description: + +Bash-4.0 incorrectly treated single and double quotes as delimiters rather +than introducing quoted strings when splitting the line into words for +programmable completion functions. + +Patch: + +*** ../bash-4.0-patched/pcomplete.c 2009-03-08 21:24:31.000000000 -0400 +--- pcomplete.c 2009-09-26 16:30:16.000000000 -0400 +*************** +*** 1176,1186 **** + WORD_LIST *ret; + char *delims; + +! #if 0 +! delims = "()<>;&| \t\n"; /* shell metacharacters break words */ +! #else +! delims = rl_completer_word_break_characters; +! #endif + ret = split_at_delims (line, llen, delims, sentinel, nwp, cwp); + return (ret); + } +--- 1176,1188 ---- + WORD_LIST *ret; + char *delims; ++ int i, j; + +! delims = xmalloc (strlen (rl_completer_word_break_characters) + 1); +! for (i = j = 0; rl_completer_word_break_characters[i]; i++) +! if (rl_completer_word_break_characters[i] != '\'' && rl_completer_word_break_characters[i] != '"') +! delims[j++] = rl_completer_word_break_characters[i]; +! delims[j] = '\0'; + ret = split_at_delims (line, llen, delims, sentinel, nwp, cwp); ++ free (delims); + return (ret); + } +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 34 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 35 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-036 b/data/bash/bash40-036 new file mode 100644 index 000000000..ed08e3936 --- /dev/null +++ b/data/bash/bash40-036 @@ -0,0 +1,90 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-036 + +Bug-Reported-by: Jerome Reybert <jreybert@gmail.com> +Bug-Reference-ID: <f5da50720908070109p1faa3847x5a9dff68d24a7197@mail.gmail.com> +Bug-Reference-URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538013 + +Bug-Description: + +Under some circumstances, menu-complete is unable to complete filenames. + +Patch: + +*** ../bash-4.0-patched/lib/readline/complete.c 2009-01-22 15:15:14.000000000 -0500 +--- lib/readline/complete.c 2009-08-26 17:15:59.000000000 -0400 +*************** +*** 2209,2213 **** + /* The first time through, we generate the list of matches and set things + up to insert them. */ +! if (rl_last_func != rl_menu_complete) + { + /* Clean up from previous call, if any. */ +--- 2252,2256 ---- + /* The first time through, we generate the list of matches and set things + up to insert them. */ +! if (rl_last_func != rl_old_menu_complete) + { + /* Clean up from previous call, if any. */ +*************** +*** 2221,2224 **** +--- 2264,2269 ---- + rl_completion_invoking_key = invoking_key; + ++ RL_SETSTATE(RL_STATE_COMPLETING); ++ + /* Only the completion entry function can change these. */ + set_completion_defaults ('%'); +*************** +*** 2260,2266 **** +--- 2305,2314 ---- + orig_text = (char *)0; + completion_changed_buffer = 0; ++ RL_UNSETSTATE(RL_STATE_COMPLETING); + return (0); + } + ++ RL_UNSETSTATE(RL_STATE_COMPLETING); ++ + for (match_list_size = 0; matches[match_list_size]; match_list_size++) + ; +*************** +*** 2338,2341 **** +--- 2386,2391 ---- + full_completion = 0; + ++ RL_SETSTATE(RL_STATE_COMPLETING); ++ + /* Only the completion entry function can change these. */ + set_completion_defaults ('%'); +*************** +*** 2379,2385 **** +--- 2429,2438 ---- + orig_text = (char *)0; + completion_changed_buffer = 0; ++ RL_UNSETSTATE(RL_STATE_COMPLETING); + return (0); + } + ++ RL_UNSETSTATE(RL_STATE_COMPLETING); ++ + for (match_list_size = 0; matches[match_list_size]; match_list_size++) + ; +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 35 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 36 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-037 b/data/bash/bash40-037 new file mode 100644 index 000000000..95baeb319 --- /dev/null +++ b/data/bash/bash40-037 @@ -0,0 +1,60 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-037 + +Bug-Reported-by: Chet Ramey <chet.ramey@case.edu> +Bug-Reference-ID: <4AD7D749.5030601@case.edu> +Bug-Reference-URL: + +Bug-Description: + +The configure script does not work on Snow Leopard and will result in +attempts to link against the incorrect version of readline. + +Patch: + +*** ../bash-4.0-patched/configure.in 2009-02-06 12:03:44.000000000 -0500 +--- configure.in 2009-10-01 16:38:24.000000000 -0400 +*************** +*** 534,538 **** + # dynamic version + case "${host_os}" in +! darwin[[89]]*) READLINE_LIB='${READLINE_LIBRARY}' ;; + *) READLINE_LIB=-lreadline ;; + esac +--- 534,538 ---- + # dynamic version + case "${host_os}" in +! darwin[[89]]*|darwin10*) READLINE_LIB='${READLINE_LIBRARY}' ;; + *) READLINE_LIB=-lreadline ;; + esac +*************** +*** 569,573 **** + # dynamic version + case "${host_os}" in +! darwin[[89]]*) HISTORY_LIB='${HISTORY_LIBRARY}' ;; + *) HISTORY_LIB=-lhistory ;; + esac +--- 569,573 ---- + # dynamic version + case "${host_os}" in +! darwin[[89]]*|darwin10*) HISTORY_LIB='${HISTORY_LIBRARY}' ;; + *) HISTORY_LIB=-lhistory ;; + esac +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 36 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 37 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-038 b/data/bash/bash40-038 new file mode 100644 index 000000000..80505cc34 --- /dev/null +++ b/data/bash/bash40-038 @@ -0,0 +1,56 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-038 + +Bug-Reported-by: werner@suse.de +Bug-Reference-ID: <201002251238.o1PCcYcg016893@boole.suse.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-02/msg00132.html + +Bug-Description: + +When the `read' builtin times out after the timeout specified with -t is +exceeded, it does not reset the flags that tell signal handlers to process +signals immediately instead of deferring their handling. This can result +in unsafe functions being called from signal handlers, which can cause bash +to hang or dump core. + +Patch (apply with `patch -p0'): + +*** ../bash-4.0-patched/builtins/read.def 2009-09-03 14:40:03.000000000 -0400 +--- builtins/read.def 2010-03-17 17:35:39.000000000 -0400 +*************** +*** 602,607 **** + zsyncfd (fd); + +- interrupt_immediately--; +- terminate_immediately--; + discard_unwind_frame ("read_builtin"); + +--- 616,619 ---- +*************** +*** 610,613 **** +--- 622,628 ---- + assign_vars: + ++ interrupt_immediately--; ++ terminate_immediately--; ++ + #if defined (ARRAY_VARS) + /* If -a was given, take the string read, break it into a list of words, +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 37 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 38 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-039 b/data/bash/bash40-039 new file mode 100644 index 000000000..3eac28cef --- /dev/null +++ b/data/bash/bash40-039 @@ -0,0 +1,104 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-039 + +Bug-Reported-by: Stephane Chazelas <stephane.chazelas@gmail.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +Under certain circumstances, bash will execute user code while processing the +environment for exported function definitions. + +Patch (apply with `patch -p0'): + +*** ../bash-4.0.38/builtins/common.h 2009-01-15 23:08:54.000000000 -0500 +--- builtins/common.h 2014-09-16 19:20:48.000000000 -0400 +*************** +*** 36,39 **** +--- 36,41 ---- + + /* Flags for describe_command, shared between type.def and command.def */ ++ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ ++ #define SEVAL_ONECMD 0x100 /* only allow a single command */ + #define CDESC_ALL 0x001 /* type -a */ + #define CDESC_SHORTDESC 0x002 /* command -V */ +*** ../bash-4.0.38/builtins/evalstring.c 2009-01-13 14:44:12.000000000 -0500 +--- builtins/evalstring.c 2014-09-16 19:20:48.000000000 -0400 +*************** +*** 259,262 **** +--- 259,270 ---- + struct fd_bitmap *bitmap; + ++ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) ++ { ++ internal_warning ("%s: ignoring function definition attempt", from_file); ++ should_jump_to_top_level = 0; ++ last_result = last_command_exit_value = EX_BADUSAGE; ++ break; ++ } ++ + bitmap = new_fd_bitmap (FD_BITMAP_SIZE); + begin_unwind_frame ("pe_dispose"); +*************** +*** 319,322 **** +--- 327,333 ---- + dispose_fd_bitmap (bitmap); + discard_unwind_frame ("pe_dispose"); ++ ++ if (flags & SEVAL_ONECMD) ++ break; + } + } +*** ../bash-4.0.38/variables.c 2009-09-19 13:04:23.000000000 -0400 +--- variables.c 2014-09-16 19:20:48.000000000 -0400 +*************** +*** 344,353 **** + strcpy (temp_string + char_index + 1, string); + +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); +! +! /* Ancient backwards compatibility. Old versions of bash exported +! functions like name()=() {...} */ +! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') +! name[char_index - 2] = '\0'; + + if (temp_var = find_function (name)) +--- 344,351 ---- + strcpy (temp_string + char_index + 1, string); + +! /* Don't import function names that are invalid identifiers from the +! environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + + if (temp_var = find_function (name)) +*************** +*** 358,365 **** + else + report_error (_("error importing function definition for `%s'"), name); +- +- /* ( */ +- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') +- name[char_index - 2] = '('; /* ) */ + } + #if defined (ARRAY_VARS) +--- 356,359 ---- +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 38 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 39 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/data/bash/bash40-040 b/data/bash/bash40-040 new file mode 100644 index 000000000..a8ae2c577 --- /dev/null +++ b/data/bash/bash40-040 @@ -0,0 +1,60 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.0 +Patch-ID: bash40-040 + +Bug-Reported-by: Tavis Ormandy <taviso () cmpxchg8b com> +Bug-Reference-ID: +Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 + +Bug-Description: + +Under certain circumstances, bash can incorrectly save a lookahead character and +return it on a subsequent call, even when reading a new line. + +Patch (apply with `patch -p0'): + +*** ../bash-4.0.39/parse.y 2009-06-02 09:08:07.000000000 -0400 +--- parse.y 2014-09-25 16:15:47.000000000 -0400 +*************** +*** 2671,2674 **** +--- 2671,2676 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*** ../bash-4.0.39/y.tab.c 2009-01-08 09:30:24.000000000 -0500 +--- y.tab.c 2014-09-25 20:27:08.000000000 -0400 +*************** +*** 4927,4930 **** +--- 4927,4932 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + last_read_token = '\n'; + token_to_read = '\n'; +*************** +*** 7910,7912 **** + } + #endif /* HANDLE_MULTIBYTE */ +- +--- 7912,7913 ---- +*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500 +--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 39 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 40 + + #endif /* _PATCHLEVEL_H_ */ |