wok-stable rev 12443
bash: remove CVE-2014-7169.patch
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Wed Dec 10 10:20:40 2014 +0100 (2014-12-10) |
| parents | d326ad68a40a |
| children | 16e488e884db |
| files | bash/stuff/CVE-2014-7169.patch bash/stuff/funcdef-import-4.2.patch |
line diff
1.1 --- a/bash/stuff/CVE-2014-7169.patch Wed Oct 08 15:12:31 2014 +0200 1.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 1.3 @@ -1,12 +0,0 @@ 1.4 -*** parse.y 2014-08-26 15:09:42.000000000 -0400 1.5 ---- parse.y 2014-09-24 22:47:28.000000000 -0400 1.6 -*************** 1.7 -*** 2849,2852 **** 1.8 ---- 2849,2854 ---- 1.9 - word_desc_to_read = (WORD_DESC *)NULL; 1.10 - 1.11 -+ eol_ungetc_lookahead = 0; 1.12 -+ 1.13 - current_token = '\n'; /* XXX */ 1.14 - last_read_token = '\n'; 1.15 -
2.1 --- a/bash/stuff/funcdef-import-4.2.patch Wed Oct 08 15:12:31 2014 +0200 2.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 2.3 @@ -1,72 +0,0 @@ 2.4 -*** ../bash-4.2.47/builtins/common.h 2010-05-30 18:31:51.000000000 -0400 2.5 ---- builtins/common.h 2014-09-16 19:35:45.000000000 -0400 2.6 -*************** 2.7 -*** 36,39 **** 2.8 ---- 36,41 ---- 2.9 - 2.10 - /* Flags for describe_command, shared between type.def and command.def */ 2.11 -+ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ 2.12 -+ #define SEVAL_ONECMD 0x100 /* only allow a single command */ 2.13 - #define CDESC_ALL 0x001 /* type -a */ 2.14 - #define CDESC_SHORTDESC 0x002 /* command -V */ 2.15 -*** ../bash-4.2.47/builtins/evalstring.c 2010-11-23 08:22:15.000000000 -0500 2.16 ---- builtins/evalstring.c 2014-09-16 19:35:45.000000000 -0400 2.17 -*************** 2.18 -*** 262,265 **** 2.19 ---- 262,273 ---- 2.20 - struct fd_bitmap *bitmap; 2.21 - 2.22 -+ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) 2.23 -+ { 2.24 -+ internal_warning ("%s: ignoring function definition attempt", from_file); 2.25 -+ should_jump_to_top_level = 0; 2.26 -+ last_result = last_command_exit_value = EX_BADUSAGE; 2.27 -+ break; 2.28 -+ } 2.29 -+ 2.30 - bitmap = new_fd_bitmap (FD_BITMAP_SIZE); 2.31 - begin_unwind_frame ("pe_dispose"); 2.32 -*************** 2.33 -*** 322,325 **** 2.34 ---- 330,336 ---- 2.35 - dispose_fd_bitmap (bitmap); 2.36 - discard_unwind_frame ("pe_dispose"); 2.37 -+ 2.38 -+ if (flags & SEVAL_ONECMD) 2.39 -+ break; 2.40 - } 2.41 - } 2.42 -*** ../bash-4.2.47/variables.c 2011-03-01 16:15:20.000000000 -0500 2.43 ---- variables.c 2014-09-16 19:35:45.000000000 -0400 2.44 -*************** 2.45 -*** 348,357 **** 2.46 - strcpy (temp_string + char_index + 1, string); 2.47 - 2.48 -! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); 2.49 -! 2.50 -! /* Ancient backwards compatibility. Old versions of bash exported 2.51 -! functions like name()=() {...} */ 2.52 -! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') 2.53 -! name[char_index - 2] = '\0'; 2.54 - 2.55 - if (temp_var = find_function (name)) 2.56 ---- 348,355 ---- 2.57 - strcpy (temp_string + char_index + 1, string); 2.58 - 2.59 -! /* Don't import function names that are invalid identifiers from the 2.60 -! environment. */ 2.61 -! if (legal_identifier (name)) 2.62 -! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); 2.63 - 2.64 - if (temp_var = find_function (name)) 2.65 -*************** 2.66 -*** 362,369 **** 2.67 - else 2.68 - report_error (_("error importing function definition for `%s'"), name); 2.69 -- 2.70 -- /* ( */ 2.71 -- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') 2.72 -- name[char_index - 2] = '('; /* ) */ 2.73 - } 2.74 - #if defined (ARRAY_VARS) 2.75 ---- 360,363 ----