1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- BASH PATCH REPORT
- =================
- Bash-Release: 4.3
- Patch-ID: bash43-029
- Bug-Reported-by: Michal Zalewski <lcamtuf@coredump.cx>
- Bug-Reference-ID:
- Bug-Reference-URL:
- Bug-Description:
- When bash is parsing a function definition that contains a here-document
- delimited by end-of-file (or end-of-string), it leaves the closing delimiter
- uninitialized. This can result in an invalid memory access when the parsed
- function is later copied.
- Patch (apply with `patch -p0'):
- --- a/make_cmd.c
- +++ b/make_cmd.c
- @@ -692,6 +692,7 @@ make_redirection (source, instruction, d
- /* First do the common cases. */
- temp->redirector = source;
- temp->redirectee = dest_and_filename;
- + temp->here_doc_eof = 0;
- temp->instruction = instruction;
- temp->flags = 0;
- temp->rflags = flags;
- --- a/copy_cmd.c
- +++ b/copy_cmd.c
- @@ -126,7 +126,7 @@ copy_redirect (redirect)
- {
- case r_reading_until:
- case r_deblank_reading_until:
- - new_redirect->here_doc_eof = savestring (redirect->here_doc_eof);
- + new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0;
- /*FALLTHROUGH*/
- case r_reading_string:
- case r_appending_to:
- --- a/patchlevel.h
- +++ b/patchlevel.h
- @@ -25,6 +25,6 @@
- regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
- looks for to find the patch level (for the sccs version string). */
-
- -#define PATCHLEVEL 28
- +#define PATCHLEVEL 29
-
- #endif /* _PATCHLEVEL_H_ */
|