From: Chet Ramey <chet.ramey@case.edu>
Date: Mon, 13 May 2019 14:04:20 +0000 (-0400)
Subject: commit bash-20190430 snapshot
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=729acaff190e0282dda722e5fbb152f000a66d3d;p=thirdparty%2Fbash.git

commit bash-20190430 snapshot
---

diff --git a/CWRU/CWRU.chlog b/CWRU/CWRU.chlog
index e51392925..adbd2b62a 100644
--- a/CWRU/CWRU.chlog
+++ b/CWRU/CWRU.chlog
@@ -5865,3 +5865,41 @@ builtins/read.def
 	  don't terminate the buffer and go back to read another character;
 	  allow the NULL to pass through and terminate the read.
 	  Fixes bug report from Stephane Chazelas <stephane.chazelas@gmail.com>
+
+				    5/9
+				    ---
+bashhist.c
+	- bash_delete_histent: decrement history_lines_this_session only if
+	  remove_history returns a non-null history entry, and return failure
+	  if it does return a null entry
+
+builtins/history.def
+	- history_builtin: when checking the argument to -d, display an error
+	  if the argument is >= history_base + history_length, since that's
+	  what history_get and remove_history check. Fixes issue reported by
+	  <jr@saturn.site>
+
+support/shobj-conf
+	- hpux11: change stanza to create shared libraries on later versions of
+	  HPUX 11. Contributed by Michael Osipov <michael.osipov@siemens.com>
+
+lib/readline/terminal.c
+	- _rl_init_terminal_io: assume TGETENT_BROKEN defined means that tgetent
+	  returns 0 on success, as on HPUX 11. Bug reported by Michael Osipov
+	  <michael.osipov@siemens.com>
+
+configure.ac
+	- hpux: add -DTGETENT_BROKEN to LOCAL_CFLAGS. Still need to do this
+	  in the readline configure.ac
+
+execute_cmd.c
+	- select_builtin: set executing_builtin around the call to read_builtin
+	  so we can run traps if the read call is interrupted. From a report
+	  from Andreas Kusalananda Kähäri <andreas.kahari@abc.se>
+
+				   5/12
+				   ----
+doc/bashref.texi
+	- The Restricted Shell: add some language detailing the weaknesses of
+	  the restricted shell mode in isolation, inspired by a discussion on
+	  the zsh mailing list
diff --git a/bashhist.c b/bashhist.c
index ed16d7a71..9ca29e53d 100644
--- a/bashhist.c
+++ b/bashhist.c
@@ -359,10 +359,11 @@ bash_delete_histent (i)
 
   discard = remove_history (i);
   if (discard)
-    free_history_entry (discard);
-  history_lines_this_session--;
-
-  return 1;
+    {
+      free_history_entry (discard);
+      history_lines_this_session--;
+    }
+  return discard != 0;
 }
 
 int
diff --git a/builtins/history.def b/builtins/history.def
index 77093a455..5369ff23b 100644
--- a/builtins/history.def
+++ b/builtins/history.def
@@ -243,7 +243,7 @@ range_error:
 	    }
 	  opt = ind + history_base;	/* compensate for opt - history_base below */
 	}
-      else if ((delete_offset < history_base) || (delete_offset > (history_base + history_length)))
+      else if ((delete_offset < history_base) || (delete_offset >= (history_base + history_length)))
 	{
 	  sh_erange (delete_arg, _("history position"));
 	  return (EXECUTION_FAILURE);
diff --git a/configure b/configure
index 9db96f16a..21a81cb16 100755
--- a/configure
+++ b/configure
@@ -20226,8 +20226,8 @@ sysv4*)		$as_echo "#define SVR4 1" >>confdefs.h
  ;;
 sysv5*)		$as_echo "#define SVR5 1" >>confdefs.h
  ;;
-hpux9*)		LOCAL_CFLAGS="-DHPUX9 -DHPUX" ;;
-hpux*)		LOCAL_CFLAGS=-DHPUX ;;
+hpux9*)		LOCAL_CFLAGS="-DHPUX9 -DHPUX -DTGETENT_BROKEN" ;;
+hpux*)		LOCAL_CFLAGS="-DHPUX -DTGETENT_BROKEN" ;;
 dgux*)		LOCAL_CFLAGS=-D_DGUX_SOURCE; LOCAL_LIBS=-ldgc ;;
 isc*)		LOCAL_CFLAGS=-Disc386 ;;
 rhapsody*)	LOCAL_CFLAGS=-DRHAPSODY ;;
diff --git a/configure.ac b/configure.ac
index 76264adec..7bff7f915 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1129,8 +1129,8 @@ sysv4.2*)	AC_DEFINE(SVR4_2)
 		AC_DEFINE(SVR4) ;;
 sysv4*)		AC_DEFINE(SVR4) ;;
 sysv5*)		AC_DEFINE(SVR5) ;;
-hpux9*)		LOCAL_CFLAGS="-DHPUX9 -DHPUX" ;;
-hpux*)		LOCAL_CFLAGS=-DHPUX ;;
+hpux9*)		LOCAL_CFLAGS="-DHPUX9 -DHPUX -DTGETENT_BROKEN" ;;
+hpux*)		LOCAL_CFLAGS="-DHPUX -DTGETENT_BROKEN" ;;
 dgux*)		LOCAL_CFLAGS=-D_DGUX_SOURCE; LOCAL_LIBS=-ldgc ;;
 isc*)		LOCAL_CFLAGS=-Disc386 ;;
 rhapsody*)	LOCAL_CFLAGS=-DRHAPSODY ;;
diff --git a/doc/bashref.texi b/doc/bashref.texi
index 7678845b9..5781d296a 100644
--- a/doc/bashref.texi
+++ b/doc/bashref.texi
@@ -7548,6 +7548,19 @@ When a command that is found to be a shell script is executed
 (@pxref{Shell Scripts}), @code{rbash} turns off any restrictions in
 the shell spawned to execute the script.
 
+The restricted shell mode is only one component of a useful restricted
+environment. It should be accompanied by setting @env{PATH} to a value
+that allows execution of only a few verified commands (commands that
+allow shell escapes are particularly vulnerable), leaving the user
+in a non-writable directory other than his home directory after login,
+not allowing the restricted shell to execute shell scripts, and cleaning
+the environment of variables that cause some commands to modify their
+behavior (e.g., @env{VISUAL} or @{PAGER}).
+
+Modern systems provide more secure ways to implement a restricted environment,
+such as @code{jails}, @code{zones}, or @code{containers}.
+
+
 @node Bash POSIX Mode
 @section Bash POSIX Mode
 @cindex POSIX Mode
diff --git a/doc/version.texi b/doc/version.texi
index abb7722f9..9838a1a8a 100644
--- a/doc/version.texi
+++ b/doc/version.texi
@@ -2,10 +2,10 @@
 Copyright (C) 1988-2019 Free Software Foundation, Inc.
 @end ignore
 
-@set LASTCHANGE Sat Apr 20 12:32:57 EDT 2019
+@set LASTCHANGE Sun May 12 13:29:23 MDT 2019
 
 @set EDITION 5.0
 @set VERSION 5.0
 
-@set UPDATED 20 April 2019
-@set UPDATED-MONTH April 2019
+@set UPDATED 12 May 2019
+@set UPDATED-MONTH May 2019
diff --git a/execute_cmd.c b/execute_cmd.c
index 7f5f41f6c..17d40e414 100644
--- a/execute_cmd.c
+++ b/execute_cmd.c
@@ -3263,7 +3263,7 @@ select_query (list, list_len, prompt, print_menu)
      char *prompt;
      int print_menu;
 {
-  int max_elem_len, indices_len, len;
+  int max_elem_len, indices_len, len, r, oe;
   intmax_t reply;
   WORD_LIST *l;
   char *repl_string, *t;
@@ -3297,7 +3297,11 @@ select_query (list, list_len, prompt, print_menu)
       fflush (stderr);
       QUIT;
 
-      if (read_builtin ((WORD_LIST *)NULL) != EXECUTION_SUCCESS)
+      oe = executing_builtin;
+      executing_builtin = 1;
+      r = read_builtin ((WORD_LIST *)NULL);
+      executing_builtin = oe;
+      if (r != EXECUTION_SUCCESS)
 	{
 	  putchar ('\n');
 	  return ((char *)NULL);
diff --git a/lib/readline/terminal.c b/lib/readline/terminal.c
index e55738977..fa0043820 100644
--- a/lib/readline/terminal.c
+++ b/lib/readline/terminal.c
@@ -483,7 +483,11 @@ _rl_init_terminal_io (const char *terminal_name)
       tgetent_ret = tgetent (term_buffer, term);
     }
 
+#ifdef TGETENT_BROKEN
+  if (tgetent_ret < 0)
+#else
   if (tgetent_ret <= 0)
+#endif
     {
       FREE (term_string_buffer);
       FREE (term_buffer);
diff --git a/support/shobj-conf b/support/shobj-conf
index 7920f1b5c..95fa1ae7e 100644
--- a/support/shobj-conf
+++ b/support/shobj-conf
@@ -402,18 +402,15 @@ hpux11*)
 	SHLIB_STATUS=unsupported
 
 	# If you are using the HP ANSI C compiler, you can uncomment and use
-	# this code (I have not tested it)
-#	SHOBJ_STATUS=supported
-#	SHLIB_STATUS=supported
-#
+	# this code from michael.osipov@siemens.com (I have not tested it)
 #	SHOBJ_CFLAGS='+z'
-#	SHOBJ_LD='ld'
-#	SHOBJ_LDFLAGS='-b +s +h $@'
+#	SHOBJ_LD='$(CC)'
+#	SHOBJ_LDFLAGS='-b -Wl,+s -Wl,+h,$@'
 #
-#	SHLIB_XLDFLAGS='+b $(libdir)'
-#	SHLIB_LIBSUFF='sl'
+#	SHLIB_XLDFLAGS='-Wl,+b,$(libdir)'
+#	SHLIB_LIBSUFF='so'
 #	SHLIB_LIBVERSION='$(SHLIB_LIBSUFF).$(SHLIB_MAJOR)'	
-
+#	SHLIB_LIBS='$(TERMCAP_LIB)'
 	;;
 
 sysv4*-*gcc*)