Hello community, here is the log from the commit of package mksh for openSUSE:Factory checked in at 2014-10-08 22:13:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mksh (Old) and /work/SRC/openSUSE:Factory/.mksh.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mksh" Changes: -------- --- /work/SRC/openSUSE:Factory/mksh/mksh.changes 2014-10-05 20:33:34.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.mksh.new/mksh.changes 2014-10-08 22:14:06.000000000 +0200 @@ -1,0 +2,11 @@ +Tue Oct 7 17:22:15 UTC 2014 - t...@mirbsd.org + +- update to regression bugfix version 50d + - [Goodbox] Fix NULL pointer dereference on “unset x; nameref x” + - [tg] Fix severe regression in field splitting (LP#1378208) + - [tg] Add a warning about not using tainted user input (including + from the environment) in arithmetics, until Stéphane writes it up + nicely +- refresh vendor patch + +------------------------------------------------------------------- Old: ---- mksh-R50c.tgz New: ---- mksh-R50d.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mksh.spec ++++++ --- /var/tmp/diff_new_pack.ykhRCF/_old 2014-10-08 22:14:07.000000000 +0200 +++ /var/tmp/diff_new_pack.ykhRCF/_new 2014-10-08 22:14:07.000000000 +0200 @@ -21,7 +21,7 @@ # Please see OBS home:mirabile/mksh for a package for other distributions. Name: mksh -Version: 50c +Version: 50d Release: 0 Summary: MirBSD Korn Shell License: MirOS and ISC ++++++ mksh-R50c.tgz -> mksh-R50d.tgz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksh/Build.sh new/mksh/Build.sh --- old/mksh/Build.sh 2014-10-03 19:32:57.000000000 +0200 +++ new/mksh/Build.sh 2014-10-07 17:23:02.000000000 +0200 @@ -1,5 +1,5 @@ #!/bin/sh -srcversion='$MirOS: src/bin/mksh/Build.sh,v 1.668 2014/10/03 17:32:07 tg Exp $' +srcversion='$MirOS: src/bin/mksh/Build.sh,v 1.669 2014/10/07 15:22:12 tg Exp $' #- # Copyright (c) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, # 2011, 2012, 2013, 2014 @@ -1784,7 +1784,7 @@ #define EXTERN #define MKSH_INCLUDES_ONLY #include "sh.h" - __RCSID("$MirOS: src/bin/mksh/Build.sh,v 1.668 2014/10/03 17:32:07 tg Exp $"); + __RCSID("$MirOS: src/bin/mksh/Build.sh,v 1.669 2014/10/07 15:22:12 tg Exp $"); int main(void) { printf("Hello, World!\n"); return (isatty(0)); } EOF case $cm in @@ -2316,7 +2316,7 @@ addsrcs USE_PRINTF_BUILTIN printf.c test 1 = "$USE_PRINTF_BUILTIN" && add_cppflags -DMKSH_PRINTF_BUILTIN test 1 = "$HAVE_CAN_VERB" && CFLAGS="$CFLAGS -verbose" -add_cppflags -DMKSH_BUILD_R=503 +add_cppflags -DMKSH_BUILD_R=504 $e $bi$me: Finished configuration testing, now producing output.$ao diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksh/check.t new/mksh/check.t --- old/mksh/check.t 2014-10-03 19:32:59.000000000 +0200 +++ new/mksh/check.t 2014-10-07 17:23:04.000000000 +0200 @@ -1,4 +1,4 @@ -# $MirOS: src/bin/mksh/check.t,v 1.659 2014/10/03 17:32:09 tg Exp $ +# $MirOS: src/bin/mksh/check.t,v 1.661 2014/10/07 15:22:14 tg Exp $ # OpenBSD src/regress/bin/ksh updated: 2013/12/02 20:39:44 #- # Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, @@ -27,7 +27,7 @@ # http://www.freebsd.org/cgi/cvsweb.cgi/src/tools/regression/bin/test/regress.sh?rev=HEAD expected-stdout: - @(#)MIRBSD KSH R50 2014/10/03 + @(#)MIRBSD KSH R50 2014/10/07 description: Check version of shell. stdin: @@ -36,7 +36,7 @@ category: shell:legacy-no --- expected-stdout: - @(#)LEGACY KSH R50 2014/10/03 + @(#)LEGACY KSH R50 2014/10/07 description: Check version of legacy shell. stdin: @@ -3736,12 +3736,18 @@ name: IFS-subst-3 description: Check leading IFS non-whitespace after trim does make a field + but leading IFS whitespace does not, nor empty replacements stdin: showargs() { for i; do echo -n " <$i>"; done; echo; } + showargs 0 ${-+} IFS=: showargs 1 ${-+:foo:bar} + IFS=' ' + showargs 2 ${-+ foo bar} expected-stdout: + <0> <1> <> <foo> <bar> + <2> <foo> <bar> --- name: IFS-subst-4-1 description: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksh/eval.c new/mksh/eval.c --- old/mksh/eval.c 2014-10-03 19:33:01.000000000 +0200 +++ new/mksh/eval.c 2014-10-07 17:23:06.000000000 +0200 @@ -23,7 +23,7 @@ #include "sh.h" -__RCSID("$MirOS: src/bin/mksh/eval.c,v 1.152 2014/10/03 17:32:11 tg Exp $"); +__RCSID("$MirOS: src/bin/mksh/eval.c,v 1.153 2014/10/07 15:22:16 tg Exp $"); /* * string expansion @@ -62,6 +62,7 @@ #define IFS_WORD 0 /* word has chars (or quotes) */ #define IFS_WS 1 /* have seen IFS white-space */ #define IFS_NWS 2 /* have seen IFS non-white-space */ +#define IFS_IWS 3 /* begin of word, ignore IFS WS */ static int varsub(Expand *, const char *, const char *, int *, int *); static int comsub(Expand *, const char *, int); @@ -663,7 +664,7 @@ f |= DOTEMP; /* FALLTHROUGH */ default: - word = IFS_WORD; + word = quote ? IFS_WORD : IFS_IWS; /* Enable tilde expansion */ tilde_ok = 1; f |= DOTILDE; @@ -907,12 +908,12 @@ * IFS_WORD w/WS w/NWS w * IFS_WS -/WS -/NWS - * IFS_NWS -/NWS w/NWS - + * IFS_IWS -/WS w/NWS - * (w means generate a word) - * Note that IFS_NWS/0 generates a word (AT&T ksh - * doesn't do this, but POSIX does). */ - if (word == IFS_WORD || - (word == IFS_NWS && c && !ctype(c, C_IFSWS))) { + if ((word == IFS_WORD) || (c && + (word == IFS_IWS || word == IFS_NWS) && + !ctype(c, C_IFSWS))) { emit_word: *dp++ = '\0'; cp = Xclose(ds, dp); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksh/mksh.1 new/mksh/mksh.1 --- old/mksh/mksh.1 2014-10-03 14:36:28.000000000 +0200 +++ new/mksh/mksh.1 2014-10-07 17:31:02.000000000 +0200 @@ -1,4 +1,4 @@ -.\" $MirOS: src/bin/mksh/mksh.1,v 1.343 2014/10/03 12:35:38 tg Exp $ +.\" $MirOS: src/bin/mksh/mksh.1,v 1.344 2014/10/07 15:30:12 tg Exp $ .\" $OpenBSD: ksh.1,v 1.153 2014/08/17 07:15:41 jmc Exp $ .\"- .\" Copyright © 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, @@ -74,7 +74,7 @@ .\" with -mandoc, it might implement .Mx itself, but we want to .\" use our own definition. And .Dd must come *first*, always. .\" -.Dd $Mdocdate: October 3 2014 $ +.Dd $Mdocdate: October 7 2014 $ .\" .\" Check which macro package we use, and do other -mdoc setup. .\" @@ -2530,6 +2530,12 @@ as numeric arguments to the .Ic test command, and as the value of an assignment to an integer parameter. +.Em Warning : +This also affects implicit conversion to integer, for example as done by the +.Ic let +command. +.Em Never +use unchecked user input, e.g. from the environment, in arithmetics! .Pp Expressions are calculated using signed arithmetic and the .Vt mksh_ari_t diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksh/sh.h new/mksh/sh.h --- old/mksh/sh.h 2014-10-03 19:33:02.000000000 +0200 +++ new/mksh/sh.h 2014-10-07 17:23:07.000000000 +0200 @@ -169,9 +169,9 @@ #endif #ifdef EXTERN -__RCSID("$MirOS: src/bin/mksh/sh.h,v 1.695 2014/10/03 17:32:12 tg Exp $"); +__RCSID("$MirOS: src/bin/mksh/sh.h,v 1.697 2014/10/07 15:22:17 tg Exp $"); #endif -#define MKSH_VERSION "R50 2014/10/03" +#define MKSH_VERSION "R50 2014/10/07" /* arithmetic types: C implementation */ #if !HAVE_CAN_INTTYPES @@ -533,7 +533,7 @@ #define mkssert(e) do { } while (/* CONSTCOND */ 0) #endif -#if (!defined(MKSH_BUILDMAKEFILE4BSD) && !defined(MKSH_BUILDSH)) || (MKSH_BUILD_R != 503) +#if (!defined(MKSH_BUILDMAKEFILE4BSD) && !defined(MKSH_BUILDSH)) || (MKSH_BUILD_R != 504) #error Must run Build.sh to compile this. extern void thiswillneverbedefinedIhope(void); int diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mksh/var.c new/mksh/var.c --- old/mksh/var.c 2014-10-03 19:20:53.000000000 +0200 +++ new/mksh/var.c 2014-10-04 13:48:09.000000000 +0200 @@ -28,7 +28,7 @@ #include <sys/sysctl.h> #endif -__RCSID("$MirOS: src/bin/mksh/var.c,v 1.182 2014/10/03 17:20:03 tg Exp $"); +__RCSID("$MirOS: src/bin/mksh/var.c,v 1.183 2014/10/04 11:47:19 tg Exp $"); /*- * Variables @@ -784,8 +784,9 @@ /* find value if variable already exists */ if ((qval = val) == NULL) { varsearch(e->loc, &vp, tvar, hash(tvar)); - if (vp != NULL) - qval = str_val(vp); + if (vp == NULL) + goto nameref_empty; + qval = str_val(vp); } /* check target value for being a valid variable name */ ccp = skip_varname(qval, false); @@ -803,6 +804,7 @@ case '-': goto nameref_rhs_checked; } + nameref_empty: errorf("%s: %s", var, "empty nameref target"); } len = (*ccp == '[') ? array_ref_len(ccp) : 0; ++++++ mksh-vendor-mkshrc.patch ++++++ --- /var/tmp/diff_new_pack.ykhRCF/_old 2014-10-08 22:14:07.000000000 +0200 +++ /var/tmp/diff_new_pack.ykhRCF/_new 2014-10-08 22:14:07.000000000 +0200 @@ -1,8 +1,6 @@ -Index: mksh/main.c -=================================================================== ---- mksh.orig/main.c -+++ mksh/main.c -@@ -591,6 +591,11 @@ main_init(int argc, const char *argv[], +--- a/main.c 2014-10-03 19:20:17.000000000 +0200 ++++ b/main.c 2014-10-07 18:20:32.529192101 +0200 +@@ -595,6 +595,11 @@ main_init(int argc, const char *argv[], if (Flag(FLOGIN)) include(substitute("$HOME/.profile", 0), 0, NULL, true); if (Flag(FTALKING)) { @@ -14,10 +12,8 @@ cp = substitute(substitute("${ENV:-" MKSHRC_PATH "}", 0), DOTILDE); if (cp[0] != '\0') -Index: mksh/mksh.1 -=================================================================== ---- mksh.orig/mksh.1 -+++ mksh/mksh.1 +--- a/mksh.1 2014-10-07 17:31:02.000000000 +0200 ++++ b/mksh.1 2014-10-07 18:20:32.529192101 +0200 @@ -371,6 +371,11 @@ it is processed; non-existence is silent A privileged shell then drops privileges if neither was the .Fl p -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org