[people/pmueller/ipfire-2.x.git] / src / patches / bash / bash52-010

			     BASH PATCH REPORT
			     =================

Bash-Release:	5.2
Patch-ID:	bash52-010

Bug-Reported-by:	larsh@apache.org
Bug-Reference-ID:
Bug-Reference-URL:	https://savannah.gnu.org/support/?110744

Bug-Description:

Bash-5.2 checks the first 128 characters of an executable file that execve()
refuses to execute to see whether it's a binary file before trying to
execute it as a shell script. This defeats some previously-supported use
cases like "self-executing" jar files or "self-uncompressing" scripts.

Patch (apply with `patch -p0'):

*** ../bash-5.2-patched/general.c	2022-11-07 10:31:42.000000000 -0500
--- general.c	2022-11-18 14:48:45.000000000 -0500
***************
*** 684,687 ****
--- 684,688 ----
  {
    register int i;
+   int nline;
    unsigned char c;
  
***************
*** 690,702 ****
  
    /* Generally we check the first line for NULs. If the first line looks like
!      a `#!' interpreter specifier, we just look for NULs anywhere in the
!      buffer. */
!   if (sample[0] == '#' && sample[1] == '!')
!     return (memchr (sample, '\0', sample_len) != NULL);
  
    for (i = 0; i < sample_len; i++)
      {
        c = sample[i];
!       if (c == '\n')
  	return (0);
        if (c == '\0')
--- 691,701 ----
  
    /* Generally we check the first line for NULs. If the first line looks like
!      a `#!' interpreter specifier, we look for NULs in the first two lines. */
!   nline = (sample[0] == '#' && sample[1] == '!') ? 2 : 1;
  
    for (i = 0; i < sample_len; i++)
      {
        c = sample[i];
!       if (c == '\n' && --nline == 0)
  	return (0);
        if (c == '\0')
*** ../bash-5.2/patchlevel.h	2020-06-22 14:51:03.000000000 -0400
--- patchlevel.h	2020-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 9
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 10
  
  #endif /* _PATCHLEVEL_H_ */
Commit	Line	Data
7ea6cba0 AB	1	BASH PATCH REPORT
	2	=================
	3
	4	Bash-Release: 5.2
	5	Patch-ID: bash52-010
	6
	7	Bug-Reported-by: larsh@apache.org
	8	Bug-Reference-ID:
	9	Bug-Reference-URL: https://savannah.gnu.org/support/?110744
	10
	11	Bug-Description:
	12
	13	Bash-5.2 checks the first 128 characters of an executable file that execve()
	14	refuses to execute to see whether it's a binary file before trying to
	15	execute it as a shell script. This defeats some previously-supported use
	16	cases like "self-executing" jar files or "self-uncompressing" scripts.
	17
	18	Patch (apply with `patch -p0'):
	19
	20	*** ../bash-5.2-patched/general.c 2022-11-07 10:31:42.000000000 -0500
	21	--- general.c 2022-11-18 14:48:45.000000000 -0500
	22	***************
	23	* 684,687 **
	24	--- 684,688 ----
	25	{
	26	register int i;
	27	+ int nline;
	28	unsigned char c;
	29
	30	***************
	31	* 690,702 **
	32
	33	/* Generally we check the first line for NULs. If the first line looks like
	34	! a `#!' interpreter specifier, we just look for NULs anywhere in the
	35	! buffer. */
	36	! if (sample[0] == '#' && sample[1] == '!')
	37	! return (memchr (sample, '\0', sample_len) != NULL);
	38
	39	for (i = 0; i < sample_len; i++)
	40	{
	41	c = sample[i];
	42	! if (c == '\n')
	43	return (0);
	44	if (c == '\0')
	45	--- 691,701 ----
	46
	47	/* Generally we check the first line for NULs. If the first line looks like
	48	! a `#!' interpreter specifier, we look for NULs in the first two lines. */
	49	! nline = (sample[0] == '#' && sample[1] == '!') ? 2 : 1;
	50
	51	for (i = 0; i < sample_len; i++)
	52	{
	53	c = sample[i];
	54	! if (c == '\n' && --nline == 0)
	55	return (0);
	56	if (c == '\0')
	57	*** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400
	58	--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400
	59	***************
	60	* 26,30 **
	61	looks for to find the patch level (for the sccs version string). */
	62
	63	! #define PATCHLEVEL 9
	64
65	#endif /* _PATCHLEVEL_H_ */
66	--- 26,30 ----
67	looks for to find the patch level (for the sccs version string). */
68
69	! #define PATCHLEVEL 10
70
71	#endif /* _PATCHLEVEL_H_ */