buildroot/package/bash/bash-4.2-036.patch
Gustavo Zacarias 8add5064c3 bash: security bump to version 4.2 pl37
Bump bash to version 4.2 patchlevel 37.
Fixes CVE-2012-3410.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-08-24 23:47:56 +02:00

93 lines
3.1 KiB
Diff

BASH PATCH REPORT
=================
Bash-Release: 4.2
Patch-ID: bash42-036
Bug-Reported-by: gregrwm <backuppc-users@whitleymott.net>
Bug-Reference-ID: <CAD+dB9B4JG+qUwZBQUwiQmVt0j6NDn=DDTxr9R+nkA8DL4KLJA@mail.gmail.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2012-05/msg00108.html
Bug-Description:
Bash-4.2 produces incorrect word splitting results when expanding
double-quoted $@ in the same string as and adjacent to other variable
expansions. The $@ should be split, the other expansions should not.
Patch (apply with `patch -p0'):
*** ../bash-4.2-patched/subst.c 2012-05-02 12:02:33.000000000 -0400
--- ./subst.c 2012-07-08 21:19:32.000000000 -0400
***************
*** 7923,7927 ****
/* State flags */
int had_quoted_null;
! int has_dollar_at;
int tflag;
int pflags; /* flags passed to param_expand */
--- 7923,7927 ----
/* State flags */
int had_quoted_null;
! int has_dollar_at, temp_has_dollar_at;
int tflag;
int pflags; /* flags passed to param_expand */
***************
*** 8128,8138 ****
*expanded_something = 1;
! has_dollar_at = 0;
pflags = (word->flags & W_NOCOMSUB) ? PF_NOCOMSUB : 0;
if (word->flags & W_NOSPLIT2)
pflags |= PF_NOSPLIT2;
tword = param_expand (string, &sindex, quoted, expanded_something,
! &has_dollar_at, &quoted_dollar_at,
&had_quoted_null, pflags);
if (tword == &expand_wdesc_error || tword == &expand_wdesc_fatal)
--- 8128,8139 ----
*expanded_something = 1;
! temp_has_dollar_at = 0;
pflags = (word->flags & W_NOCOMSUB) ? PF_NOCOMSUB : 0;
if (word->flags & W_NOSPLIT2)
pflags |= PF_NOSPLIT2;
tword = param_expand (string, &sindex, quoted, expanded_something,
! &temp_has_dollar_at, &quoted_dollar_at,
&had_quoted_null, pflags);
+ has_dollar_at += temp_has_dollar_at;
if (tword == &expand_wdesc_error || tword == &expand_wdesc_fatal)
***************
*** 8275,8281 ****
temp = (char *)NULL;
! has_dollar_at = 0;
/* Need to get W_HASQUOTEDNULL flag through this function. */
! list = expand_word_internal (tword, Q_DOUBLE_QUOTES, 0, &has_dollar_at, (int *)NULL);
if (list == &expand_word_error || list == &expand_word_fatal)
--- 8276,8283 ----
temp = (char *)NULL;
! temp_has_dollar_at = 0; /* XXX */
/* Need to get W_HASQUOTEDNULL flag through this function. */
! list = expand_word_internal (tword, Q_DOUBLE_QUOTES, 0, &temp_has_dollar_at, (int *)NULL);
! has_dollar_at += temp_has_dollar_at;
if (list == &expand_word_error || list == &expand_word_fatal)
*** ../bash-4.2-patched/patchlevel.h Sat Jun 12 20:14:48 2010
--- ./patchlevel.h Thu Feb 24 21:41:34 2011
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 35
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 36
#endif /* _PATCHLEVEL_H_ */