From 987826deb1bdd394efa85602ad16922d160da8ae Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Tue, 3 Nov 2020 10:52:27 +0100 Subject: [PATCH] Bash: apply patches 12 through 18 as well MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Those fix some unintentional behaviour regarding autocompletion I stumbled across the other day. While there seems nothing security relevant in this, it irons out a few bugs. The full and up-to-date list of all Bash 5.0 patches can be obtained from https://ftp.gnu.org/gnu/bash/bash-5.0-patches/ . Signed-off-by: Peter Müller Signed-off-by: Michael Tremer --- lfs/bash | 4 +- src/patches/bash/bash50-012 | 64 ++++++++ src/patches/bash/bash50-013 | 73 +++++++++ src/patches/bash/bash50-014 | 52 +++++++ src/patches/bash/bash50-015 | 78 ++++++++++ src/patches/bash/bash50-016 | 58 ++++++++ src/patches/bash/bash50-017 | 289 ++++++++++++++++++++++++++++++++++++ src/patches/bash/bash50-018 | 45 ++++++ 8 files changed, 661 insertions(+), 2 deletions(-) create mode 100644 src/patches/bash/bash50-012 create mode 100644 src/patches/bash/bash50-013 create mode 100644 src/patches/bash/bash50-014 create mode 100644 src/patches/bash/bash50-015 create mode 100644 src/patches/bash/bash50-016 create mode 100644 src/patches/bash/bash50-017 create mode 100644 src/patches/bash/bash50-018 diff --git a/lfs/bash b/lfs/bash index 79c21896b3..9bac360c24 100644 --- a/lfs/bash +++ b/lfs/bash @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2019 IPFire Team # +# Copyright (C) 2007-2020 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -87,7 +87,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) sed -e "s/filename, RTLD_LAZY/filename, RTLD_NOW/" \ -i $(DIR_APP)/builtins/enable.def - for i in $$(seq 1 11); do \ + for i in $$(seq 1 18); do \ cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/bash/bash50-$$(printf "%03d" "$${i}") || exit 1; \ done diff --git a/src/patches/bash/bash50-012 b/src/patches/bash/bash50-012 new file mode 100644 index 0000000000..7470e76655 --- /dev/null +++ b/src/patches/bash/bash50-012 @@ -0,0 +1,64 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-012 + +Bug-Reported-by: lessbug@qq.com +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +When using previous-history to go back beyond the beginning of the history list, +it's possible to move to an incorrect partial line. + +Patch (apply with `patch -p0'): + +*** ../bash-5.0-patched/lib/readline/misc.c 2017-07-07 17:30:12.000000000 -0400 +--- lib/readline/misc.c 2019-05-16 11:43:46.000000000 -0400 +*************** +*** 577,580 **** +--- 590,594 ---- + { + HIST_ENTRY *old_temp, *temp; ++ int had_saved_line; + + if (count < 0) +*************** +*** 589,592 **** +--- 603,607 ---- + + /* If we don't have a line saved, then save this one. */ ++ had_saved_line = _rl_saved_line_for_history != 0; + rl_maybe_save_line (); + +*************** +*** 612,616 **** + if (temp == 0) + { +! rl_maybe_unsave_line (); + rl_ding (); + } +--- 627,632 ---- + if (temp == 0) + { +! if (had_saved_line == 0) +! _rl_free_saved_history_line (); + rl_ding (); + } +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash50-013 b/src/patches/bash/bash50-013 new file mode 100644 index 0000000000..e44fdb5053 --- /dev/null +++ b/src/patches/bash/bash50-013 @@ -0,0 +1,73 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-013 + +Bug-Reported-by: HIROSE Masaaki +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2019-05/msg00038.html + +Bug-Description: + +Reading history entries with timestamps can result in history entries joined +by linefeeds. + +Patch (apply with `patch -p0'): + +*** ../bash-5.0-patched/lib/readline/histfile.c 2018-06-11 09:14:52.000000000 -0400 +--- lib/readline/histfile.c 2019-05-16 15:55:57.000000000 -0400 +*************** +*** 370,376 **** + + has_timestamps = HIST_TIMESTAMP_START (buffer); +! history_multiline_entries += has_timestamps && history_write_timestamps; + + /* Skip lines until we are at FROM. */ + for (line_start = line_end = buffer; line_end < bufend && current_line < from; line_end++) + if (*line_end == '\n') +--- 370,378 ---- + + has_timestamps = HIST_TIMESTAMP_START (buffer); +! history_multiline_entries += has_timestamps && history_write_timestamps; + + /* Skip lines until we are at FROM. */ ++ if (has_timestamps) ++ last_ts = buffer; + for (line_start = line_end = buffer; line_end < bufend && current_line < from; line_end++) + if (*line_end == '\n') +*************** +*** 381,385 **** +--- 383,398 ---- + if (HIST_TIMESTAMP_START(p) == 0) + current_line++; ++ else ++ last_ts = p; + line_start = p; ++ /* If we are at the last line (current_line == from) but we have ++ timestamps (has_timestamps), then line_start points to the ++ text of the last command, and we need to skip to its end. */ ++ if (current_line >= from && has_timestamps) ++ { ++ for (line_end = p; line_end < bufend && *line_end != '\n'; line_end++) ++ ; ++ line_start = (*line_end == '\n') ? line_end + 1 : line_end; ++ } + } + + +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash50-014 b/src/patches/bash/bash50-014 new file mode 100644 index 0000000000..6cb49aae72 --- /dev/null +++ b/src/patches/bash/bash50-014 @@ -0,0 +1,52 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-014 + +Bug-Reported-by: Johannes Hielscher +Bug-Reference-ID: <20190208205048.77c25a83@hordevm> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2019-02/msg00032.html + +Bug-Description: + +If the current line is empty, using the emacs C-xC-e binding to enter the +editor will edit the previous command instead of the current (empty) one. + +Patch (apply with `patch -p0'): + +*** ../bash-5.0-patched/bashline.c 2019-01-16 16:13:21.000000000 -0500 +--- bashline.c 2019-02-11 11:18:57.000000000 -0500 +*************** +*** 962,970 **** + finished with the command, so we should not ignore the last command */ + using_history (); +! if (rl_line_buffer[0]) +! { +! current_command_line_count++; /* for rl_newline above */ +! bash_add_history (rl_line_buffer); +! } + current_command_line_count = 0; /* for dummy history entry */ + bash_add_history (""); +--- 965,970 ---- + finished with the command, so we should not ignore the last command */ + using_history (); +! current_command_line_count++; /* for rl_newline above */ +! bash_add_history (rl_line_buffer); + current_command_line_count = 0; /* for dummy history entry */ + bash_add_history (""); +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash50-015 b/src/patches/bash/bash50-015 new file mode 100644 index 0000000000..ff6e5e69d6 --- /dev/null +++ b/src/patches/bash/bash50-015 @@ -0,0 +1,78 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-015 + +Bug-Reported-by: Yu Kou +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2019-05/msg00032.html + +Bug-Description: + +If alias expansion is enabled when processing the command argument to the +`-c' option, an alias is defined in that command, and the command ends with +the invocation of that alias, the shell's command parser can prematurely +terminate before the entire command is executed. + +Patch (apply with `patch -p0'): + +*** ../bash-20190426/builtins/evalstring.c 2019-01-29 14:15:19.000000000 -0500 +--- builtins/evalstring.c 2019-05-15 14:19:36.000000000 -0400 +*************** +*** 92,95 **** +--- 92,96 ---- + running_trap == 0 && + *bash_input.location.string == '\0' && ++ parser_expanding_alias () == 0 && + command->type == cm_simple && + signal_is_trapped (EXIT_TRAP) == 0 && +*************** +*** 106,109 **** +--- 107,111 ---- + { + return (*bash_input.location.string == '\0' && ++ parser_expanding_alias () == 0 && + (command->value.Connection->connector == AND_AND || command->value.Connection->connector == OR_OR || command->value.Connection->connector == ';') && + command->value.Connection->second->type == cm_simple); +*************** +*** 291,295 **** + with_input_from_string (string, from_file); + clear_shell_input_line (); +! while (*(bash_input.location.string)) + { + command = (COMMAND *)NULL; +--- 293,297 ---- + with_input_from_string (string, from_file); + clear_shell_input_line (); +! while (*(bash_input.location.string) || parser_expanding_alias ()) + { + command = (COMMAND *)NULL; +*************** +*** 546,550 **** + + with_input_from_string (string, from_file); +! while (*(bash_input.location.string)) + { + command = (COMMAND *)NULL; +--- 548,552 ---- + + with_input_from_string (string, from_file); +! while (*(bash_input.location.string)) /* XXX - parser_expanding_alias () ? */ + { + command = (COMMAND *)NULL; +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash50-016 b/src/patches/bash/bash50-016 new file mode 100644 index 0000000000..87f232d7ad --- /dev/null +++ b/src/patches/bash/bash50-016 @@ -0,0 +1,58 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-016 + +Bug-Reported-by: sunnycemetery@gmail.com +Bug-Reference-ID: <20190316041534.GB22884@midnight> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2019-03/msg00070.html + +Bug-Description: + +Bash waits too long to reap /dev/fd process substitutions used as redirections +with loops and group commands, which can lead to file descriptor exhaustion. + +Patch (apply with `patch -p0'): + +*** ../bash-5.0-patched/execute_cmd.c 2019-04-19 15:46:36.000000000 -0400 +--- execute_cmd.c 2019-07-01 16:45:49.000000000 -0400 +*************** +*** 1104,1107 **** +--- 1085,1104 ---- + discard_unwind_frame ("internal_fifos"); + } ++ # if defined (HAVE_DEV_FD) ++ /* Reap process substitutions at the end of loops */ ++ switch (command->type) ++ { ++ case cm_while: ++ case cm_until: ++ case cm_for: ++ case cm_group: ++ # if defined (ARITH_FOR_COMMAND) ++ case cm_arith_for: ++ # endif ++ reap_procsubs (); ++ default: ++ break; ++ } ++ # endif /* HAVE_DEV_FD */ + #endif + + +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash50-017 b/src/patches/bash/bash50-017 new file mode 100644 index 0000000000..adfcb6a860 --- /dev/null +++ b/src/patches/bash/bash50-017 @@ -0,0 +1,289 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-017 + +Bug-Reported-by: Valentin Lab +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2020-03/msg00062.html + +Bug-Description: + +There were cases where patch 16 reaped process substitution file descriptors +(or FIFOs) and processes to early. This is a better fix for the problem that +bash50-016 attempted to solve. + +Patch (apply with `patch -p0'): + +*** ../bash-5.0-patched/subst.c 2019-08-29 11:16:49.000000000 -0400 +--- subst.c 2020-04-02 16:24:19.000000000 -0400 +*************** +*** 5337,5341 **** + } + +! char * + copy_fifo_list (sizep) + int *sizep; +--- 5337,5341 ---- + } + +! void * + copy_fifo_list (sizep) + int *sizep; +*************** +*** 5343,5347 **** + if (sizep) + *sizep = 0; +! return (char *)NULL; + } + +--- 5343,5347 ---- + if (sizep) + *sizep = 0; +! return (void *)NULL; + } + +*************** +*** 5409,5414 **** + if (fifo_list[i].file) + { +! fifo_list[j].file = fifo_list[i].file; +! fifo_list[j].proc = fifo_list[i].proc; + j++; + } +--- 5409,5419 ---- + if (fifo_list[i].file) + { +! if (i != j) +! { +! fifo_list[j].file = fifo_list[i].file; +! fifo_list[j].proc = fifo_list[i].proc; +! fifo_list[i].file = (char *)NULL; +! fifo_list[i].proc = 0; +! } + j++; + } +*************** +*** 5426,5433 **** + void + close_new_fifos (list, lsize) +! char *list; + int lsize; + { + int i; + + if (list == 0) +--- 5431,5439 ---- + void + close_new_fifos (list, lsize) +! void *list; + int lsize; + { + int i; ++ char *plist; + + if (list == 0) +*************** +*** 5437,5442 **** + } + +! for (i = 0; i < lsize; i++) +! if (list[i] == 0 && i < fifo_list_size && fifo_list[i].proc != -1) + unlink_fifo (i); + +--- 5443,5448 ---- + } + +! for (plist = (char *)list, i = 0; i < lsize; i++) +! if (plist[i] == 0 && i < fifo_list_size && fifo_list[i].proc != -1) + unlink_fifo (i); + +*************** +*** 5560,5568 **** + } + +! char * + copy_fifo_list (sizep) + int *sizep; + { +! char *ret; + + if (nfds == 0 || totfds == 0) +--- 5566,5574 ---- + } + +! void * + copy_fifo_list (sizep) + int *sizep; + { +! void *ret; + + if (nfds == 0 || totfds == 0) +*************** +*** 5570,5579 **** + if (sizep) + *sizep = 0; +! return (char *)NULL; + } + + if (sizep) + *sizep = totfds; +! ret = (char *)xmalloc (totfds * sizeof (pid_t)); + return (memcpy (ret, dev_fd_list, totfds * sizeof (pid_t))); + } +--- 5576,5585 ---- + if (sizep) + *sizep = 0; +! return (void *)NULL; + } + + if (sizep) + *sizep = totfds; +! ret = xmalloc (totfds * sizeof (pid_t)); + return (memcpy (ret, dev_fd_list, totfds * sizeof (pid_t))); + } +*************** +*** 5648,5655 **** + void + close_new_fifos (list, lsize) +! char *list; + int lsize; + { + int i; + + if (list == 0) +--- 5654,5662 ---- + void + close_new_fifos (list, lsize) +! void *list; + int lsize; + { + int i; ++ pid_t *plist; + + if (list == 0) +*************** +*** 5659,5664 **** + } + +! for (i = 0; i < lsize; i++) +! if (list[i] == 0 && i < totfds && dev_fd_list[i]) + unlink_fifo (i); + +--- 5666,5671 ---- + } + +! for (plist = (pid_t *)list, i = 0; i < lsize; i++) +! if (plist[i] == 0 && i < totfds && dev_fd_list[i]) + unlink_fifo (i); + +*** ../bash-5.0-patched/subst.h 2018-10-21 18:46:09.000000000 -0400 +--- subst.h 2020-04-02 16:29:28.000000000 -0400 +*************** +*** 274,280 **** + extern void unlink_fifo __P((int)); + +! extern char *copy_fifo_list __P((int *)); +! extern void unlink_new_fifos __P((char *, int)); +! extern void close_new_fifos __P((char *, int)); + + extern void clear_fifo_list __P((void)); +--- 274,279 ---- + extern void unlink_fifo __P((int)); + +! extern void *copy_fifo_list __P((int *)); +! extern void close_new_fifos __P((void *, int)); + + extern void clear_fifo_list __P((void)); +*** ../bash-5.0-patched/execute_cmd.c 2020-02-06 20:16:48.000000000 -0500 +--- execute_cmd.c 2020-04-02 17:00:10.000000000 -0400 +*************** +*** 565,569 **** + #if defined (PROCESS_SUBSTITUTION) + volatile int ofifo, nfifo, osize, saved_fifo; +! volatile char *ofifo_list; + #endif + +--- 565,569 ---- + #if defined (PROCESS_SUBSTITUTION) + volatile int ofifo, nfifo, osize, saved_fifo; +! volatile void *ofifo_list; + #endif + +*************** +*** 751,760 **** + # endif + +! if (variable_context != 0) /* XXX - also if sourcelevel != 0? */ + { + ofifo = num_fifos (); + ofifo_list = copy_fifo_list ((int *)&osize); + begin_unwind_frame ("internal_fifos"); +! add_unwind_protect (xfree, ofifo_list); + saved_fifo = 1; + } +--- 751,762 ---- + # endif + +! /* XXX - also if sourcelevel != 0? */ +! if (variable_context != 0) + { + ofifo = num_fifos (); + ofifo_list = copy_fifo_list ((int *)&osize); + begin_unwind_frame ("internal_fifos"); +! if (ofifo_list) +! add_unwind_protect (xfree, ofifo_list); + saved_fifo = 1; + } +*************** +*** 1100,1123 **** + nfifo = num_fifos (); + if (nfifo > ofifo) +! close_new_fifos ((char *)ofifo_list, osize); + free ((void *)ofifo_list); + discard_unwind_frame ("internal_fifos"); + } +- # if defined (HAVE_DEV_FD) +- /* Reap process substitutions at the end of loops */ +- switch (command->type) +- { +- case cm_while: +- case cm_until: +- case cm_for: +- case cm_group: +- # if defined (ARITH_FOR_COMMAND) +- case cm_arith_for: +- # endif +- reap_procsubs (); +- default: +- break; +- } +- # endif /* HAVE_DEV_FD */ + #endif + +--- 1102,1109 ---- + nfifo = num_fifos (); + if (nfifo > ofifo) +! close_new_fifos ((void *)ofifo_list, osize); + free ((void *)ofifo_list); + discard_unwind_frame ("internal_fifos"); + } + #endif + + +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash50-018 b/src/patches/bash/bash50-018 new file mode 100644 index 0000000000..6f1b1c7ca3 --- /dev/null +++ b/src/patches/bash/bash50-018 @@ -0,0 +1,45 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.0 +Patch-ID: bash50-018 + +Bug-Reported-by: oguzismailuysal@gmail.com +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2019-10/msg00098.html + +Bug-Description: + +In certain cases, bash does not perform quoted null removal on patterns +that are used as part of word expansions such as ${parameter##pattern}, so +empty patterns are treated as non-empty. + +Patch (apply with `patch -p0'): + +*** ../bash-5.0.17/subst.c 2020-04-02 17:14:58.000000000 -0400 +--- subst.c 2020-07-09 15:28:19.000000000 -0400 +*************** +*** 5113,5116 **** +--- 5113,5118 ---- + (int *)NULL, (int *)NULL) + : (WORD_LIST *)0; ++ if (l) ++ word_list_remove_quoted_nulls (l); + pat = string_list (l); + dispose_words (l); + +*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 18 + + #endif /* _PATCHLEVEL_H_ */ -- 2.39.2