SF.net SVN: gar:[24193] csw/mgar/pkg/bash/trunk
chninkel at users.sourceforge.net
chninkel at users.sourceforge.net
Sat Oct 18 14:33:14 CEST 2014
Revision: 24193
http://sourceforge.net/p/gar/code/24193
Author: chninkel
Date: 2014-10-18 12:33:12 +0000 (Sat, 18 Oct 2014)
Log Message:
-----------
bash/trunk: update to patch level 30 and removed security patches superseded by upstream patches
Modified Paths:
--------------
csw/mgar/pkg/bash/trunk/Makefile
csw/mgar/pkg/bash/trunk/files/changelog.CSW
Removed Paths:
-------------
csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-0.patch
csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-1.patch
csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-2.patch
Modified: csw/mgar/pkg/bash/trunk/Makefile
===================================================================
--- csw/mgar/pkg/bash/trunk/Makefile 2014-10-17 14:21:45 UTC (rev 24192)
+++ csw/mgar/pkg/bash/trunk/Makefile 2014-10-18 12:33:12 UTC (rev 24193)
@@ -13,7 +13,7 @@
###### Package information #######
NAME = bash
-VERSION = 4.3.25
+VERSION = 4.3.30
GARTYPE = v2
DESCRIPTION = A sh-compatible command language interpreter
@@ -74,12 +74,6 @@
# add /opt/csw/bin in the hardcoded paths used for auto-selecting the EDITOR variable
PATCHFILES += 0001-bashbug-editor-path.patch
-# Serie of patches taken from fedora to fix CVE-2014-7169
-# see https://access.redhat.com/articles/1200223 for impacts of the patch
-PATCHFILES += bash-4.2-cve-2014-7169-0.patch
-PATCHFILES += bash-4.2-cve-2014-7169-1.patch
-PATCHFILES += bash-4.2-cve-2014-7169-2.patch
-
LICENSE = COPYING
# we add CSW bash to the /etc/shells files using the build script
Deleted: csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-0.patch
===================================================================
--- csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-0.patch 2014-10-17 14:21:45 UTC (rev 24192)
+++ csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-0.patch 2014-10-18 12:33:12 UTC (rev 24193)
@@ -1,12 +0,0 @@
-*** ../bash-20140912/parse.y 2014-08-26 15:09:42.000000000 -0400
---- parse.y 2014-09-24 22:47:28.000000000 -0400
-***************
-*** 2959,2962 ****
---- 2959,2964 ----
- word_desc_to_read = (WORD_DESC *)NULL;
-
-+ eol_ungetc_lookahead = 0;
-+
- current_token = '\n'; /* XXX */
- last_read_token = '\n';
-
Deleted: csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-1.patch
===================================================================
--- csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-1.patch 2014-10-17 14:21:45 UTC (rev 24192)
+++ csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-1.patch 2014-10-18 12:33:12 UTC (rev 24193)
@@ -1,155 +0,0 @@
---- ../bash-4.2-orig/variables.c 2014-09-25 13:07:59.313209541 +0200
-+++ variables.c 2014-09-25 13:15:29.869420719 +0200
-@@ -268,7 +268,7 @@
- static void propagate_temp_var __P((PTR_T));
- static void dispose_temporary_env __P((sh_free_func_t *));
-
--static inline char *mk_env_string __P((const char *, const char *));
-+static inline char *mk_env_string __P((const char *, const char *, int));
- static char **make_env_array_from_var_list __P((SHELL_VAR **));
- static char **make_var_export_array __P((VAR_CONTEXT *));
- static char **make_func_export_array __P((void));
-@@ -301,6 +301,14 @@
- #endif
- }
-
-+/* Prefix and suffix for environment variable names which contain
-+ shell functions. */
-+#define FUNCDEF_PREFIX "BASH_FUNC_"
-+#define FUNCDEF_PREFIX_LEN (strlen (FUNCDEF_PREFIX))
-+#define FUNCDEF_SUFFIX "()"
-+#define FUNCDEF_SUFFIX_LEN (strlen (FUNCDEF_SUFFIX))
-+
-+
- /* Initialize the shell variables from the current environment.
- If PRIVMODE is nonzero, don't import functions from ENV or
- parse $SHELLOPTS. */
-@@ -338,36 +346,48 @@
-
- /* If exported function, define it now. Don't import functions from
- the environment in privileged mode. */
-- if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
-- {
-- string_length = strlen (string);
-- temp_string = (char *)xmalloc (3 + string_length + char_index);
-+ if (privmode == 0 && read_but_dont_execute == 0
-+ && STREQN (FUNCDEF_PREFIX, name, FUNCDEF_PREFIX_LEN)
-+ && STREQ (name + char_index - FUNCDEF_SUFFIX_LEN, FUNCDEF_SUFFIX)
-+ && STREQN ("() {", string, 4))
-+ {
-+ size_t name_length
-+ = char_index - (FUNCDEF_PREFIX_LEN + FUNCDEF_SUFFIX_LEN);
-+ char *temp_name = name + FUNCDEF_PREFIX_LEN;
-+ /* Temporarily remove the suffix. */
-+ temp_name[name_length] = '\0';
-
-- strcpy (temp_string, name);
-- temp_string[char_index] = ' ';
-- strcpy (temp_string + char_index + 1, string);
-+ string_length = strlen (string);
-+ temp_string = (char *)xmalloc (name_length + 1 + string_length + 1);
-+ memcpy (temp_string, temp_name, name_length);
-+ temp_string[name_length] = ' ';
-+ memcpy (temp_string + name_length + 1, string, string_length + 1);
-
- /* Don't import function names that are invalid identifiers from the
- environment, though we still allow them to be defined as shell
- variables. */
-- if (legal_identifier (name))
-- parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
-+ if (legal_identifier (temp_name))
-+ parse_and_execute (temp_string, temp_name,
-+ SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
-
-- if (temp_var = find_function (name))
-+ if (temp_var = find_function (temp_name))
- {
- VSETATTR (temp_var, (att_exported|att_imported));
- array_needs_making = 1;
- }
- else
- {
- if (temp_var = bind_variable (name, string, 0))
- {
- VSETATTR (temp_var, (att_exported | att_imported | att_invisible));
- array_needs_making = 1;
- }
- last_command_exit_value = 1;
- report_error (_("error importing function definition for `%s'"), name);
- }
-+
-+ /* Restore the original suffix. */
-+ temp_name[name_length] = FUNCDEF_SUFFIX[0];
- }
- #if defined (ARRAY_VARS)
- # if ARRAY_EXPORT
-@@ -2537,7 +2557,7 @@
- var->context = variable_context; /* XXX */
-
- INVALIDATE_EXPORTSTR (var);
-- var->exportstr = mk_env_string (name, value);
-+ var->exportstr = mk_env_string (name, value, 0);
-
- array_needs_making = 1;
-
-@@ -3388,22 +3408,43 @@
- /* */
- /* **************************************************************** */
-
-+/* Returns the string NAME=VALUE if !FUNCTIONP or if VALUE == NULL (in
-+ which case it is treated as empty). Otherwise, decorate NAME with
-+ FUNCDEF_PREFIX and FUNCDEF_SUFFIX, and return a string of the form
-+ FUNCDEF_PREFIX NAME FUNCDEF_SUFFIX = VALUE (without spaces). */
- static inline char *
--mk_env_string (name, value)
-+mk_env_string (name, value, functionp)
- const char *name, *value;
-+ int functionp;
- {
-- int name_len, value_len;
-- char *p;
-+ size_t name_len, value_len;
-+ char *p, *q;
-
- name_len = strlen (name);
- value_len = STRLEN (value);
-- p = (char *)xmalloc (2 + name_len + value_len);
-- strcpy (p, name);
-- p[name_len] = '=';
-+ if (functionp && value != NULL)
-+ {
-+ p = (char *)xmalloc (FUNCDEF_PREFIX_LEN + name_len + FUNCDEF_SUFFIX_LEN
-+ + 1 + value_len + 1);
-+ q = p;
-+ memcpy (q, FUNCDEF_PREFIX, FUNCDEF_PREFIX_LEN);
-+ q += FUNCDEF_PREFIX_LEN;
-+ memcpy (q, name, name_len);
-+ q += name_len;
-+ memcpy (q, FUNCDEF_SUFFIX, FUNCDEF_SUFFIX_LEN);
-+ q += FUNCDEF_SUFFIX_LEN;
-+ }
-+ else
-+ {
-+ p = (char *)xmalloc (name_len + 1 + value_len + 1);
-+ memcpy (p, name, name_len);
-+ q = p + name_len;
-+ }
-+ q[0] = '=';
- if (value && *value)
-- strcpy (p + name_len + 1, value);
-+ memcpy (q + 1, value, value_len + 1);
- else
-- p[name_len + 1] = '\0';
-+ q[1] = '\0';
- return (p);
- }
-
-@@ -3489,7 +3530,7 @@
- /* Gee, I'd like to get away with not using savestring() if we're
- using the cached exportstr... */
- list[list_index] = USE_EXPORTSTR ? savestring (value)
-- : mk_env_string (var->name, value);
-+ : mk_env_string (var->name, value, function_p (var));
-
- if (USE_EXPORTSTR == 0)
- SAVE_EXPORTSTR (var, list[list_index]);
Deleted: csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-2.patch
===================================================================
--- csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-2.patch 2014-10-17 14:21:45 UTC (rev 24192)
+++ csw/mgar/pkg/bash/trunk/files/bash-4.2-cve-2014-7169-2.patch 2014-10-18 12:33:12 UTC (rev 24193)
@@ -1,83 +0,0 @@
---- ../bash-4.2-orig/parse.y 2014-09-25 13:07:59.218209276 +0200
-+++ parse.y 2014-09-25 15:26:52.813159810 +0200
-@@ -264,9 +264,21 @@
-
- /* Variables to manage the task of reading here documents, because we need to
- defer the reading until after a complete command has been collected. */
--static REDIRECT *redir_stack[10];
-+static REDIRECT **redir_stack;
- int need_here_doc;
-
-+/* Pushes REDIR onto redir_stack, resizing it as needed. */
-+static void
-+push_redir_stack (REDIRECT *redir)
-+{
-+ /* Guard against oveflow. */
-+ if (need_here_doc + 1 > INT_MAX / sizeof (*redir_stack))
-+ abort ();
-+ redir_stack = xrealloc (redir_stack,
-+ (need_here_doc + 1) * sizeof (*redir_stack));
-+ redir_stack[need_here_doc++] = redir;
-+}
-+
- /* Where shell input comes from. History expansion is performed on each
- line when the shell is interactive. */
- static char *shell_input_line = (char *)NULL;
-@@ -519,42 +531,42 @@
- source.dest = 0;
- redir.filename = $2;
- $$ = make_redirection (source, r_reading_until, redir, 0);
-- redir_stack[need_here_doc++] = $$;
-+ push_redir_stack ($$);
- }
- | NUMBER LESS_LESS WORD
- {
- source.dest = $1;
- redir.filename = $3;
- $$ = make_redirection (source, r_reading_until, redir, 0);
-- redir_stack[need_here_doc++] = $$;
-+ push_redir_stack ($$);
- }
- | REDIR_WORD LESS_LESS WORD
- {
- source.filename = $1;
- redir.filename = $3;
- $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN);
-- redir_stack[need_here_doc++] = $$;
-+ push_redir_stack ($$);
- }
- | LESS_LESS_MINUS WORD
- {
- source.dest = 0;
- redir.filename = $2;
- $$ = make_redirection (source, r_deblank_reading_until, redir, 0);
-- redir_stack[need_here_doc++] = $$;
-+ push_redir_stack ($$);
- }
- | NUMBER LESS_LESS_MINUS WORD
- {
- source.dest = $1;
- redir.filename = $3;
- $$ = make_redirection (source, r_deblank_reading_until, redir, 0);
-- redir_stack[need_here_doc++] = $$;
-+ push_redir_stack ($$);
- }
- | REDIR_WORD LESS_LESS_MINUS WORD
- {
- source.filename = $1;
- redir.filename = $3;
- $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN);
-- redir_stack[need_here_doc++] = $$;
-+ push_redir_stack ($$);
- }
- | LESS_LESS_LESS WORD
- {
-@@ -4757,7 +4769,7 @@
- case CASE:
- case SELECT:
- case FOR:
-- if (word_top < MAX_CASE_NEST)
-+ if (word_top + 1 < MAX_CASE_NEST)
- word_top++;
- word_lineno[word_top] = line_number;
- break;
Modified: csw/mgar/pkg/bash/trunk/files/changelog.CSW
===================================================================
--- csw/mgar/pkg/bash/trunk/files/changelog.CSW 2014-10-17 14:21:45 UTC (rev 24192)
+++ csw/mgar/pkg/bash/trunk/files/changelog.CSW 2014-10-18 12:33:12 UTC (rev 24193)
@@ -1,3 +1,11 @@
+bash (4.3.30,REV=2014.10.18) unstable
+
+ * Added bash patch bash43-026 to bash43-030
+ * Removed security patches bash-4.2-cve-2014-7169-{0,1,2}.patch
+ that were replaced with upstream patches.
+
+ -- Yann Rouillard <yann at opencsw.org> Sat, 18 Oct 2014 14:32:25 +0200
+
bash (4.3.25,REV=2014.09.26) unstable
* Added patches bash-4.2-cve-2014-7169-{0,1,2}.patch to fix CVE-2014-7169
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
More information about the devel
mailing list