diff --git a/bash-5.0-patch-10.patch b/bash-5.0-patch-10.patch new file mode 100644 index 0000000..b9b916e --- /dev/null +++ b/bash-5.0-patch-10.patch @@ -0,0 +1,116 @@ +From 6a3116f58c876ca58a786f0ddff578ecf126588e Mon Sep 17 00:00:00 2001 +From: Chet Ramey +Date: Thu, 29 Aug 2019 11:20:15 -0400 +Subject: [PATCH] Bash-5.0 patch 10: changes to posix-mode assignment + statements preceding functions and special builtins + +--- + patchlevel.h | 2 +- + tests/varenv.right | 6 +++--- + variables.c | 38 ++++++++++++++++++++++++++------------ + 3 files changed, 30 insertions(+), 16 deletions(-) + +diff --git a/patchlevel.h b/patchlevel.h +index 02f1d606..8002af70 100644 +--- a/patchlevel.h ++++ b/patchlevel.h +@@ -25,6 +25,6 @@ + regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh + looks for to find the patch level (for the sccs version string). */ + +-#define PATCHLEVEL 9 ++#define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +diff --git a/tests/varenv.right b/tests/varenv.right +index 159a8773..ca7d4cf1 100644 +--- a/tests/varenv.right ++++ b/tests/varenv.right +@@ -146,9 +146,9 @@ declare -x foo="abc" + inside: declare -x var="value" + outside: declare -- var="one" + inside: declare -x var="value" +-outside: declare -x var="value" +-inside: declare -- var="local" +-outside: declare -x var="global" ++outside: declare -- var="outside" ++inside: declare -x var="global" ++outside: declare -- var="outside" + foo= environment foo= + foo=foo environment foo=foo + foo=foo environment foo=foo +diff --git a/variables.c b/variables.c +index 610629ab..af3fd04a 100644 +--- a/variables.c ++++ b/variables.c +@@ -4460,9 +4460,9 @@ char **tempvar_list; + int tvlist_ind; + + /* Take a variable from an assignment statement preceding a posix special +- builtin (including `return') and create a global variable from it. This +- is called from merge_temporary_env, which is only called when in posix +- mode. */ ++ builtin (including `return') and create a variable from it as if a ++ standalone assignment statement had been performed. This is called from ++ merge_temporary_env, which is only called when in posix mode. */ + static void + push_posix_temp_var (data) + PTR_T data; +@@ -4472,16 +4472,27 @@ push_posix_temp_var (data) + + var = (SHELL_VAR *)data; + +- binding_table = global_variables->table; +- if (binding_table == 0) +- binding_table = global_variables->table = hash_create (VARIABLES_HASH_BUCKETS); ++ /* Just like do_assignment_internal(). This makes assignments preceding ++ special builtins act like standalone assignment statements when in ++ posix mode, satisfying the posix requirement that this affect the ++ "current execution environment." */ ++ v = bind_variable (var->name, value_cell (var), ASS_FORCE|ASS_NOLONGJMP); + +- v = bind_variable_internal (var->name, value_cell (var), binding_table, 0, ASS_FORCE|ASS_NOLONGJMP); ++ /* If this modifies an existing local variable, v->context will be non-zero. ++ If it comes back with v->context == 0, we bound at the global context. ++ Set binding_table appropriately. It doesn't matter whether it's correct ++ if the variable is local, only that it's not global_variables->table */ ++ binding_table = v->context ? shell_variables->table : global_variables->table; + + /* global variables are no longer temporary and don't need propagating. */ +- var->attributes &= ~(att_tempvar|att_propagate); ++ if (binding_table == global_variables->table) ++ var->attributes &= ~(att_tempvar|att_propagate); ++ + if (v) +- v->attributes |= var->attributes; ++ { ++ v->attributes |= var->attributes; ++ v->attributes &= ~att_tempvar; /* not a temp var now */ ++ } + + if (find_special_var (var->name) >= 0) + tempvar_list[tvlist_ind++] = savestring (var->name); +@@ -4575,14 +4586,17 @@ dispose_temporary_env (pushf) + sh_free_func_t *pushf; + { + int i; ++ HASH_TABLE *disposer; + + tempvar_list = strvec_create (HASH_ENTRIES (temporary_env) + 1); + tempvar_list[tvlist_ind = 0] = 0; +- +- hash_flush (temporary_env, pushf); +- hash_dispose (temporary_env); ++ ++ disposer = temporary_env; + temporary_env = (HASH_TABLE *)NULL; + ++ hash_flush (disposer, pushf); ++ hash_dispose (disposer); ++ + tempvar_list[tvlist_ind] = 0; + + array_needs_making = 1; +-- +2.21.0 + diff --git a/bash-5.0-patch-11.patch b/bash-5.0-patch-11.patch new file mode 100644 index 0000000..3a4172e --- /dev/null +++ b/bash-5.0-patch-11.patch @@ -0,0 +1,50 @@ +From d894cfd104086ddf68c286e67a5fb2e02eb43b7b Mon Sep 17 00:00:00 2001 +From: Chet Ramey +Date: Thu, 29 Aug 2019 11:21:20 -0400 +Subject: [PATCH] Bash-5.0 patch 11: fix quoted null character removal in + operands of conditional ([[) commands + +--- + patchlevel.h | 2 +- + subst.c | 6 +++++- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/patchlevel.h b/patchlevel.h +index 8002af70..772676c8 100644 +--- a/patchlevel.h ++++ b/patchlevel.h +@@ -25,6 +25,6 @@ + regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh + looks for to find the patch level (for the sccs version string). */ + +-#define PATCHLEVEL 10 ++#define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +diff --git a/subst.c b/subst.c +index 95591878..fd6db240 100644 +--- a/subst.c ++++ b/subst.c +@@ -3625,7 +3625,9 @@ remove_backslashes (string) + this case, we quote the string specially for the globbing code. If + SPECIAL is 2, this is an rhs argument for the =~ operator, and should + be quoted appropriately for regcomp/regexec. The caller is responsible +- for removing the backslashes if the unquoted word is needed later. */ ++ for removing the backslashes if the unquoted word is needed later. In ++ any case, since we don't perform word splitting, we need to do quoted ++ null character removal. */ + char * + cond_expand_word (w, special) + WORD_DESC *w; +@@ -3646,6 +3648,8 @@ cond_expand_word (w, special) + { + if (special == 0) /* LHS */ + { ++ if (l->word) ++ word_list_remove_quoted_nulls (l); + dequote_list (l); + r = string_list (l); + } +-- +2.21.0 + diff --git a/bash-5.0-patch-8.patch b/bash-5.0-patch-8.patch new file mode 100644 index 0000000..cb23681 --- /dev/null +++ b/bash-5.0-patch-8.patch @@ -0,0 +1,50 @@ +From 01323582f773ef4d08fa26a90e9a21285a8405f5 Mon Sep 17 00:00:00 2001 +From: Chet Ramey +Date: Wed, 14 Aug 2019 14:57:48 -0400 +Subject: [PATCH] Bash-5.0 patch 8: fix history offset when HISTSIZE == 0 that + can lead to crashes + +--- + bashhist.c | 5 ++++- + patchlevel.h | 2 +- + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/bashhist.c b/bashhist.c +index 7912cce3..d2155dce 100644 +--- a/bashhist.c ++++ b/bashhist.c +@@ -560,15 +560,18 @@ pre_process_line (line, print_changes, addit) + add that line to the history if ADDIT is non-zero. */ + if (!history_expansion_inhibited && history_expansion && history_expansion_p (line)) + { ++ int old_len; ++ + /* If we are expanding the second or later line of a multi-line + command, decrease history_length so references to history expansions + in these lines refer to the previous history entry and not the + current command. */ ++ old_len = history_length; + if (history_length > 0 && command_oriented_history && current_command_first_line_saved && current_command_line_count > 1) + history_length--; + expanded = history_expand (line, &history_value); + if (history_length >= 0 && command_oriented_history && current_command_first_line_saved && current_command_line_count > 1) +- history_length++; ++ history_length = old_len; + + if (expanded) + { +diff --git a/patchlevel.h b/patchlevel.h +index deb9c5b7..16c87404 100644 +--- a/patchlevel.h ++++ b/patchlevel.h +@@ -25,6 +25,6 @@ + regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh + looks for to find the patch level (for the sccs version string). */ + +-#define PATCHLEVEL 7 ++#define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +-- +2.21.0 + diff --git a/bash-5.0-patch-9.patch b/bash-5.0-patch-9.patch new file mode 100644 index 0000000..be8a347 --- /dev/null +++ b/bash-5.0-patch-9.patch @@ -0,0 +1,38 @@ +From 9f597fd10993313262cab400bf3c46ffb3f6fd1e Mon Sep 17 00:00:00 2001 +From: Chet Ramey +Date: Wed, 14 Aug 2019 14:58:44 -0400 +Subject: [PATCH] Bash-5.0 patch 9: fix file descriptor leak with zero-length + history file + +--- + lib/readline/histfile.c | 1 + + patchlevel.h | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/readline/histfile.c b/lib/readline/histfile.c +index dc64bde1..a8a92aa3 100644 +--- a/lib/readline/histfile.c ++++ b/lib/readline/histfile.c +@@ -305,6 +305,7 @@ read_history_range (const char *filename, int from, int to) + if (file_size == 0) + { + free (input); ++ close (file); + return 0; /* don't waste time if we don't have to */ + } + +diff --git a/patchlevel.h b/patchlevel.h +index 16c87404..02f1d606 100644 +--- a/patchlevel.h ++++ b/patchlevel.h +@@ -25,6 +25,6 @@ + regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh + looks for to find the patch level (for the sccs version string). */ + +-#define PATCHLEVEL 8 ++#define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +-- +2.21.0 + diff --git a/bash.spec b/bash.spec index 9363d74..fa89d0b 100644 --- a/bash.spec +++ b/bash.spec @@ -1,12 +1,12 @@ #% define beta_tag rc2 -%define patchleveltag .7 +%define patchleveltag .11 %define baseversion 5.0 %bcond_without tests Version: %{baseversion}%{patchleveltag} Name: bash Summary: The GNU Bourne Again shell -Release: 3%{?dist} +Release: 1%{?dist} License: GPLv3+ Url: https://www.gnu.org/software/bash Source0: https://ftp.gnu.org/gnu/bash/bash-%{baseversion}.tar.gz @@ -20,7 +20,7 @@ Source3: dot-bash_logout # Official upstream patches # Patches are converted to apply with '-p1' -%{lua:for i=1,7 do print(string.format("Patch%u: bash-5.0-patch-%u.patch\n", i, i)) end} +%{lua:for i=1,11 do print(string.format("Patch%u: bash-5.0-patch-%u.patch\n", i, i)) end} # Other patches # We don't want to add '/etc:/usr/etc' in standard utils path. @@ -308,6 +308,10 @@ end %{_libdir}/pkgconfig/%{name}.pc %changelog +* Fri Dec 06 2019 Siteshwar Vashisht - 5.0.11-1 +- Update to bash-5.0 patchlevel 11 + Resolves: #1745602 + * Fri Aug 02 2019 Kamil Dudka - 5.0.7-3 - Sanitize public header file Resolves: #1736676