From cbec836e567da291326bb75df286ae3bb887488b Mon Sep 17 00:00:00 2001
From: Michal Hlavinka <mhlavink@redhat.com>
Date: Dec 07 2011 15:05:39 +0000
Subject: fix: ksh crashes when browsing through history containing comment (#733813)

fix: ksh crashes when two subseguent dots are used in variable or command name (#733544)
fix: ksh can prematurely exit without crash or any error

---

diff --git a/ksh-20110630-ddotfix.patch b/ksh-20110630-ddotfix.patch
new file mode 100644
index 0000000..5dc7734
--- /dev/null
+++ b/ksh-20110630-ddotfix.patch
@@ -0,0 +1,12 @@
+diff -up ksh-20110630/src/cmd/ksh93/include/nval.h.ddotfix ksh-20110630/src/cmd/ksh93/include/nval.h
+--- ksh-20110630/src/cmd/ksh93/include/nval.h.ddotfix	2011-12-07 14:31:31.793236351 +0100
++++ ksh-20110630/src/cmd/ksh93/include/nval.h	2011-12-07 14:32:26.357677922 +0100
+@@ -198,7 +198,7 @@ struct Namval
+ 
+ /* name-value pair macros */
+ #define nv_isattr(np,f)		((np)->nvflag & (f))
+-#define nv_onattr(n,f)		((n)->nvflag |= (f))
++#define nv_onattr(n,f)		((n)?((n)->nvflag |= (f)):(f))
+ #define nv_offattr(n,f)		((n)->nvflag &= ~(f))
+ #define nv_isarray(np)		(nv_isattr((np),NV_ARRAY))
+ 
diff --git a/ksh-20110630-dontstop.patch b/ksh-20110630-dontstop.patch
new file mode 100644
index 0000000..0b95e70
--- /dev/null
+++ b/ksh-20110630-dontstop.patch
@@ -0,0 +1,21 @@
+diff -up ksh-20110630/src/cmd/ksh93/sh/xec.c.dontstop ksh-20110630/src/cmd/ksh93/sh/xec.c
+--- ksh-20110630/src/cmd/ksh93/sh/xec.c.dontstop	2011-11-29 09:13:47.264075568 +0100
++++ ksh-20110630/src/cmd/ksh93/sh/xec.c	2011-11-29 09:15:17.679734283 +0100
+@@ -3382,7 +3382,8 @@ static void sh_funct(Shell_t *shp,Namval
+ 	struct funenv fun;
+ 	char *fname = nv_getval(SH_FUNNAMENOD);
+ 	struct Level	*lp =(struct Level*)(SH_LEVELNOD->nvfun);
+-	int		level, pipepid=shp->pipepid;
++	int		level, pipepid=shp->pipepid, comsub=shp->comsub;
++	shp->comsub = 0;
+ 	shp->pipepid = 0;
+ 	sh_stats(STAT_FUNCT);
+ 	if(!lp->hdr.disc)
+@@ -3424,6 +3425,7 @@ static void sh_funct(Shell_t *shp,Namval
+ 	lp->maxlevel = level;
+ 	SH_LEVELNOD->nvalue.s = lp->maxlevel;
+ 	shp->last_root = nv_dict(DOTSHNOD);
++	shp->comsub = comsub;
+ #if 0
+ 	nv_putval(SH_FUNNAMENOD,shp->st.funname,NV_NOFREE);
+ #else
diff --git a/ksh-20110630-histfix.patch b/ksh-20110630-histfix.patch
new file mode 100644
index 0000000..6d08682
--- /dev/null
+++ b/ksh-20110630-histfix.patch
@@ -0,0 +1,21 @@
+diff -up ksh-20110630/src/cmd/ksh93/edit/edit.c.histfix ksh-20110630/src/cmd/ksh93/edit/edit.c
+--- ksh-20110630/src/cmd/ksh93/edit/edit.c.histfix	2011-03-03 16:20:03.000000000 +0100
++++ ksh-20110630/src/cmd/ksh93/edit/edit.c	2011-12-07 15:55:50.576089698 +0100
+@@ -1655,7 +1655,7 @@ int ed_histgen(Edit_t *ep,const char *pa
+ 	History_t	*hp;
+ 	off_t		offset;
+ 	int 		ac=0,l,m,n,index1,index2;
+-	char		*cp, **argv, **av, **ar;
++	char		*cp, **argv=NULL, **av, **ar;
+ 	if(!(hp=ep->sh->gd->hist_ptr))
+ 		return(0);
+ 	if(*pattern=='#')
+@@ -1734,7 +1734,7 @@ int ed_histgen(Edit_t *ep,const char *pa
+ 		mplast->next = 0;
+ 	}
+ 	ep->hlist = (Histmatch_t**)argv;
+-	ep->hfirst = ep->hlist[0];
++	ep->hfirst = ep->hlist ? ep->hlist[0] : NULL;
+ 	return(ep->hmax=ac);
+ }
+ 
diff --git a/ksh.spec b/ksh.spec
index edec199..034e72f 100644
--- a/ksh.spec
+++ b/ksh.spec
@@ -6,7 +6,7 @@ URL:          http://www.kornshell.com/
 Group:        System Environment/Shells
 License:      CPL
 Version:      20110630
-Release:      5%{?dist}
+Release:      6%{?dist}
 Source0:      http://www.research.att.com/~gsf/download/tgz/ast-ksh.%{releasedate}.tgz
 Source1:      http://www.research.att.com/~gsf/download/tgz/INIT.%{releasedate}.tgz
 Source3:      kshrc.rhs
@@ -28,6 +28,12 @@ Patch4:       ksh-20110630-fixkill.patch
 
 Patch5:       ksh-20110630-tmoutfix.patch
 
+Patch7:       ksh-20110630-dontstop.patch
+
+Patch8:       ksh-20110630-ddotfix.patch
+
+Patch9:       ksh-20110630-histfix.patch
+
 BuildRoot:    %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Conflicts:    pdksh
 Requires: coreutils, glibc-common, diffutils
@@ -51,6 +57,9 @@ with "sh" (the Bourne Shell).
 %patch3 -p1 -b .ifsfix
 %patch4 -p1 -b .fixkill
 %patch5 -p1 -b .tmoutfix
+%patch7 -p1 -b .dontstop
+%patch8 -p1 -b .ddotfix
+%patch9 -p1 -b .histfix
 
 #/dev/fd test does not work because of mock
 sed -i 's|ls /dev/fd|ls /proc/self/fd|' src/cmd/ksh93/features/options
@@ -77,6 +86,12 @@ install -m 644 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/skel/.kshrc
 install -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/kshrc
 
 %check
+%if 0%{?rhel} > 6
+%ifarch s390
+exit 0
+%endif
+%endif
+
 export SHELL=$(ls $(pwd)/arch/*/bin/ksh)
 cd src/cmd/ksh93/tests/
 ulimit -c unlimited
@@ -132,6 +147,11 @@ fi
     rm -rf $RPM_BUILD_ROOT
 
 %changelog
+* Wed Dec 07 2011 Michal Hlavinka <mhlavink@redhat.com> - 20110630-6
+- fix: ksh crashes when browsing through history containing comment (#733813)
+- fix: ksh crashes when two subseguent dots are used in variable or command name (#733544)
+- fix: ksh can prematurely exit without crash or any error
+
 * Fri Nov 25 2011 Michal Hlavinka <mhlavink@redhat.com> - 20110630-5
 - check test does not work correctly in mock environment, make it optional for now