Hello community, here is the log from the commit of package bash for openSUSE:Factory checked in at 2017-02-08 12:11:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bash (Old) and /work/SRC/openSUSE:Factory/.bash.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bash" Changes: -------- --- /work/SRC/openSUSE:Factory/bash/bash.changes 2016-12-22 15:59:16.911163772 +0100 +++ /work/SRC/openSUSE:Factory/.bash.new/bash.changes 2017-02-08 12:11:43.437918825 +0100 @@ -1,0 +2,56 @@ +Mon Jan 30 16:11:13 UTC 2017 - [email protected] + +- Add upstream patch readline70-002 which replace old one + There is a race condition in add_history() that can be triggered by a fatal + signal arriving between the time the history length is updated and the time + the history list update is completed. A later attempt to reference an + invalid history entry can cause a crash. +- Add upstream patch readline70-003 + Readline-7.0 uses pselect(2) to allow readline to handle signals that do not + interrupt read(2), such as SIGALRM, before reading another character. The + signal mask used in the pselect call did not take into account signals the + calling application blocked before calling readline(). + +------------------------------------------------------------------- +Fri Jan 27 17:31:59 UTC 2017 - [email protected] + +- Add upstream patch bash44-006 + Out-of-range negative offsets to popd can cause the shell to crash + attempting to free an invalid memory block. +- Remove patch popd-offset-overflow.patch to use bash44-006 +- Add upstream patch bash44-007 + When performing filename completion, bash dequotes the directory + name being completed, which can result in match failures and + potential unwanted expansion. +- Duplicate bash44-007 as readline70-002 as it seems to be missed +- Add upstream patch bash44-008 + Under certain circumstances, bash will evaluate arithmetic + expressions as part of reading an expression token even when + evaluation is suppressed. This happens while evaluating a + conditional expression and skipping over the failed branch of the + expression. +- Add upstream patch bash44-009 + There is a race condition in add_history() that can be triggered + by a fatal signal arriving between the time the history length + is updated and the time the history list update is completed. + A later attempt to reference an invalid history entry can cause + a crash. +- Add upstream patch bash44-010 + Depending on compiler optimizations and behavior, the `read' + builtin may not save partial input when a timeout occurs. +- Add upstream patch bash44-011 + Subshells begun to run command and process substitutions may + attempt to set the terminal's process group to an incorrect + value if they receive a fatal signal. This depends on the + behavior of the process that starts the shell. +- Add upstream patch bash44-012 + When -N is used, the input is not supposed to be split using + $IFS, but leading and trailing IFS whitespace was still removed. + +------------------------------------------------------------------- +Thu Jan 19 12:20:06 UTC 2017 - [email protected] + +- Remove -L option on screen call dues API change, now we depend + on environment variables only. + +------------------------------------------------------------------- Old: ---- popd-offset-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bash.spec ++++++ --- /var/tmp/diff_new_pack.mebPJh/_old 2017-02-08 12:11:45.317653868 +0100 +++ /var/tmp/diff_new_pack.mebPJh/_new 2017-02-08 12:11:45.317653868 +0100 @@ -1,7 +1,7 @@ # # spec file for package bash # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -92,8 +92,6 @@ Patch30: readline-6.3-destdir.patch Patch31: readline-6.3-rltrace.patch Patch40: bash-4.1-bash.bashrc.dif -# PATCH-FIX-UPSTREAM boo#1010845 -- CVE-2016-9401: bash: popd controlled free (Segmentation fault) -Patch41: popd-offset-overflow.patch Patch46: man2html-no-timestamp.patch Patch47: bash-4.3-perl522.patch # PATCH-FIX-SUSE @@ -302,7 +300,6 @@ #%patch25 -p0 -b .endpw %patch31 -p0 -b .tmp %patch40 -p0 -b .bashrc -%patch41 -p0 -b .popd %patch46 -p0 -b .notimestamp %patch47 -p0 -b .perl522 %if %{with import_function} @@ -343,6 +340,7 @@ SCREENLOG=${SCREENDIR}/log cat > $SCREENRC<<-EOF deflogin off + deflog on logfile $SCREENLOG logfile flush 1 logtstamp off @@ -548,7 +546,7 @@ tail -q -s 0.5 -f $SCREENLOG & pid=$! env -i HOME=$PWD TERM=$TERM LD_LIBRARY_PATH=$LD_RUN_PATH TMPDIR=$TMPDIR \ SCREENRC=$SCREENRC SCREENDIR=$SCREENDIR \ - screen -L -D -m make TESTSCRIPT=%{SOURCE4} check + screen -D -m make TESTSCRIPT=%{SOURCE4} check kill -TERM $pid make %{?do_profiling:CFLAGS="$CFLAGS %cflags_profile_feedback -fprofile-correction" clean} all make -C examples/loadables/ ++++++ bash-4.3-2.4.4.patch ++++++ --- /var/tmp/diff_new_pack.mebPJh/_old 2017-02-08 12:11:45.413640339 +0100 +++ /var/tmp/diff_new_pack.mebPJh/_new 2017-02-08 12:11:45.413640339 +0100 @@ -8,7 +8,7 @@ 6 files changed, 17 insertions(+), 7 deletions(-) --- array.c -+++ array.c 2016-09-16 10:37:12.179427118 +0000 ++++ array.c 2017-01-27 17:45:42.364066849 +0000 @@ -946,7 +946,7 @@ char *s, *sep; * To make a running version, compile -DTEST_ARRAY and link with: * xmalloc.o syntax.o lib/malloc/libmalloc.a lib/sh/libsh.a @@ -19,7 +19,7 @@ int signal_is_trapped(s) --- examples/loadables/tee.c -+++ examples/loadables/tee.c 2016-09-16 10:37:12.179427118 +0000 ++++ examples/loadables/tee.c 2017-01-27 17:45:42.364066849 +0000 @@ -35,6 +35,7 @@ #include "bashansi.h" @@ -38,7 +38,7 @@ extern char *strerror (); --- hashlib.c -+++ hashlib.c 2016-09-16 10:37:12.179427118 +0000 ++++ hashlib.c 2017-01-27 17:45:42.364066849 +0000 @@ -382,7 +382,7 @@ hash_pstats (table, name) HASH_TABLE *table, *ntable; @@ -49,8 +49,8 @@ int signal_is_trapped (s) --- jobs.c -+++ jobs.c 2016-09-16 10:37:12.183427043 +0000 -@@ -1947,6 +1947,15 @@ make_child (command, async_p) ++++ jobs.c 2017-01-27 17:45:42.364066849 +0000 +@@ -1962,6 +1962,15 @@ make_child (command, async_p) pid_t mypid; mypid = getpid (); @@ -67,7 +67,7 @@ /* Close default_buffered_input if it's > 0. We don't close it if it's 0 because that's the file descriptor used when redirecting input, --- sig.c -+++ sig.c 2016-09-16 10:37:12.183427043 +0000 ++++ sig.c 2017-01-27 17:45:42.364066849 +0000 @@ -98,10 +98,10 @@ sigset_t top_level_mask; #endif /* JOB_CONTROL */ @@ -82,7 +82,7 @@ #if defined (SIGWINCH) static SigHandler *old_winch = (SigHandler *)SIG_DFL; --- sig.h -+++ sig.h 2016-09-16 10:37:12.183427043 +0000 ++++ sig.h 2017-01-27 17:45:42.364066849 +0000 @@ -109,8 +109,8 @@ do { \ extern volatile sig_atomic_t sigwinch_received; extern volatile sig_atomic_t sigterm_received; ++++++ bash-4.3-sigrestart.patch ++++++ --- /var/tmp/diff_new_pack.mebPJh/_old 2017-02-08 12:11:45.437636956 +0100 +++ /var/tmp/diff_new_pack.mebPJh/_new 2017-02-08 12:11:45.441636393 +0100 @@ -3,8 +3,8 @@ 1 file changed, 6 insertions(+) --- sig.c -+++ sig.c 2016-09-14 08:54:54.158863424 +0000 -@@ -738,10 +738,16 @@ set_signal_handler (sig, handler) ++++ sig.c 2017-01-27 17:46:46.602829901 +0000 +@@ -739,10 +739,16 @@ set_signal_handler (sig, handler) if (sig == SIGCHLD) act.sa_flags |= SA_RESTART; /* XXX */ #endif ++++++ bash-4.4-patches.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-001 new/bash-4.4-patches/bash44-001 --- old/bash-4.4-patches/bash44-001 2016-11-11 20:24:59.000000000 +0100 +++ new/bash-4.4-patches/bash44-001 2016-11-28 12:41:36.000553183 +0100 @@ -17,7 +17,7 @@ Patch (apply with `patch -p0'): -*** ../bash-4.4/lib/readline/history.c 2015-12-28 13:50:31.000000000 -0500 +*** lib/readline/history.c 2015-12-28 13:50:31.000000000 -0500 --- lib/readline/history.c 2016-09-30 14:28:40.000000000 -0400 *************** *** 58,61 **** @@ -43,7 +43,7 @@ ! : history_max_entries + 2; else history_size = DEFAULT_HISTORY_INITIAL_SIZE; -*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +*** patchlevel.h 2016-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-002 new/bash-4.4-patches/bash44-002 --- old/bash-4.4-patches/bash44-002 2016-11-11 20:25:15.000000000 +0100 +++ new/bash-4.4-patches/bash44-002 2016-11-28 12:41:36.084551471 +0100 @@ -16,7 +16,7 @@ Patch (apply with `patch -p0'): -*** ../bash-4.4/subst.c 2016-08-30 16:46:38.000000000 -0400 +*** subst.c 2016-08-30 16:46:38.000000000 -0400 --- subst.c 2016-09-26 10:20:19.000000000 -0400 *************** *** 5932,5935 **** @@ -52,7 +52,7 @@ ! } #endif continue; -*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +*** patchlevel.h 2016-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-003 new/bash-4.4-patches/bash44-003 --- old/bash-4.4-patches/bash44-003 2016-11-11 20:25:26.000000000 +0100 +++ new/bash-4.4-patches/bash44-003 2016-11-28 12:41:36.100551145 +0100 @@ -16,7 +16,7 @@ Patch (apply with `patch -p0'): -*** ../bash-4.4/lib/glob/sm_loop.c 2016-04-10 11:23:21.000000000 -0400 +*** lib/glob/sm_loop.c 2016-04-10 11:23:21.000000000 -0400 --- lib/glob/sm_loop.c 2016-11-02 14:03:34.000000000 -0400 *************** *** 331,334 **** @@ -41,7 +41,7 @@ + if ((flags & FNM_PATHNAME) && c == L('/')) /* [/] can never match when matching a pathname. */ -*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +*** patchlevel.h 2016-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-004 new/bash-4.4-patches/bash44-004 --- old/bash-4.4-patches/bash44-004 2016-11-11 20:25:40.000000000 +0100 +++ new/bash-4.4-patches/bash44-004 2016-11-28 12:41:36.108550981 +0100 @@ -15,7 +15,7 @@ Patch (apply with `patch -p0'): -*** ../bash-4.4/jobs.c 2016-08-23 16:38:44.000000000 -0400 +*** jobs.c 2016-08-23 16:38:44.000000000 -0400 --- jobs.c 2016-11-02 18:24:45.000000000 -0400 *************** *** 454,457 **** @@ -39,7 +39,7 @@ + struct pipeline_saver * alloc_pipeline_saver () -*** ../bash-4.4/jobs.h 2016-04-27 10:35:51.000000000 -0400 +*** jobs.h 2016-04-27 10:35:51.000000000 -0400 --- jobs.h 2016-11-02 18:25:08.000000000 -0400 *************** *** 191,194 **** @@ -49,7 +49,7 @@ + extern void discard_last_procsub_child __P((void)); extern void save_pipeline __P((int)); extern PROCESS *restore_pipeline __P((int)); -*** ../bash-4.4/subst.c 2016-08-30 16:46:38.000000000 -0400 +*** subst.c 2016-08-30 16:46:38.000000000 -0400 --- subst.c 2016-11-02 18:23:24.000000000 -0400 *************** *** 5809,5816 **** @@ -67,7 +67,7 @@ ! discard_last_procsub_child (); last_procsub_child = restore_pipeline (0); #endif -*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +*** patchlevel.h 2016-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-005 new/bash-4.4-patches/bash44-005 --- old/bash-4.4-patches/bash44-005 2016-11-11 20:25:56.000000000 +0100 +++ new/bash-4.4-patches/bash44-005 2016-11-28 12:41:36.120550737 +0100 @@ -15,7 +15,7 @@ Patch (apply with `patch -p0'): -*** ../bash-4.4/builtins/evalstring.c 2016-08-11 14:18:51.000000000 -0400 +*** builtins/evalstring.c 2016-08-11 14:18:51.000000000 -0400 --- builtins/evalstring.c 2016-11-08 15:05:07.000000000 -0500 *************** *** 105,114 **** @@ -30,7 +30,7 @@ command->redirects == 0 && command->value.Simple->redirects == 0 && ((command->flags & CMD_TIME_PIPELINE) == 0) && --- 105,111 ---- -*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +*** patchlevel.h 2016-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-006 new/bash-4.4-patches/bash44-006 --- old/bash-4.4-patches/bash44-006 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-006 2017-01-19 20:32:41.000000000 +0100 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-006 + +Bug-Reported-by: <[email protected]> +Bug-Reference-ID: <CAEr-gPFPvqheiAeENmMkEwWRd4U=1iqcsymr3slduloql++...@mail.gmail.com> +Bug-Reference-URL: + +Bug-Description: + +Out-of-range negative offsets to popd can cause the shell to crash attempting +to free an invalid memory block. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/builtins/pushd.def 2016-01-25 13:31:49.000000000 -0500 +--- builtins/pushd.def 2016-10-28 10:46:49.000000000 -0400 +*************** +*** 366,370 **** + } + +! if (which > directory_list_offset || (directory_list_offset == 0 && which == 0)) + { + pushd_error (directory_list_offset, which_word ? which_word : ""); +--- 366,370 ---- + } + +! if (which > directory_list_offset || (which < -directory_list_offset) || (directory_list_offset == 0 && which == 0)) + { + pushd_error (directory_list_offset, which_word ? which_word : ""); +*************** +*** 388,391 **** +--- 388,396 ---- + of the list into place. */ + i = (direction == '+') ? directory_list_offset - which : which; ++ if (i < 0 || i > directory_list_offset) ++ { ++ pushd_error (directory_list_offset, which_word ? which_word : ""); ++ return (EXECUTION_FAILURE); ++ } + free (pushd_directory_list[i]); + directory_list_offset--; +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-007 new/bash-4.4-patches/bash44-007 --- old/bash-4.4-patches/bash44-007 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-007 2017-01-19 20:32:54.000000000 +0100 @@ -0,0 +1,151 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-007 + +Bug-Reported-by: Jens Heyens <[email protected]> +Bug-Reference-ID: +Bug-Reference-URL: https://savannah.gnu.org/support/?109224 + +Bug-Description: + +When performing filename completion, bash dequotes the directory name being +completed, which can result in match failures and potential unwanted +expansion. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/bashline.c 2016-08-05 21:44:05.000000000 -0400 +--- bashline.c 2017-01-19 13:15:51.000000000 -0500 +*************** +*** 143,147 **** + static void restore_directory_hook __P((rl_icppfunc_t)); + +! static int directory_exists __P((const char *)); + + static void cleanup_expansion_error __P((void)); +--- 144,148 ---- + static void restore_directory_hook __P((rl_icppfunc_t)); + +! static int directory_exists __P((const char *, int)); + + static void cleanup_expansion_error __P((void)); +*************** +*** 3103,3111 **** + } + +! /* Check whether not the (dequoted) version of DIRNAME, with any trailing slash +! removed, exists. */ + static int +! directory_exists (dirname) + const char *dirname; + { + char *new_dirname; +--- 3107,3116 ---- + } + +! /* Check whether not DIRNAME, with any trailing slash removed, exists. If +! SHOULD_DEQUOTE is non-zero, we dequote the directory name first. */ + static int +! directory_exists (dirname, should_dequote) + const char *dirname; ++ int should_dequote; + { + char *new_dirname; +*************** +*** 3113,3118 **** + struct stat sb; + +! /* First, dequote the directory name */ +! new_dirname = bash_dequote_filename ((char *)dirname, rl_completion_quote_character); + dirlen = STRLEN (new_dirname); + if (new_dirname[dirlen - 1] == '/') +--- 3118,3124 ---- + struct stat sb; + +! /* We save the string and chop the trailing slash because stat/lstat behave +! inconsistently if one is present. */ +! new_dirname = should_dequote ? bash_dequote_filename ((char *)dirname, rl_completion_quote_character) : savestring (dirname); + dirlen = STRLEN (new_dirname); + if (new_dirname[dirlen - 1] == '/') +*************** +*** 3146,3150 **** + should_expand_dirname = '`'; + +! if (should_expand_dirname && directory_exists (local_dirname)) + should_expand_dirname = 0; + +--- 3152,3156 ---- + should_expand_dirname = '`'; + +! if (should_expand_dirname && directory_exists (local_dirname, 0)) + should_expand_dirname = 0; + +*************** +*** 3156,3160 **** + global_nounset = unbound_vars_is_error; + unbound_vars_is_error = 0; +! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_COMPLETE); /* does the right thing */ + unbound_vars_is_error = global_nounset; + if (wl) +--- 3162,3166 ---- + global_nounset = unbound_vars_is_error; + unbound_vars_is_error = 0; +! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_NOPROCSUB|W_COMPLETE); /* does the right thing */ + unbound_vars_is_error = global_nounset; + if (wl) +*************** +*** 3245,3249 **** + } + +! if (should_expand_dirname && directory_exists (local_dirname)) + should_expand_dirname = 0; + +--- 3262,3266 ---- + } + +! if (should_expand_dirname && directory_exists (local_dirname, 1)) + should_expand_dirname = 0; + +*************** +*** 3251,3255 **** + { + new_dirname = savestring (local_dirname); +! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_COMPLETE); /* does the right thing */ + if (wl) + { +--- 3268,3272 ---- + { + new_dirname = savestring (local_dirname); +! wl = expand_prompt_string (new_dirname, 0, W_NOCOMSUB|W_NOPROCSUB|W_COMPLETE); /* does the right thing */ + if (wl) + { +*** ../bash-4.4/subst.c 2016-08-30 16:46:38.000000000 -0400 +--- subst.c 2017-01-19 07:09:57.000000000 -0500 +*************** +*** 9459,9462 **** +--- 9459,9466 ---- + if (word->flags & W_COMPLETE) + tword->flags |= W_COMPLETE; /* for command substitutions */ ++ if (word->flags & W_NOCOMSUB) ++ tword->flags |= W_NOCOMSUB; ++ if (word->flags & W_NOPROCSUB) ++ tword->flags |= W_NOPROCSUB; + + temp = (char *)NULL; +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-008 new/bash-4.4-patches/bash44-008 --- old/bash-4.4-patches/bash44-008 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-008 2017-01-20 20:58:28.000000000 +0100 @@ -0,0 +1,84 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-008 + +Bug-Reported-by: Koichi MURASE <[email protected]> +Bug-Reference-ID: <CAFLRLk-V+1AeQ2k=py7ih6v+mfq_w8ef3ywl2e+wmlfgkbt...@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00050.html + +Bug-Description: + +Under certain circumstances, bash will evaluate arithmetic expressions as +part of reading an expression token even when evaluation is suppressed. This +happens while evaluating a conditional expression and skipping over the +failed branch of the expression. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/expr.c 2015-10-11 14:46:36.000000000 -0400 +--- expr.c 2016-11-08 11:55:46.000000000 -0500 +*************** +*** 579,585 **** + if (curtok == QUES) /* found conditional expr */ + { +- readtok (); +- if (curtok == 0 || curtok == COL) +- evalerror (_("expression expected")); + if (cval == 0) + { +--- 579,582 ---- +*************** +*** 588,591 **** +--- 585,592 ---- + } + ++ readtok (); ++ if (curtok == 0 || curtok == COL) ++ evalerror (_("expression expected")); ++ + val1 = EXP_HIGHEST (); + +*************** +*** 594,600 **** + if (curtok != COL) + evalerror (_("`:' expected for conditional expression")); +! readtok (); +! if (curtok == 0) +! evalerror (_("expression expected")); + set_noeval = 0; + if (cval) +--- 595,599 ---- + if (curtok != COL) + evalerror (_("`:' expected for conditional expression")); +! + set_noeval = 0; + if (cval) +*************** +*** 604,608 **** +--- 603,611 ---- + } + ++ readtok (); ++ if (curtok == 0) ++ evalerror (_("expression expected")); + val2 = expcond (); ++ + if (set_noeval) + noeval--; +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-009 new/bash-4.4-patches/bash44-009 --- old/bash-4.4-patches/bash44-009 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-009 2017-01-20 20:58:38.000000000 +0100 @@ -0,0 +1,107 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-009 + +Bug-Reported-by: Hong Cho <[email protected]> +Bug-Reference-ID: <[email protected]> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-12/msg00043.html + +Bug-Description: + +There is a race condition in add_history() that can be triggered by a fatal +signal arriving between the time the history length is updated and the time +the history list update is completed. A later attempt to reference an +invalid history entry can cause a crash. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/lib/readline/history.c 2016-11-11 13:42:49.000000000 -0500 +--- lib/readline/history.c 2016-12-05 10:37:51.000000000 -0500 +*************** +*** 280,283 **** +--- 280,284 ---- + { + HIST_ENTRY *temp; ++ int new_length; + + if (history_stifled && (history_length == history_max_entries)) +*************** +*** 296,306 **** + /* Copy the rest of the entries, moving down one slot. Copy includes + trailing NULL. */ +- #if 0 +- for (i = 0; i < history_length; i++) +- the_history[i] = the_history[i + 1]; +- #else + memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *)); +- #endif + + history_base++; + } +--- 297,303 ---- + /* Copy the rest of the entries, moving down one slot. Copy includes + trailing NULL. */ + memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *)); + ++ new_length = history_length; + history_base++; + } +*************** +*** 316,320 **** + history_size = DEFAULT_HISTORY_INITIAL_SIZE; + the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *)); +! history_length = 1; + } + else +--- 313,317 ---- + history_size = DEFAULT_HISTORY_INITIAL_SIZE; + the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *)); +! new_length = 1; + } + else +*************** +*** 326,330 **** + xrealloc (the_history, history_size * sizeof (HIST_ENTRY *)); + } +! history_length++; + } + } +--- 323,327 ---- + xrealloc (the_history, history_size * sizeof (HIST_ENTRY *)); + } +! new_length = history_length + 1; + } + } +*************** +*** 332,337 **** + temp = alloc_history_entry ((char *)string, hist_inittime ()); + +! the_history[history_length] = (HIST_ENTRY *)NULL; +! the_history[history_length - 1] = temp; + } + +--- 329,335 ---- + temp = alloc_history_entry ((char *)string, hist_inittime ()); + +! the_history[new_length] = (HIST_ENTRY *)NULL; +! the_history[new_length - 1] = temp; +! history_length = new_length; + } + +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-010 new/bash-4.4-patches/bash44-010 --- old/bash-4.4-patches/bash44-010 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-010 2017-01-20 20:58:51.000000000 +0100 @@ -0,0 +1,49 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-010 + +Bug-Reported-by: Clark Wang <[email protected]> +Bug-Reference-ID: <CADv8-og092RvvUUHy46=BPKChCXw5g=gooqgn0v3f4a3tpl...@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00104.html + +Bug-Description: + +Depending on compiler optimizations and behavior, the `read' builtin may not +save partial input when a timeout occurs. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/builtins/read.def 2016-05-16 14:24:56.000000000 -0400 +--- builtins/read.def 2016-11-25 12:37:56.000000000 -0500 +*************** +*** 182,186 **** + { + register char *varname; +! int size, i, nr, pass_next, saw_escape, eof, opt, retval, code, print_ps2; + int input_is_tty, input_is_pipe, unbuffered_read, skip_ctlesc, skip_ctlnul; + int raw, edit, nchars, silent, have_timeout, ignore_delim, fd, lastsig, t_errno; +--- 182,187 ---- + { + register char *varname; +! int size, nr, pass_next, saw_escape, eof, opt, retval, code, print_ps2; +! volatile int i; + int input_is_tty, input_is_pipe, unbuffered_read, skip_ctlesc, skip_ctlnul; + int raw, edit, nchars, silent, have_timeout, ignore_delim, fd, lastsig, t_errno; + +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-011 new/bash-4.4-patches/bash44-011 --- old/bash-4.4-patches/bash44-011 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-011 2017-01-20 20:59:03.000000000 +0100 @@ -0,0 +1,50 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-011 + +Bug-Reported-by: Russell King <[email protected]> +Bug-Reference-ID: <[email protected]> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2017-01/msg00000.html + +Bug-Description: + +Subshells begun to run command and process substitutions may attempt to +set the terminal's process group to an incorrect value if they receive +a fatal signal. This depends on the behavior of the process that starts +the shell. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/sig.c 2016-02-11 15:02:45.000000000 -0500 +--- sig.c 2017-01-04 09:09:47.000000000 -0500 +*************** +*** 586,590 **** + if (sig == SIGHUP && (interactive || (subshell_environment & (SUBSHELL_COMSUB|SUBSHELL_PROCSUB)))) + hangup_all_jobs (); +! end_job_control (); + #endif /* JOB_CONTROL */ + +--- 571,576 ---- + if (sig == SIGHUP && (interactive || (subshell_environment & (SUBSHELL_COMSUB|SUBSHELL_PROCSUB)))) + hangup_all_jobs (); +! if ((subshell_environment & (SUBSHELL_COMSUB|SUBSHELL_PROCSUB)) == 0) +! end_job_control (); + #endif /* JOB_CONTROL */ + +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/bash-4.4-patches/bash44-012 new/bash-4.4-patches/bash44-012 --- old/bash-4.4-patches/bash44-012 1970-01-01 01:00:00.000000000 +0100 +++ new/bash-4.4-patches/bash44-012 2017-01-27 17:27:11.000000000 +0100 @@ -0,0 +1,161 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.4 +Patch-ID: bash44-012 + +Bug-Reported-by: Clark Wang <[email protected]> +Bug-Reference-ID: <cadv8-ojttpufozxqbjsvy83lfajtqkz5qejgdf6j0vj3vtr...@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00106.html + +Bug-Description: + +When -N is used, the input is not supposed to be split using $IFS, but +leading and trailing IFS whitespace was still removed. + +Patch (apply with `patch -p0'): + +*** ../bash-4.4-patched/subst.c 2017-01-20 14:22:01.000000000 -0500 +--- subst.c 2017-01-25 13:43:22.000000000 -0500 +*************** +*** 2826,2834 **** + /* Parse a single word from STRING, using SEPARATORS to separate fields. + ENDPTR is set to the first character after the word. This is used by +! the `read' builtin. This is never called with SEPARATORS != $IFS; +! it should be simplified. + + XXX - this function is very similar to list_string; they should be + combined - XXX */ + char * + get_word_from_string (stringp, separators, endptr) +--- 2826,2838 ---- + /* Parse a single word from STRING, using SEPARATORS to separate fields. + ENDPTR is set to the first character after the word. This is used by +! the `read' builtin. +! +! This is never called with SEPARATORS != $IFS, and takes advantage of that. + + XXX - this function is very similar to list_string; they should be + combined - XXX */ ++ ++ #define islocalsep(c) (local_cmap[(unsigned char)(c)] != 0) ++ + char * + get_word_from_string (stringp, separators, endptr) +*************** +*** 2838,2841 **** +--- 2842,2846 ---- + char *current_word; + int sindex, sh_style_split, whitesep, xflags; ++ unsigned char local_cmap[UCHAR_MAX+1]; /* really only need single-byte chars here */ + size_t slen; + +*************** +*** 2847,2854 **** + separators[2] == '\n' && + separators[3] == '\0'; +! for (xflags = 0, s = ifs_value; s && *s; s++) + { + if (*s == CTLESC) xflags |= SX_NOCTLESC; + if (*s == CTLNUL) xflags |= SX_NOESCCTLNUL; + } + +--- 2852,2861 ---- + separators[2] == '\n' && + separators[3] == '\0'; +! memset (local_cmap, '\0', sizeof (local_cmap)); +! for (xflags = 0, s = separators; s && *s; s++) + { + if (*s == CTLESC) xflags |= SX_NOCTLESC; + if (*s == CTLNUL) xflags |= SX_NOESCCTLNUL; ++ local_cmap[(unsigned char)*s] = 1; /* local charmap of separators */ + } + +*************** +*** 2857,2864 **** + + /* Remove sequences of whitespace at the beginning of STRING, as +! long as those characters appear in IFS. */ +! if (sh_style_split || !separators || !*separators) + { +! for (; *s && spctabnl (*s) && isifs (*s); s++); + + /* If the string is nothing but whitespace, update it and return. */ +--- 2864,2872 ---- + + /* Remove sequences of whitespace at the beginning of STRING, as +! long as those characters appear in SEPARATORS. This happens if +! SEPARATORS == $' \t\n' or if IFS is unset. */ +! if (sh_style_split || separators == 0) + { +! for (; *s && spctabnl (*s) && islocalsep (*s); s++); + + /* If the string is nothing but whitespace, update it and return. */ +*************** +*** 2879,2885 **** + This obeys the field splitting rules in Posix.2. */ + sindex = 0; +! /* Don't need string length in ADVANCE_CHAR or string_extract_verbatim +! unless multibyte chars are possible. */ +! slen = (MB_CUR_MAX > 1) ? STRLEN (s) : 1; + current_word = string_extract_verbatim (s, slen, &sindex, separators, xflags); + +--- 2887,2893 ---- + This obeys the field splitting rules in Posix.2. */ + sindex = 0; +! /* Don't need string length in ADVANCE_CHAR unless multibyte chars are +! possible, but need it in string_extract_verbatim for bounds checking */ +! slen = STRLEN (s); + current_word = string_extract_verbatim (s, slen, &sindex, separators, xflags); + +*************** +*** 2900,2904 **** + /* Now skip sequences of space, tab, or newline characters if they are + in the list of separators. */ +! while (s[sindex] && spctabnl (s[sindex]) && isifs (s[sindex])) + sindex++; + +--- 2908,2912 ---- + /* Now skip sequences of space, tab, or newline characters if they are + in the list of separators. */ +! while (s[sindex] && spctabnl (s[sindex]) && islocalsep (s[sindex])) + sindex++; + +*************** +*** 2907,2916 **** + delimiter, not a separate delimiter that would result in an empty field. + Look at POSIX.2, 3.6.5, (3)(b). */ +! if (s[sindex] && whitesep && isifs (s[sindex]) && !spctabnl (s[sindex])) + { + sindex++; + /* An IFS character that is not IFS white space, along with any adjacent + IFS white space, shall delimit a field. */ +! while (s[sindex] && spctabnl (s[sindex]) && isifs (s[sindex])) + sindex++; + } +--- 2915,2924 ---- + delimiter, not a separate delimiter that would result in an empty field. + Look at POSIX.2, 3.6.5, (3)(b). */ +! if (s[sindex] && whitesep && islocalsep (s[sindex]) && !spctabnl (s[sindex])) + { + sindex++; + /* An IFS character that is not IFS white space, along with any adjacent + IFS white space, shall delimit a field. */ +! while (s[sindex] && spctabnl (s[sindex]) && islocalsep(s[sindex])) + sindex++; + } +*** ../bash-4.4/patchlevel.h 2016-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2016-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ ++++++ readline-7.0-patches.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/readline-7.0-patches/readline70-001 new/readline-7.0-patches/readline70-001 --- old/readline-7.0-patches/readline70-001 2016-11-16 18:55:19.000000000 +0100 +++ new/readline-7.0-patches/readline70-001 2017-01-30 17:05:07.199013994 +0100 @@ -17,7 +17,7 @@ Patch (apply with `patch -p0'): -*** ../readline-7.0/history.c 2015-12-28 13:50:31.000000000 -0500 +*** history.c 2015-12-28 13:50:31.000000000 -0500 --- history.c 2016-09-30 14:28:40.000000000 -0400 *************** *** 58,61 **** @@ -44,7 +44,7 @@ else history_size = DEFAULT_HISTORY_INITIAL_SIZE; -*** ../readline-7.0/patchlevel 2013-11-15 08:11:11.000000000 -0500 +*** patchlevel 2013-11-15 08:11:11.000000000 -0500 --- patchlevel 2014-03-21 08:28:40.000000000 -0400 *************** *** 1,3 **** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/readline-7.0-patches/readline70-002 new/readline-7.0-patches/readline70-002 --- old/readline-7.0-patches/readline70-002 1970-01-01 01:00:00.000000000 +0100 +++ new/readline-7.0-patches/readline70-002 2017-01-29 19:51:35.000000000 +0100 @@ -0,0 +1,103 @@ + READLINE PATCH REPORT + ===================== + +Readline-Release: 7.0 +Patch-ID: readline70-002 + +Bug-Reported-by: Hong Cho <[email protected]> +Bug-Reference-ID: <[email protected]> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-readline/2016-12/msg00002.html + +Bug-Description: + +There is a race condition in add_history() that can be triggered by a fatal +signal arriving between the time the history length is updated and the time +the history list update is completed. A later attempt to reference an +invalid history entry can cause a crash. + +Patch (apply with `patch -p0'): + +*** ../readline-7.0-patched/history.c 2016-11-11 13:42:49.000000000 -0500 +--- history.c 2016-12-05 10:37:51.000000000 -0500 +*************** +*** 280,283 **** +--- 280,284 ---- + { + HIST_ENTRY *temp; ++ int new_length; + + if (history_stifled && (history_length == history_max_entries)) +*************** +*** 296,306 **** + /* Copy the rest of the entries, moving down one slot. Copy includes + trailing NULL. */ +- #if 0 +- for (i = 0; i < history_length; i++) +- the_history[i] = the_history[i + 1]; +- #else + memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *)); +- #endif + + history_base++; + } +--- 297,303 ---- + /* Copy the rest of the entries, moving down one slot. Copy includes + trailing NULL. */ + memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *)); + ++ new_length = history_length; + history_base++; + } +*************** +*** 316,320 **** + history_size = DEFAULT_HISTORY_INITIAL_SIZE; + the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *)); +! history_length = 1; + } + else +--- 313,317 ---- + history_size = DEFAULT_HISTORY_INITIAL_SIZE; + the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *)); +! new_length = 1; + } + else +*************** +*** 326,330 **** + xrealloc (the_history, history_size * sizeof (HIST_ENTRY *)); + } +! history_length++; + } + } +--- 323,327 ---- + xrealloc (the_history, history_size * sizeof (HIST_ENTRY *)); + } +! new_length = history_length + 1; + } + } +*************** +*** 332,337 **** + temp = alloc_history_entry ((char *)string, hist_inittime ()); + +! the_history[history_length] = (HIST_ENTRY *)NULL; +! the_history[history_length - 1] = temp; + } + +--- 329,335 ---- + temp = alloc_history_entry ((char *)string, hist_inittime ()); + +! the_history[new_length] = (HIST_ENTRY *)NULL; +! the_history[new_length - 1] = temp; +! history_length = new_length; + } + +*** ../readline-7.0/patchlevel 2013-11-15 08:11:11.000000000 -0500 +--- patchlevel 2014-03-21 08:28:40.000000000 -0400 +*************** +*** 1,3 **** + # Do not edit -- exists only for use by patch + +! 1 +--- 1,3 ---- + # Do not edit -- exists only for use by patch + +! 2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/readline-7.0-patches/readline70-003 new/readline-7.0-patches/readline70-003 --- old/readline-7.0-patches/readline70-003 1970-01-01 01:00:00.000000000 +0100 +++ new/readline-7.0-patches/readline70-003 2017-01-29 19:52:18.000000000 +0100 @@ -0,0 +1,40 @@ + READLINE PATCH REPORT + ===================== + +Readline-Release: 7.0 +Patch-ID: readline70-003 + +Bug-Reported-by: Frédéric Brière <[email protected]> +Bug-Reference-ID: <[email protected]> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html + +Bug-Description: + +Readline-7.0 uses pselect(2) to allow readline to handle signals that do not +interrupt read(2), such as SIGALRM, before reading another character. The +signal mask used in the pselect call did not take into account signals the +calling application blocked before calling readline(). + +Patch (apply with `patch -p0'): + +*** ../readline-7.0-patched/input.c 2016-08-30 10:21:47.000000000 -0400 +--- input.c 2017-01-23 10:21:56.000000000 -0500 +*************** +*** 514,517 **** +--- 514,518 ---- + #if defined (HAVE_PSELECT) + sigemptyset (&empty_set); ++ sigprocmask (SIG_BLOCK, (sigset_t *)NULL, &empty_set); + FD_ZERO (&readfds); + FD_SET (fileno (stream), &readfds); +*** ../readline-7.0/patchlevel 2013-11-15 08:11:11.000000000 -0500 +--- patchlevel 2014-03-21 08:28:40.000000000 -0400 +*************** +*** 1,3 **** + # Do not edit -- exists only for use by patch + +! 2 +--- 1,3 ---- + # Do not edit -- exists only for use by patch + +! 3
