summaryrefslogtreecommitdiff
path: root/data/bash/bash40-025
diff options
context:
space:
mode:
authorJay Freeman <saurik@saurik.com>2014-09-26 10:03:21 +0000
committerJay Freeman <saurik@saurik.com>2014-09-26 10:03:21 +0000
commitd513c95110fbec3a9c1f6bb3d56e5ecf0971f058 (patch)
tree2183c599c8b9648ee8da49512604fe296c066c31 /data/bash/bash40-025
parenteaacbeade6c101df568afad2308bae83ebd56359 (diff)
Fix the shellshock vulnerability (not regression).
git-svn-id: http://svn.telesphoreo.org/trunk@793 514c082c-b64e-11dc-b46d-3d985efe055d
Diffstat (limited to 'data/bash/bash40-025')
-rw-r--r--data/bash/bash40-025104
1 files changed, 104 insertions, 0 deletions
diff --git a/data/bash/bash40-025 b/data/bash/bash40-025
new file mode 100644
index 000000000..30b38ba31
--- /dev/null
+++ b/data/bash/bash40-025
@@ -0,0 +1,104 @@
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.0
+Patch-ID: bash40-025
+
+Bug-Reported-by: Matt Zyzik <matt.zyzik@nyu.edu>
+Bug-Reference-ID: <20090519011418.GA21431@ice.filescope.com>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-05/msg00044.html
+
+Bug-Description:
+
+bash40-024 introduced a regression for constructs like **/*.cs; that
+expansion would no longer include matching files in the current directory.
+This patch undoes portions of bash40-024 and fixes the original problem
+in a different way.
+
+Patch:
+
+*** ../bash-4.0-patched/lib/glob/glob.c 2009-05-22 12:32:26.000000000 -0400
+--- lib/glob/glob.c 2009-05-22 12:35:55.000000000 -0400
+***************
+*** 666,672 ****
+ }
+
+! /* compat: if GX_ALLDIRS, add the passed directory also, but don't add an
+! empty directory name. */
+! if (add_current && (flags & GX_NULLDIR) == 0)
+ {
+ sdlen = strlen (dir);
+--- 666,673 ----
+ }
+
+! /* compat: if GX_ADDCURDIR, add the passed directory also. Add an empty
+! directory name as a placeholder if GX_NULLDIR (in which case the passed
+! directory name is "."). */
+! if (add_current)
+ {
+ sdlen = strlen (dir);
+***************
+*** 680,684 ****
+ nextlink->next = lastlink;
+ lastlink = nextlink;
+! bcopy (dir, nextname, sdlen + 1);
+ ++count;
+ }
+--- 681,688 ----
+ nextlink->next = lastlink;
+ lastlink = nextlink;
+! if (flags & GX_NULLDIR)
+! nextname[0] = '\0';
+! else
+! bcopy (dir, nextname, sdlen + 1);
+ ++count;
+ }
+***************
+*** 1008,1016 ****
+ /* Just return what glob_vector () returns appended to the
+ directory name. */
+ dflags = flags & ~GX_MARKDIRS;
+ if (directory_len == 0)
+ dflags |= GX_NULLDIR;
+ if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0')
+! dflags |= GX_ALLDIRS|GX_ADDCURDIR;
+ temp_results = glob_vector (filename,
+ (directory_len == 0 ? "." : directory_name),
+--- 1012,1033 ----
+ /* Just return what glob_vector () returns appended to the
+ directory name. */
++ /* If flags & GX_ALLDIRS, we're called recursively */
+ dflags = flags & ~GX_MARKDIRS;
+ if (directory_len == 0)
+ dflags |= GX_NULLDIR;
+ if ((flags & GX_GLOBSTAR) && filename[0] == '*' && filename[1] == '*' && filename[2] == '\0')
+! {
+! dflags |= GX_ALLDIRS|GX_ADDCURDIR;
+! #if 0
+! /* If we want all directories (dflags & GX_ALLDIRS) and we're not
+! being called recursively as something like `echo **/*.o'
+! ((flags & GX_ALLDIRS) == 0), we want to prevent glob_vector from
+! adding a null directory name to the front of the temp_results
+! array. We turn off ADDCURDIR if not called recursively and
+! dlen == 0 */
+! #endif
+! if (directory_len == 0 && (flags & GX_ALLDIRS) == 0)
+! dflags &= ~GX_ADDCURDIR;
+! }
+ temp_results = glob_vector (filename,
+ (directory_len == 0 ? "." : directory_name),
+*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500
+--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500
+***************
+*** 26,30 ****
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 24
+
+ #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 25
+
+ #endif /* _PATCHLEVEL_H_ */