slackware-current/source/a/bash/bash-5.0-patches/bash50-010
Patrick J Volkerding bfb7494122 Fri Aug 30 18:50:32 UTC 2019
a/bash-5.0.011-x86_64-1.txz:  Upgraded.
a/findutils-4.7.0-x86_64-1.txz:  Upgraded.
ap/squashfs-tools-4.4-x86_64-1.txz:  Upgraded.
n/irssi-1.2.2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Use after free when receiving duplicate CAP found by Joseph Bisch.
  For more information, see:
    https://irssi.org/security/html/irssi_sa_2019_08
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15717
  (* Security fix *)
x/libvdpau-1.3-x86_64-1.txz:  Upgraded.
2019-08-31 08:59:46 +02:00

172 lines
6.3 KiB
Text

BASH PATCH REPORT
=================
Bash-Release: 5.0
Patch-ID: bash50-010
Bug-Reported-by: Thorsten Glaser <tg@mirbsd.de>
Bug-Reference-ID: <156622962831.19438.16374961114836556294.reportbug@tglase.lan.tarent.de>
Bug-Reference-URL: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935115
Bug-Description:
Bash-5.0 changed the way assignment statements preceding special builtins
and shell functions were handled in posix mode. They automatically created
or modified global variables instead of modifying existing local variables
as in bash-4.4.
The bash-4.4 posix-mode semantics were buggy, and resulted in creating
local variables where they were not intended and modifying global variables
and local variables simultaneously.
The bash-5.0 changes were intended to fix this issue, but did not preserve
enough backwards compatibility. The posix standard also changed what it
required in these cases, so bash-5.0 is not bound by the strict conformance
requirements that existed in previous issues of the standard.
This patch modifies the bash-5.0 posix mode behavior in an effort to restore
some backwards compatibility and rationalize the behavior in the presence of
local variables. It
1. Changes the assignment semantics to be more similar to standalone assignment
statements: assignments preceding a function call or special builtin while
executing in a shell function will modify the value of a local variable
with the same name for the duration of the function's execution;
2. Changes assignments preceding shell function calls or special builtins
from within a shell function to no longer create or modify global variables
in the presence of a local variable with the same name;
3. Assignment statements preceding a shell function call or special builtin
at the global scope continue to modify the (global) calling environment,
but are unaffected by assignments preceding function calls or special
builtins within a function, as described in item 2. This is also similar
to the behavior of a standalone assignment statement.
Patch (apply with `patch -p0'):
*** ../bash-5.0-patched/variables.c 2018-12-18 11:07:21.000000000 -0500
--- variables.c 2019-08-22 10:53:44.000000000 -0400
***************
*** 4461,4467 ****
/* Take a variable from an assignment statement preceding a posix special
! builtin (including `return') and create a global variable from it. This
! is called from merge_temporary_env, which is only called when in posix
! mode. */
static void
push_posix_temp_var (data)
--- 4461,4467 ----
/* Take a variable from an assignment statement preceding a posix special
! builtin (including `return') and create a variable from it as if a
! standalone assignment statement had been performed. This is called from
! merge_temporary_env, which is only called when in posix mode. */
static void
push_posix_temp_var (data)
***************
*** 4473,4486 ****
var = (SHELL_VAR *)data;
! binding_table = global_variables->table;
! if (binding_table == 0)
! binding_table = global_variables->table = hash_create (VARIABLES_HASH_BUCKETS);
!
! v = bind_variable_internal (var->name, value_cell (var), binding_table, 0, ASS_FORCE|ASS_NOLONGJMP);
/* global variables are no longer temporary and don't need propagating. */
! var->attributes &= ~(att_tempvar|att_propagate);
if (v)
! v->attributes |= var->attributes;
if (find_special_var (var->name) >= 0)
--- 4473,4497 ----
var = (SHELL_VAR *)data;
! /* Just like do_assignment_internal(). This makes assignments preceding
! special builtins act like standalone assignment statements when in
! posix mode, satisfying the posix requirement that this affect the
! "current execution environment." */
! v = bind_variable (var->name, value_cell (var), ASS_FORCE|ASS_NOLONGJMP);
!
! /* If this modifies an existing local variable, v->context will be non-zero.
! If it comes back with v->context == 0, we bound at the global context.
! Set binding_table appropriately. It doesn't matter whether it's correct
! if the variable is local, only that it's not global_variables->table */
! binding_table = v->context ? shell_variables->table : global_variables->table;
/* global variables are no longer temporary and don't need propagating. */
! if (binding_table == global_variables->table)
! var->attributes &= ~(att_tempvar|att_propagate);
!
if (v)
! {
! v->attributes |= var->attributes;
! v->attributes &= ~att_tempvar; /* not a temp var now */
! }
if (find_special_var (var->name) >= 0)
***************
*** 4576,4587 ****
{
int i;
tempvar_list = strvec_create (HASH_ENTRIES (temporary_env) + 1);
tempvar_list[tvlist_ind = 0] = 0;
!
! hash_flush (temporary_env, pushf);
! hash_dispose (temporary_env);
temporary_env = (HASH_TABLE *)NULL;
tempvar_list[tvlist_ind] = 0;
--- 4587,4601 ----
{
int i;
+ HASH_TABLE *disposer;
tempvar_list = strvec_create (HASH_ENTRIES (temporary_env) + 1);
tempvar_list[tvlist_ind = 0] = 0;
!
! disposer = temporary_env;
temporary_env = (HASH_TABLE *)NULL;
+ hash_flush (disposer, pushf);
+ hash_dispose (disposer);
+
tempvar_list[tvlist_ind] = 0;
*** ../bash-5.0-patched/tests/varenv.right 2018-12-17 15:39:48.000000000 -0500
--- tests/varenv.right 2019-08-22 16:05:25.000000000 -0400
***************
*** 147,153 ****
outside: declare -- var="one"
inside: declare -x var="value"
! outside: declare -x var="value"
! inside: declare -- var="local"
! outside: declare -x var="global"
foo=<unset> environment foo=
foo=foo environment foo=foo
--- 147,153 ----
outside: declare -- var="one"
inside: declare -x var="value"
! outside: declare -- var="outside"
! inside: declare -x var="global"
! outside: declare -- var="outside"
foo=<unset> environment foo=
foo=foo environment foo=foo
*** ../bash-5.0/patchlevel.h 2016-06-22 14:51:03.000000000 -0400
--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 9
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 10
#endif /* _PATCHLEVEL_H_ */