commit f5cf6ed0d715d3fd68cd3fa8847d81d50f161b3d Author: Fredrik Rinnestam <fredrik@crux.nu> Date: Sun Sep 28 16:02:30 2014 +0200 bash: updated to 4.3.27. (official patches) diff --git a/bash/.md5sum b/bash/.md5sum index cd32ccd..c4e72a8 100644 --- a/bash/.md5sum +++ b/bash/.md5sum @@ -1,4 +1,3 @@ -ef372fa0f3a246a20f6c2b75d04eaee1 CVE-2014-7169.patch -0bb8bde611b03e32a010c6aa373fa2d4 bash-4.3.25.patch.gz +eee0d7fbb6d04d52a6a54862b7a9a56c bash-4.3.27.patch.gz 81348932d5da294953e15d4814c74dd1 bash-4.3.tar.gz be4c698ea8bb7d52eab2d6ce2c3fab8e profile diff --git a/bash/CVE-2014-7169.patch b/bash/CVE-2014-7169.patch deleted file mode 100644 index e48141b..0000000 --- a/bash/CVE-2014-7169.patch +++ /dev/null @@ -1,60 +0,0 @@ - BASH PATCH REPORT - ================= - -Bash-Release: 4.3 -Patch-ID: bash43-026 - -Bug-Reported-by: Tavis Ormandy <taviso () cmpxchg8b com> -Bug-Reference-ID: -Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 - -Bug-Description: - -Under certain circumstances, bash can incorrectly save a lookahead character and -return it on a subsequent call, even when reading a new line. - -Patch (apply with `patch -p0'): - -*** ../bash-4.3.25/parse.y 2014-07-30 10:14:31.000000000 -0400 ---- parse.y 2014-09-25 20:20:21.000000000 -0400 -*************** -*** 2954,2957 **** ---- 2954,2959 ---- - word_desc_to_read = (WORD_DESC *)NULL; - -+ eol_ungetc_lookahead = 0; -+ - current_token = '\n'; /* XXX */ - last_read_token = '\n'; -*** ../bash-4.3.25/y.tab.c 2014-07-30 10:14:32.000000000 -0400 ---- y.tab.c 2014-09-25 20:21:48.000000000 -0400 -*************** -*** 5266,5269 **** ---- 5266,5271 ---- - word_desc_to_read = (WORD_DESC *)NULL; - -+ eol_ungetc_lookahead = 0; -+ - current_token = '\n'; /* XXX */ - last_read_token = '\n'; -*************** -*** 8540,8542 **** - } - #endif /* HANDLE_MULTIBYTE */ -- ---- 8542,8543 ---- -*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 ---- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 -*************** -*** 26,30 **** - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 25 - - #endif /* _PATCHLEVEL_H_ */ ---- 26,30 ---- - looks for to find the patch level (for the sccs version string). */ - -! #define PATCHLEVEL 26 - - #endif /* _PATCHLEVEL_H_ */ diff --git a/bash/Pkgfile b/bash/Pkgfile index 45e8a91..044a6fb 100644 --- a/bash/Pkgfile +++ b/bash/Pkgfile @@ -4,16 +4,15 @@ # Depends on: ncurses readline name=bash -version=4.3.25 -release=2 +version=4.3.27 +release=1 source=(http://ftp.gnu.org/gnu/$name/$name-${version:0:3}.tar.gz \ - $name-$version.patch.gz profile CVE-2014-7169.patch) + $name-$version.patch.gz profile) build() { cd $name-${version:0:3} gunzip -c $SRC/$name-$version.patch.gz | patch -p0 - patch -p0 -i $SRC/CVE-2014-7169.patch ./configure --prefix=/usr \ --exec-prefix= \ diff --git a/bash/bash-4.3.25.patch.gz b/bash/bash-4.3.25.patch.gz deleted file mode 100644 index 3918884..0000000 Binary files a/bash/bash-4.3.25.patch.gz and /dev/null differ diff --git a/bash/bash-4.3.27.patch.gz b/bash/bash-4.3.27.patch.gz new file mode 100644 index 0000000..56b0bac Binary files /dev/null and b/bash/bash-4.3.27.patch.gz differ diff --git a/bash/unofficial.patch b/bash/unofficial.patch new file mode 100644 index 0000000..a7166a5 --- /dev/null +++ b/bash/unofficial.patch @@ -0,0 +1,146 @@ +--- ../bash-4.2-orig/variables.c 2014-09-25 13:07:59.313209541 +0200 ++++ variables.c 2014-09-25 13:15:29.869420719 +0200 +@@ -268,7 +268,7 @@ + static void propagate_temp_var __P((PTR_T)); + static void dispose_temporary_env __P((sh_free_func_t *)); + +-static inline char *mk_env_string __P((const char *, const char *)); ++static inline char *mk_env_string __P((const char *, const char *, int)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); + static char **make_func_export_array __P((void)); +@@ -301,6 +301,14 @@ + #endif + } + ++/* Prefix and suffix for environment variable names which contain ++ shell functions. */ ++#define FUNCDEF_PREFIX "BASH_FUNC_" ++#define FUNCDEF_PREFIX_LEN (strlen (FUNCDEF_PREFIX)) ++#define FUNCDEF_SUFFIX "()" ++#define FUNCDEF_SUFFIX_LEN (strlen (FUNCDEF_SUFFIX)) ++ ++ + /* Initialize the shell variables from the current environment. + If PRIVMODE is nonzero, don't import functions from ENV or + parse $SHELLOPTS. */ +@@ -338,27 +346,39 @@ + + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +- if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) +- { +- string_length = strlen (string); +- temp_string = (char *)xmalloc (3 + string_length + char_index); ++ if (privmode == 0 && read_but_dont_execute == 0 ++ && STREQN (FUNCDEF_PREFIX, name, FUNCDEF_PREFIX_LEN) ++ && STREQ (name + char_index - FUNCDEF_SUFFIX_LEN, FUNCDEF_SUFFIX) ++ && STREQN ("() {", string, 4)) ++ { ++ size_t name_length ++ = char_index - (FUNCDEF_PREFIX_LEN + FUNCDEF_SUFFIX_LEN); ++ char *temp_name = name + FUNCDEF_PREFIX_LEN; ++ /* Temporarily remove the suffix. */ ++ temp_name[name_length] = '\0'; + +- strcpy (temp_string, name); +- temp_string[char_index] = ' '; +- strcpy (temp_string + char_index + 1, string); ++ string_length = strlen (string); ++ temp_string = (char *)xmalloc (name_length + 1 + string_length + 1); ++ memcpy (temp_string, temp_name, name_length); ++ temp_string[name_length] = ' '; ++ memcpy (temp_string + name_length + 1, string, string_length + 1); + + /* Don't import function names that are invalid identifiers from the + environment. */ +- if (legal_identifier (name)) +- parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); ++ if (legal_identifier (temp_name)) ++ parse_and_execute (temp_string, temp_name, ++ SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +- if (temp_var = find_function (name)) ++ if (temp_var = find_function (temp_name)) + { + VSETATTR (temp_var, (att_exported|att_imported)); + array_needs_making = 1; + } + else + report_error (_("error importing function definition for `%s'"), name); ++ ++ /* Restore the original suffix. */ ++ temp_name[name_length] = FUNCDEF_SUFFIX[0]; + } + #if defined (ARRAY_VARS) + # if 0 +@@ -2537,7 +2557,7 @@ + var->context = variable_context; /* XXX */ + + INVALIDATE_EXPORTSTR (var); +- var->exportstr = mk_env_string (name, value); ++ var->exportstr = mk_env_string (name, value, 0); + + array_needs_making = 1; + +@@ -3388,22 +3408,43 @@ + /* */ + /* **************************************************************** */ + ++/* Returns the string NAME=VALUE if !FUNCTIONP or if VALUE == NULL (in ++ which case it is treated as empty). Otherwise, decorate NAME with ++ FUNCDEF_PREFIX and FUNCDEF_SUFFIX, and return a string of the form ++ FUNCDEF_PREFIX NAME FUNCDEF_SUFFIX = VALUE (without spaces). */ + static inline char * +-mk_env_string (name, value) ++mk_env_string (name, value, functionp) + const char *name, *value; ++ int functionp; + { +- int name_len, value_len; +- char *p; ++ size_t name_len, value_len; ++ char *p, *q; + + name_len = strlen (name); + value_len = STRLEN (value); +- p = (char *)xmalloc (2 + name_len + value_len); +- strcpy (p, name); +- p[name_len] = '='; ++ if (functionp && value != NULL) ++ { ++ p = (char *)xmalloc (FUNCDEF_PREFIX_LEN + name_len + FUNCDEF_SUFFIX_LEN ++ + 1 + value_len + 1); ++ q = p; ++ memcpy (q, FUNCDEF_PREFIX, FUNCDEF_PREFIX_LEN); ++ q += FUNCDEF_PREFIX_LEN; ++ memcpy (q, name, name_len); ++ q += name_len; ++ memcpy (q, FUNCDEF_SUFFIX, FUNCDEF_SUFFIX_LEN); ++ q += FUNCDEF_SUFFIX_LEN; ++ } ++ else ++ { ++ p = (char *)xmalloc (name_len + 1 + value_len + 1); ++ memcpy (p, name, name_len); ++ q = p + name_len; ++ } ++ q[0] = '='; + if (value && *value) +- strcpy (p + name_len + 1, value); ++ memcpy (q + 1, value, value_len + 1); + else +- p[name_len + 1] = '\0'; ++ q[1] = '\0'; + return (p); + } + +@@ -3489,7 +3530,7 @@ + /* Gee, I'd like to get away with not using savestring() if we're + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +- : mk_env_string (var->name, value); ++ : mk_env_string (var->name, value, function_p (var)); + + if (USE_EXPORTSTR == 0) + SAVE_EXPORTSTR (var, list[list_index]);