From d513c95110fbec3a9c1f6bb3d56e5ecf0971f058 Mon Sep 17 00:00:00 2001
From: Jay Freeman <saurik@saurik.com>
Date: Fri, 26 Sep 2014 10:03:21 +0000
Subject: Fix the shellshock vulnerability (not regression).

git-svn-id: http://svn.telesphoreo.org/trunk@793 514c082c-b64e-11dc-b46d-3d985efe055d
---
 data/bash/bash40-020 | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 83 insertions(+)
 create mode 100644 data/bash/bash40-020

(limited to 'data/bash/bash40-020')

diff --git a/data/bash/bash40-020 b/data/bash/bash40-020
new file mode 100644
index 000000000..885f15efe
--- /dev/null
+++ b/data/bash/bash40-020
@@ -0,0 +1,83 @@
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release: 4.0
+Patch-ID: bash40-020
+
+Bug-Reported-by: Nicolai Lissner <nlissne@linux01.org>
+Bug-Reference-ID: <20090412020510.GA29658@lilith>
+Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2009-04/msg00104.html
+
+Bug-Description:
+
+If a SIGWINCH arrives while bash is performing redisplay, multi-line prompts
+are displayed incorrectly due to the display code being called recursively.
+
+Patch:
+
+*** ../bash-4.0-patched/lib/readline/readline.h	2009-01-04 14:32:33.000000000 -0500
+--- lib/readline/readline.h	2009-04-13 08:47:00.000000000 -0400
+***************
+*** 815,820 ****
+  #define RL_STATE_MULTIKEY	0x200000	/* reading multiple-key command */
+  #define RL_STATE_VICMDONCE	0x400000	/* entered vi command mode at least once */
+  
+! #define RL_STATE_DONE		0x800000	/* done; accepted line */
+  
+  #define RL_SETSTATE(x)		(rl_readline_state |= (x))
+--- 815,821 ----
+  #define RL_STATE_MULTIKEY	0x200000	/* reading multiple-key command */
+  #define RL_STATE_VICMDONCE	0x400000	/* entered vi command mode at least once */
++ #define RL_STATE_REDISPLAYING	0x800000	/* updating terminal display */
+  
+! #define RL_STATE_DONE		0x1000000	/* done; accepted line */
+  
+  #define RL_SETSTATE(x)		(rl_readline_state |= (x))
+*** ../bash-4.0-patched/lib/readline/display.c	2009-01-04 14:32:32.000000000 -0500
+--- lib/readline/display.c	2009-04-13 08:29:54.000000000 -0400
+***************
+*** 513,516 ****
+--- 513,517 ----
+       data structures. */
+    _rl_block_sigint ();  
++   RL_SETSTATE (RL_STATE_REDISPLAYING);
+  
+    if (!rl_display_prompt)
+***************
+*** 1237,1240 ****
+--- 1238,1242 ----
+    }
+  
++   RL_UNSETSTATE (RL_STATE_REDISPLAYING);
+    _rl_release_sigint ();
+  }
+*** ../bash-4.0-patched/lib/readline/terminal.c	2009-01-04 14:32:34.000000000 -0500
+--- lib/readline/terminal.c	2009-04-13 08:43:00.000000000 -0400
+***************
+*** 356,360 ****
+        if (CUSTOM_REDISPLAY_FUNC ())
+  	rl_forced_update_display ();
+!       else
+  	_rl_redisplay_after_sigwinch ();
+      }
+--- 356,360 ----
+        if (CUSTOM_REDISPLAY_FUNC ())
+  	rl_forced_update_display ();
+!       else if (RL_ISSTATE(RL_STATE_REDISPLAYING) == 0)
+  	_rl_redisplay_after_sigwinch ();
+      }
+*** ../bash-4.0/patchlevel.h	2009-01-04 14:32:40.000000000 -0500
+--- patchlevel.h	2009-02-22 16:11:31.000000000 -0500
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 19
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 20
+  
+  #endif /* _PATCHLEVEL_H_ */
-- 
cgit v1.2.3