slackware-current/source/a/bash/bash-5.2-patches/bash52-021

			     BASH PATCH REPORT
			     =================

Bash-Release:	5.2
Patch-ID:	bash52-021

Bug-Reported-by:	Norbert Lange <nolange79@gmail.com>
Bug-Reference-ID:	<CADYdroPZFdVZSL6KkhqkAPgKKopbsLQVSm7_TvLCwadL2=UAWw@mail.gmail.com>
Bug-Reference-URL:	https://lists.gnu.org/archive/html/bug-bash/2022-12/msg00046.html

Bug-Description:

There is an off-by-one error that causes command substitutions to fail when
they appear in a word expansion inside a here-document.

Patch (apply with `patch -p0'):

*** ../bash-5.2-patched/subst.c	2022-12-13 12:08:58.000000000 -0500
--- subst.c	2022-12-14 09:09:53.000000000 -0500
***************
*** 1694,1698 ****
  	  CHECK_STRING_OVERRUN (i, si, slen, c);
  
! 	  tlen = si - i - 1;
  	  RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
  	  result[result_index++] = c;
--- 1699,1703 ----
  	  CHECK_STRING_OVERRUN (i, si, slen, c);
  
! 	  tlen = si - i - 2;
  	  RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
  	  result[result_index++] = c;
***************
*** 1714,1718 ****
  	  CHECK_STRING_OVERRUN (i, si, slen, c);
  
! 	  tlen = si - i - 1;
  	  RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
  	  result[result_index++] = c;
--- 1719,1723 ----
  	  CHECK_STRING_OVERRUN (i, si, slen, c);
  
! 	  tlen = si - i - 2;
  	  RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
  	  result[result_index++] = c;

*** ../bash-5.2/patchlevel.h	2020-06-22 14:51:03.000000000 -0400
--- patchlevel.h	2020-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 20
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 21
  
  #endif /* _PATCHLEVEL_H_ */
Fri Nov 10 18:46:44 UTC 2023 a/bash-5.2.021-x86_64-1.txz: Upgraded. ap/rdfind-1.6.0-x86_64-1.txz: Added. ap/sudo-1.9.15p2-x86_64-1.txz: Upgraded. l/ffmpeg-5.1.4-x86_64-1.txz: Upgraded. n/dhcpcd-10.0.5-x86_64-1.txz: Upgraded. n/whois-5.5.20-x86_64-1.txz: Upgraded. Added the .gn TLD server. Removed 6 new gTLDs which are no longer active. xfce/xfce4-whiskermenu-plugin-2.8.1-x86_64-1.txz: Upgraded. 2023-11-10 19:46:44 +01:00			`BASH PATCH REPORT`
			`=================`

			`Bash-Release: 5.2`
			`Patch-ID: bash52-021`

			`Bug-Reported-by: Norbert Lange <nolange79@gmail.com>`
			`Bug-Reference-ID: <CADYdroPZFdVZSL6KkhqkAPgKKopbsLQVSm7_TvLCwadL2=UAWw@mail.gmail.com>`
			`Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-12/msg00046.html`

			`Bug-Description:`

			`There is an off-by-one error that causes command substitutions to fail when`
			`they appear in a word expansion inside a here-document.`

			Patch (apply with `patch -p0'):

			`*** ../bash-5.2-patched/subst.c 2022-12-13 12:08:58.000000000 -0500`
			`--- subst.c 2022-12-14 09:09:53.000000000 -0500`
			`***************`
			`* 1694,1698 **`
			`CHECK_STRING_OVERRUN (i, si, slen, c);`

			`! tlen = si - i - 1;`
			`RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);`
			`result[result_index++] = c;`
			`--- 1699,1703 ----`
			`CHECK_STRING_OVERRUN (i, si, slen, c);`

			`! tlen = si - i - 2;`
			`RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);`
			`result[result_index++] = c;`
			`***************`
			`* 1714,1718 **`
			`CHECK_STRING_OVERRUN (i, si, slen, c);`

			`! tlen = si - i - 1;`
			`RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);`
			`result[result_index++] = c;`
			`--- 1719,1723 ----`
			`CHECK_STRING_OVERRUN (i, si, slen, c);`

			`! tlen = si - i - 2;`
			`RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);`
			`result[result_index++] = c;`

			`*** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400`
			`--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400`
			`***************`
			`* 26,30 **`
			`looks for to find the patch level (for the sccs version string). */`

			`! #define PATCHLEVEL 20`

			`#endif /* _PATCHLEVEL_H_ */`
			`--- 26,30 ----`
			`looks for to find the patch level (for the sccs version string). */`

			`! #define PATCHLEVEL 21`

			`#endif /* _PATCHLEVEL_H_ */`