]>
Commit | Line | Data |
---|---|---|
7ea6cba0 AB |
1 | BASH PATCH REPORT |
2 | ================= | |
3 | ||
4 | Bash-Release: 5.2 | |
5 | Patch-ID: bash52-010 | |
6 | ||
7 | Bug-Reported-by: larsh@apache.org | |
8 | Bug-Reference-ID: | |
9 | Bug-Reference-URL: https://savannah.gnu.org/support/?110744 | |
10 | ||
11 | Bug-Description: | |
12 | ||
13 | Bash-5.2 checks the first 128 characters of an executable file that execve() | |
14 | refuses to execute to see whether it's a binary file before trying to | |
15 | execute it as a shell script. This defeats some previously-supported use | |
16 | cases like "self-executing" jar files or "self-uncompressing" scripts. | |
17 | ||
18 | Patch (apply with `patch -p0'): | |
19 | ||
20 | *** ../bash-5.2-patched/general.c 2022-11-07 10:31:42.000000000 -0500 | |
21 | --- general.c 2022-11-18 14:48:45.000000000 -0500 | |
22 | *************** | |
23 | *** 684,687 **** | |
24 | --- 684,688 ---- | |
25 | { | |
26 | register int i; | |
27 | + int nline; | |
28 | unsigned char c; | |
29 | ||
30 | *************** | |
31 | *** 690,702 **** | |
32 | ||
33 | /* Generally we check the first line for NULs. If the first line looks like | |
34 | ! a `#!' interpreter specifier, we just look for NULs anywhere in the | |
35 | ! buffer. */ | |
36 | ! if (sample[0] == '#' && sample[1] == '!') | |
37 | ! return (memchr (sample, '\0', sample_len) != NULL); | |
38 | ||
39 | for (i = 0; i < sample_len; i++) | |
40 | { | |
41 | c = sample[i]; | |
42 | ! if (c == '\n') | |
43 | return (0); | |
44 | if (c == '\0') | |
45 | --- 691,701 ---- | |
46 | ||
47 | /* Generally we check the first line for NULs. If the first line looks like | |
48 | ! a `#!' interpreter specifier, we look for NULs in the first two lines. */ | |
49 | ! nline = (sample[0] == '#' && sample[1] == '!') ? 2 : 1; | |
50 | ||
51 | for (i = 0; i < sample_len; i++) | |
52 | { | |
53 | c = sample[i]; | |
54 | ! if (c == '\n' && --nline == 0) | |
55 | return (0); | |
56 | if (c == '\0') | |
57 | *** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 | |
58 | --- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 | |
59 | *************** | |
60 | *** 26,30 **** | |
61 | looks for to find the patch level (for the sccs version string). */ | |
62 | ||
63 | ! #define PATCHLEVEL 9 | |
64 | ||
65 | #endif /* _PATCHLEVEL_H_ */ | |
66 | --- 26,30 ---- | |
67 | looks for to find the patch level (for the sccs version string). */ | |
68 | ||
69 | ! #define PATCHLEVEL 10 | |
70 | ||
71 | #endif /* _PATCHLEVEL_H_ */ |