svashisht / rpms / bash

Forked from rpms/bash 6 years ago
Clone
Source Code
GIT

Blame bash43-029

RHEL-22619 bash-4.4-23 bash-5.0-patchlevel-17 bash-5.0-patchlevel-7 bash-5.0-rebase bash-5.0-syslog-history bash-5.1-patchlevel-12 bash-5.1-patchlevel-16 bash-5.1-rebase-to-patch-4 bash-5.1-rebase-to-patch-8 bash-5.1-update bash-5.2-patchlevel-2 bash-5.2-patchlevel-21 bash-5.2-patchlevel-26 bug-1726397 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f7 f8 f9 master rhbz1556867 rhbz1615131 rhbz1652639 rhbz2122331 rhbz2129927 rhbz2133097 rhbz2140722 rhbz2152991
  1.   42f4b108bb7d193b4b2f7122ea557533fb1ffc12
  2.   bash43-029
Blob History Raw
Ondrej Oprala f96c394 
			     BASH PATCH REPORT
Ondrej Oprala f96c394 
			     =================
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
Bash-Release:	4.3
Ondrej Oprala f96c394 
Patch-ID:	bash43-029
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
Bug-Reported-by:	Michal Zalewski <lcamtuf@coredump.cx>
Ondrej Oprala f96c394 
Bug-Reference-ID:
Ondrej Oprala f96c394 
Bug-Reference-URL:
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
Bug-Description:
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
When bash is parsing a function definition that contains a here-document
Ondrej Oprala f96c394 
delimited by end-of-file (or end-of-string), it leaves the closing delimiter
Ondrej Oprala f96c394 
uninitialized.  This can result in an invalid memory access when the parsed
Ondrej Oprala f96c394 
function is later copied.
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
Patch (apply with `patch -p0'):
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
*** ../bash-4.3.28/make_cmd.c	2011-12-16 08:08:01.000000000 -0500
Ondrej Oprala f96c394 
--- make_cmd.c	2014-10-02 11:24:23.000000000 -0400
Ondrej Oprala f96c394 
***************
Ondrej Oprala f96c394 
*** 693,696 ****
Ondrej Oprala f96c394 
--- 693,697 ----
Ondrej Oprala f96c394 
    temp->redirector = source;
Ondrej Oprala f96c394 
    temp->redirectee = dest_and_filename;
Ondrej Oprala f96c394 
+   temp->here_doc_eof = 0;
Ondrej Oprala f96c394 
    temp->instruction = instruction;
Ondrej Oprala f96c394 
    temp->flags = 0;
Ondrej Oprala f96c394 
*** ../bash-4.3.28/copy_cmd.c	2009-09-11 16:28:02.000000000 -0400
Ondrej Oprala f96c394 
--- copy_cmd.c	2014-10-02 11:24:23.000000000 -0400
Ondrej Oprala f96c394 
***************
Ondrej Oprala f96c394 
*** 127,131 ****
Ondrej Oprala f96c394 
      case r_reading_until:
Ondrej Oprala f96c394 
      case r_deblank_reading_until:
Ondrej Oprala f96c394 
!       new_redirect->here_doc_eof = savestring (redirect->here_doc_eof);
Ondrej Oprala f96c394 
        /*FALLTHROUGH*/
Ondrej Oprala f96c394 
      case r_reading_string:
Ondrej Oprala f96c394 
--- 127,131 ----
Ondrej Oprala f96c394 
      case r_reading_until:
Ondrej Oprala f96c394 
      case r_deblank_reading_until:
Ondrej Oprala f96c394 
!       new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0;
Ondrej Oprala f96c394 
        /*FALLTHROUGH*/
Ondrej Oprala f96c394 
      case r_reading_string:
Ondrej Oprala f96c394 
*** ../bash-4.3/patchlevel.h	2012-12-29 10:47:57.000000000 -0500
Ondrej Oprala f96c394 
--- patchlevel.h	2014-03-20 20:01:28.000000000 -0400
Ondrej Oprala f96c394 
***************
Ondrej Oprala f96c394 
*** 26,30 ****
Ondrej Oprala f96c394 
     looks for to find the patch level (for the sccs version string). */
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
! #define PATCHLEVEL 26
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
  #endif /* _PATCHLEVEL_H_ */
Ondrej Oprala f96c394 
--- 26,30 ----
Ondrej Oprala f96c394 
     looks for to find the patch level (for the sccs version string). */
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
! #define PATCHLEVEL 29
Ondrej Oprala f96c394
Ondrej Oprala f96c394 
  #endif /* _PATCHLEVEL_H_ */
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.