7 Bug-Reported-by: Brett Stahlman <brettstahlman@comcast.net>
8 Bug-Reference-ID: <000701c72d29$a227e0e0$5ec7cf47@computerroom>
9 Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-12/msg00065.html
13 Bash mishandles word splitting under certain circumstances when IFS is
14 null (IFS=). Constructs affected include ${param/pat/sub} and others
15 when expanding arrays (array[@]).
19 *** ../bash-3.2-patched/array.c Wed Jun 1 16:39:22 2005
20 --- array.c Mon Jan 15 22:58:00 2007
25 - #ifdef INCLUDE_UNUSED
27 * Make and return a new array composed of the elements in array A from
31 n = array_create_element (element_index(p), element_value(p));
32 ADD_BEFORE(a->head, n);
33 ! mi = element_index(ae);
37 n = array_create_element (element_index(p), element_value(p));
38 ADD_BEFORE(a->head, n);
39 ! mi = element_index(n);
56 + array_quote_escapes(array)
62 + if (array == 0 || array_head(array) == 0 || array_empty(array))
63 + return (ARRAY *)NULL;
64 + for (a = element_forw(array->head); a != array->head; a = element_forw(a)) {
65 + t = quote_escapes (a->value);
73 * Return a string whose elements are the members of array A beginning at
82 p = a ? array_head (a) : 0;
89 ! char *ifs, sep[2], *t;
91 p = a ? array_head (a) : 0;
97 + a2 = array_slice(a, h, p);
99 + if (quoted & (Q_DOUBLE_QUOTES|Q_HERE_DOCUMENT))
102 + array_quote_escapes(a2);
104 if (starsub && (quoted & (Q_DOUBLE_QUOTES|Q_HERE_DOCUMENT))) {
110 ! return (array_to_string_internal (h, p, sep, quoted));
116 ! t = array_to_string (a2, sep, 0);
125 if (mflags & MATCH_QUOTED)
127 if (mflags & MATCH_STARSUB) {
131 if (mflags & MATCH_QUOTED)
134 ! array_quote_escapes(a2);
135 if (mflags & MATCH_STARSUB) {
137 *** ../bash-3.2-patched/array.h Sun Jun 1 15:50:30 2003
138 --- array.h Mon Jan 15 22:35:35 2007
142 extern int array_shift_element __P((ARRAY *, char *));
143 extern ARRAY *array_quote __P((ARRAY *));
144 + extern ARRAY *array_quote_escapes __P((ARRAY *));
146 extern char *array_subrange __P((ARRAY *, arrayind_t, arrayind_t, int, int));
147 *** ../bash-3.2-patched/subst.c Fri Mar 2 16:20:50 2007
148 --- subst.c Tue Mar 6 11:40:55 2007
154 + /* XXX -- why call quote_list if ifs == 0? we can get away without doing
155 + it now that quote_escapes quotes spaces */
157 tlist = ((quoted & (Q_HERE_DOCUMENT|Q_DOUBLE_QUOTES)) || (ifs && *ifs == 0))
159 + tlist = (quoted & (Q_HERE_DOCUMENT|Q_DOUBLE_QUOTES))
162 : list_quote_escapes (list);
165 /* Quote escape characters in string s, but no other characters. This is
166 used to protect CTLESC and CTLNUL in variable values from the rest of
167 ! the word expansion process after the variable is expanded. */
169 quote_escapes (string)
171 /* Quote escape characters in string s, but no other characters. This is
172 used to protect CTLESC and CTLNUL in variable values from the rest of
173 ! the word expansion process after the variable is expanded. If IFS is
174 ! null, we quote spaces as well, just in case we split on spaces later
175 ! (in the case of unquoted $@, we will eventually attempt to split the
176 ! entire word on spaces). Corresponding code exists in dequote_escapes.
177 ! Even if we don't end up splitting on spaces, quoting spaces is not a
180 quote_escapes (string)
192 send = string + slen;
194 + quote_spaces = (ifs_value && *ifs_value == 0);
195 t = result = (char *)xmalloc ((slen * 2) + 1);
201 ! if (*s == CTLESC || *s == CTLNUL)
203 COPY_CHAR_P (t, s, send);
207 ! if (*s == CTLESC || *s == CTLNUL || (quote_spaces && *s == ' '))
209 COPY_CHAR_P (t, s, send);
220 return (strcpy (result, s));
224 ! if (*s == CTLESC && (s[1] == CTLESC || s[1] == CTLNUL))
228 return (strcpy (result, s));
230 + quote_spaces = (ifs_value && *ifs_value == 0);
233 ! if (*s == CTLESC && (s[1] == CTLESC || s[1] == CTLNUL || (quote_spaces && s[1] == ' ')))
238 RESIZE_MALLOCED_BUFFER (istring, istring_index, 2, istring_size, DEFAULT_ARRAY_SIZE);
240 ! if ((quoted & (Q_HERE_DOCUMENT|Q_DOUBLE_QUOTES)) || c == CTLESC || c == CTLNUL)
241 istring[istring_index++] = CTLESC;
244 RESIZE_MALLOCED_BUFFER (istring, istring_index, 2, istring_size, DEFAULT_ARRAY_SIZE);
246 ! /* This is essentially quote_string inline */
247 ! if ((quoted & (Q_HERE_DOCUMENT|Q_DOUBLE_QUOTES)) /* || c == CTLESC || c == CTLNUL */)
248 ! istring[istring_index++] = CTLESC;
249 ! /* Escape CTLESC and CTLNUL in the output to protect those characters
250 ! from the rest of the word expansions (word splitting and globbing.)
251 ! This is essentially quote_escapes inline. */
252 ! else if (c == CTLESC)
253 ! istring[istring_index++] = CTLESC;
254 ! else if (c == CTLNUL || (c == ' ' && (ifs_value && *ifs_value == 0)))
255 istring[istring_index++] = CTLESC;
260 rely on array_subrange to understand how to deal with them). */
261 tt = array_subrange (array_cell (v), e1, e2, starsub, quoted);
263 + /* array_subrange now calls array_quote_escapes as appropriate, so the
264 + caller no longer needs to. */
265 if ((quoted & (Q_DOUBLE_QUOTES|Q_HERE_DOCUMENT)) == 0)
279 temp = array_patsub (array_cell (v), p, rep, mflags);
281 + /* Don't need to do this anymore; array_patsub calls array_quote_escapes
282 + as appropriate before adding the space separators. */
283 if (temp && (mflags & MATCH_QUOTED) == 0)
293 *** ../bash-3.2/patchlevel.h Thu Apr 13 08:31:04 2006
294 --- patchlevel.h Mon Oct 16 14:22:54 2006
297 looks for to find the patch level (for the sccs version string). */
299 ! #define PATCHLEVEL 13
301 #endif /* _PATCHLEVEL_H_ */
303 looks for to find the patch level (for the sccs version string). */
305 ! #define PATCHLEVEL 14
307 #endif /* _PATCHLEVEL_H_ */