]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/patches/bash/bash43-009
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Revert "bash/readline: drop orphaned patches"
[ipfire-2.x.git] / src / patches / bash / bash43-009
diff --git a/src/patches/bash/bash43-009 b/src/patches/bash/bash43-009
new file mode 100644 (file)
index 0000000..015835c
--- /dev/null
+++ b/src/patches/bash/bash43-009
@@ -0,0 +1,64 @@
+                            BASH PATCH REPORT
+                            =================
+
+Bash-Release:  4.3
+Patch-ID:      bash43-009
+
+Bug-Reported-by:       Matthias Klose <doko@debian.org>
+Bug-Reference-ID:      <53346FC8.6090005@debian.org>
+Bug-Reference-URL:     http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00171.html
+
+Bug-Description:
+
+There is a problem with unsigned sign extension when attempting to reallocate
+the input line when it is fewer than 3 characters long and there has been a
+history expansion.  The sign extension causes the shell to not reallocate the
+line, which results in a segmentation fault when it writes past the end.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.3-patched/parse.y        2014-02-11 09:42:10.000000000 -0500
+--- parse.y    2014-03-27 16:33:29.000000000 -0400
+***************
+*** 2425,2429 ****
+        if (shell_input_line_terminator != EOF)
+       {
+!        if (shell_input_line_size < SIZE_MAX && shell_input_line_len > shell_input_line_size - 3)
+           shell_input_line = (char *)xrealloc (shell_input_line,
+                                       1 + (shell_input_line_size += 2));
+--- 2425,2429 ----
+        if (shell_input_line_terminator != EOF)
+       {
+!        if (shell_input_line_size < SIZE_MAX-3 && (shell_input_line_len+3 > shell_input_line_size))
+           shell_input_line = (char *)xrealloc (shell_input_line,
+                                       1 + (shell_input_line_size += 2));
+*** ../bash-4.3-patched/y.tab.c        2014-03-28 11:17:06.000000000 -0400
+--- y.tab.c    2014-04-07 11:48:31.000000000 -0400
+***************
+*** 4737,4741 ****
+        if (shell_input_line_terminator != EOF)
+       {
+!        if (shell_input_line_size < SIZE_MAX && shell_input_line_len > shell_input_line_size - 3)
+           shell_input_line = (char *)xrealloc (shell_input_line,
+                                       1 + (shell_input_line_size += 2));
+--- 4737,4741 ----
+        if (shell_input_line_terminator != EOF)
+       {
+!        if (shell_input_line_size < SIZE_MAX-3 && (shell_input_line_len+3 > shell_input_line_size))
+           shell_input_line = (char *)xrealloc (shell_input_line,
+                                       1 + (shell_input_line_size += 2));
+*** ../bash-4.3/patchlevel.h   2012-12-29 10:47:57.000000000 -0500
+--- patchlevel.h       2014-03-20 20:01:28.000000000 -0400
+***************
+*** 26,30 ****
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 8
+  
+  #endif /* _PATCHLEVEL_H_ */
+--- 26,30 ----
+     looks for to find the patch level (for the sccs version string). */
+  
+! #define PATCHLEVEL 9
+  
+  #endif /* _PATCHLEVEL_H_ */
IPFire 2.x development tree