[arch-commits] Commit in bash/trunk (PKGBUILD bash-4.3-fix-setuid.patch)

[Bartłomiej Piotrowski]

    Date: Wednesday, June 4, 2014 @ 19:21:50
  Author: bpiotrowski
Revision: 214259

upgpkg: bash 4.3.018-2

add security fix for FS#40663

Added:
  bash/trunk/bash-4.3-fix-setuid.patch
Modified:
  bash/trunk/PKGBUILD

---------------------------+
 PKGBUILD                  |    9 +++++++--
 bash-4.3-fix-setuid.patch |   31 +++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 2 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2014-06-04 16:58:32 UTC (rev 214258)
+++ PKGBUILD    2014-06-04 17:21:50 UTC (rev 214259)
@@ -7,7 +7,7 @@
 _basever=4.3
 _patchlevel=018
 pkgver=$_basever.$_patchlevel
-pkgrel=1
+pkgrel=2
 pkgdesc='The GNU Bourne Again shell'
 arch=('i686' 'x86_64')
 license=('GPL')
@@ -22,7 +22,8 @@
         dot.bash_profile
         dot.bash_logout
         system.bashrc
-        system.bash_logout)
+        system.bash_logout
+        bash-4.3-fix-setuid.patch)
 
 if [[ $((10#${_patchlevel})) -gt 0 ]]; then
     for (( _p=1; _p<=$((10#${_patchlevel})); _p++ )); do
@@ -37,6 +38,9 @@
     msg "applying patch bash${_basever//.}-$(printf "%03d" $_p)"
     patch -p0 -i ../bash${_basever//.}-$(printf "%03d" $_p)
   done
+
+  # http://hmarco.org/bugs/bash_4.3-setuid-bug.html (FS#40663)
+  patch -p0 -i ../bash-4.3-fix-setuid.patch
 }
 
 build() {
@@ -79,6 +83,7 @@
          '42f4400ed2314bd7519c020d0187edc5'
          '561949793177116b7be29a07c385ba8b'
          '472f536d7c9e8250dc4568ec4cfaf294'
+         'c87b8d9e12d628eac829dc08f4607a20'
          '1ab682b4e36afa4cf1b426aa7ac81c0d'
          'SKIP'
          '8fc22cf50ec85da00f6af3d66f7ddc1b'

Added: bash-4.3-fix-setuid.patch
===================================================================
--- bash-4.3-fix-setuid.patch                           (rev 0)
+++ bash-4.3-fix-setuid.patch   2014-06-04 17:21:50 UTC (rev 214259)
@@ -0,0 +1,31 @@
+diff --git shell.c shell.c
+index bbc8a66..5bfd466 100644
+--- shell.c
++++ shell.c
+@@ -1226,8 +1226,12 @@ uidget ()
+ void
+ disable_priv_mode ()
+ {
+-  setuid (current_user.uid);
+-  setgid (current_user.gid);
++   
++  if( (setuid (current_user.uid) !=0) ||  (setgid (current_user.gid) != 0) ){
++     report_error("Drop privileges failed!!\n");
++     exit(EX_DROPFAIL);
++  }
++  
+   current_user.euid = current_user.uid;
+   current_user.egid = current_user.gid;
+ }
+diff --git shell.h shell.h
+index 243e467..c3625be 100644
+--- shell.h
++++ shell.h
+@@ -72,6 +72,7 @@ extern int EOF_Reached;
+ #define EX_REDIRFAIL  259     /* redirection failed */
+ #define EX_BADASSIGN  260     /* variable assignment error */
+ #define EX_EXPFAIL    261     /* word expansion failed */
++#define EX_DROPFAIL  262   /* Drop privileges failed */
+ 
+ /* Flag values that control parameter pattern substitution. */
+ #define MATCH_ANY     0x000