Bash-5.3 patch 15: fix read builtin to avoid cases where -1 is used as an index into...

diff --git a/builtins/read.def b/builtins/read.def
index 854b7b8fb62c24e35e90959ab1486184daf2ea13..6189dafa6f907ebd0a7c764c2682ffb7ee4ee15b 100644 (file)
--- a/builtins/read.def
+++ b/builtins/read.def
@@ -538,7 +538,8 @@ read_builtin (WORD_LIST *list)
             so we have to save input_string temporarily, run the unwind-
             protects, then restore input_string so we can use it later */
          orig_input_string = 0;
-         input_string[i] = '\0';       /* make sure it's terminated */
+         if (i >= 0)
+           input_string[i] = '\0';     /* make sure it's terminated */
          if (i == 0)
            {
              t = (char *)xmalloc (1);
@@ -592,8 +593,7 @@ read_builtin (WORD_LIST *list)
          termsave.attrs = ttattrs;
 
          ttset = ttattrs;        
-         i = silent ? ttfd_cbreak (fd, &ttset) : ttfd_onechar (fd, &ttset);
-         if (i < 0)
+         if ((silent ? ttfd_cbreak (fd, &ttset) : ttfd_onechar (fd, &ttset)) < 0)
            sh_ttyerror (1);
          tty_modified = 1;
          add_unwind_protect (uw_ttyrestore, &termsave);
@@ -609,8 +609,7 @@ read_builtin (WORD_LIST *list)
       termsave.attrs = ttattrs;
 
       ttset = ttattrs;
-      i = ttfd_noecho (fd, &ttset);                    /* ttnoecho (); */
-      if (i < 0)
+      if (ttfd_noecho (fd, &ttset) < 0)
        sh_ttyerror (1);
 
       tty_modified = 1;

diff --git a/patchlevel.h b/patchlevel.h
index 79e18af40bcf27391cf24dff4555a5837e2c8b7a..13c6c07da3c1c24d84bf249cb1076863bd6bf045 100644 (file)
--- a/patchlevel.h
+++ b/patchlevel.h
@@ -25,6 +25,6 @@
    regexp `^#define[   ]*PATCHLEVEL', since that's what support/mkversion.sh
    looks for to find the patch level (for the sccs version string). */
 
-#define PATCHLEVEL 14
+#define PATCHLEVEL 15
 
 #endif /* _PATCHLEVEL_H_ */