summaryrefslogtreecommitdiff
path: root/data/bash/bash40-030
diff options
context:
space:
mode:
authorJay Freeman <saurik@saurik.com>2014-09-26 10:03:21 +0000
committerJay Freeman <saurik@saurik.com>2014-09-26 10:03:21 +0000
commitd513c95110fbec3a9c1f6bb3d56e5ecf0971f058 (patch)
tree2183c599c8b9648ee8da49512604fe296c066c31 /data/bash/bash40-030
parenteaacbeade6c101df568afad2308bae83ebd56359 (diff)
Fix the shellshock vulnerability (not regression).
git-svn-id: http://svn.telesphoreo.org/trunk@793 514c082c-b64e-11dc-b46d-3d985efe055d
Diffstat (limited to 'data/bash/bash40-030')
-rw-r--r--data/bash/bash40-03064
1 files changed, 64 insertions, 0 deletions
diff --git a/data/bash/bash40-030 b/data/bash/bash40-030
new file mode 100644
index 000000000..e4f038933
--- /dev/null
+++ b/data/bash/bash40-030
@@ -0,0 +1,64 @@
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.0
+Patch-ID: bash40-030
+
+Bug-Reported-by: Henning Bekel <h.bekel@googlemail.com>
+Bug-Reference-ID: <7c6eacF262ctuU1@mid.individual.net>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-07/msg00054.html
+
+Bug-Description:
+
+A shell function invoked with `bind -x' is supposed to be able to move the
+cursor by setting READLINE_POINT. The effects of this assignment were
+sometimes ignored.
+
+Patch:
+
+*** ../bash-4.0-patched/bashline.c 2009-01-08 09:29:24.000000000 -0500
+--- bashline.c 2009-07-16 14:13:41.000000000 -0400
+***************
+*** 3389,3393 ****
+ register int i;
+ intmax_t mi;
+- int save_point;
+ sh_parser_state_t ps;
+ char *cmd, *value, *l;
+--- 3389,3392 ----
+***************
+*** 3433,3437 ****
+ VSETATTR (v, att_exported);
+ l = value_cell (v);
+- save_point = rl_point;
+ value = inttostr (rl_point, ibuf, sizeof (ibuf));
+ v = bind_int_variable ("READLINE_POINT", value);
+--- 3432,3435 ----
+***************
+*** 3451,3455 ****
+ {
+ i = mi;
+! if (i != save_point)
+ {
+ rl_point = i;
+--- 3449,3453 ----
+ {
+ i = mi;
+! if (i != rl_point)
+ {
+ rl_point = i;
+*** ../bash-4.0/patchlevel.h 2009-01-04 14:32:40.000000000 -0500
+--- patchlevel.h 2009-02-22 16:11:31.000000000 -0500
+***************
+*** 26,30 ****
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 29
+
+ #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+ looks for to find the patch level (for the sccs version string). */
+
+! #define PATCHLEVEL 30
+
+ #endif /* _PATCHLEVEL_H_ */