This repository has been archived by the owner on Sep 18, 2020. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bash: fix CVE-2014-7186 and CVE-2014-7187
Sync up with upstream gentoo, pulling in the final version of the patch for these issues. This is functionally equivalent to 4.2_p51 but upstream hasn't officially announced that version yet it seems.
- Loading branch information
Showing
3 changed files
with
143 additions
and
62 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,140 @@ | ||
*** ../bash-20140912/parse.y 2014-08-26 15:09:42.000000000 -0400 | ||
--- parse.y 2014-09-25 19:16:40.000000000 -0400 | ||
*************** | ||
*** 169,172 **** | ||
--- 169,175 ---- | ||
static int reserved_word_acceptable __P((int)); | ||
static int yylex __P((void)); | ||
+ | ||
+ static void push_heredoc __P((REDIRECT *)); | ||
+ static char *mk_alexpansion __P((char *)); | ||
static int alias_expand_token __P((char *)); | ||
static int time_command_acceptable __P((void)); | ||
*************** | ||
*** 266,270 **** | ||
/* Variables to manage the task of reading here documents, because we need to | ||
defer the reading until after a complete command has been collected. */ | ||
! static REDIRECT *redir_stack[10]; | ||
int need_here_doc; | ||
|
||
--- 269,275 ---- | ||
/* Variables to manage the task of reading here documents, because we need to | ||
defer the reading until after a complete command has been collected. */ | ||
! #define HEREDOC_MAX 16 | ||
! | ||
! static REDIRECT *redir_stack[HEREDOC_MAX]; | ||
int need_here_doc; | ||
|
||
*************** | ||
*** 308,312 **** | ||
index is decremented after a case, select, or for command is parsed. */ | ||
#define MAX_CASE_NEST 128 | ||
! static int word_lineno[MAX_CASE_NEST]; | ||
static int word_top = -1; | ||
|
||
--- 313,317 ---- | ||
index is decremented after a case, select, or for command is parsed. */ | ||
#define MAX_CASE_NEST 128 | ||
! static int word_lineno[MAX_CASE_NEST+1]; | ||
static int word_top = -1; | ||
|
||
*************** | ||
*** 521,525 **** | ||
redir.filename = $2; | ||
$$ = make_redirection (source, r_reading_until, redir, 0); | ||
! redir_stack[need_here_doc++] = $$; | ||
} | ||
| NUMBER LESS_LESS WORD | ||
--- 526,530 ---- | ||
redir.filename = $2; | ||
$$ = make_redirection (source, r_reading_until, redir, 0); | ||
! push_heredoc ($$); | ||
} | ||
| NUMBER LESS_LESS WORD | ||
*************** | ||
*** 528,532 **** | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_reading_until, redir, 0); | ||
! redir_stack[need_here_doc++] = $$; | ||
} | ||
| REDIR_WORD LESS_LESS WORD | ||
--- 533,537 ---- | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_reading_until, redir, 0); | ||
! push_heredoc ($$); | ||
} | ||
| REDIR_WORD LESS_LESS WORD | ||
*************** | ||
*** 535,539 **** | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); | ||
! redir_stack[need_here_doc++] = $$; | ||
} | ||
| LESS_LESS_MINUS WORD | ||
--- 540,544 ---- | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); | ||
! push_heredoc ($$); | ||
} | ||
| LESS_LESS_MINUS WORD | ||
*************** | ||
*** 542,546 **** | ||
redir.filename = $2; | ||
$$ = make_redirection (source, r_deblank_reading_until, redir, 0); | ||
! redir_stack[need_here_doc++] = $$; | ||
} | ||
| NUMBER LESS_LESS_MINUS WORD | ||
--- 547,551 ---- | ||
redir.filename = $2; | ||
$$ = make_redirection (source, r_deblank_reading_until, redir, 0); | ||
! push_heredoc ($$); | ||
} | ||
| NUMBER LESS_LESS_MINUS WORD | ||
*************** | ||
*** 549,553 **** | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_deblank_reading_until, redir, 0); | ||
! redir_stack[need_here_doc++] = $$; | ||
} | ||
| REDIR_WORD LESS_LESS_MINUS WORD | ||
--- 554,558 ---- | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_deblank_reading_until, redir, 0); | ||
! push_heredoc ($$); | ||
} | ||
| REDIR_WORD LESS_LESS_MINUS WORD | ||
*************** | ||
*** 556,560 **** | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); | ||
! redir_stack[need_here_doc++] = $$; | ||
} | ||
| LESS_LESS_LESS WORD | ||
--- 561,565 ---- | ||
redir.filename = $3; | ||
$$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); | ||
! push_heredoc ($$); | ||
} | ||
| LESS_LESS_LESS WORD | ||
*************** | ||
*** 2637,2640 **** | ||
--- 2642,2660 ---- | ||
static int esacs_needed_count; | ||
|
||
+ static void | ||
+ push_heredoc (r) | ||
+ REDIRECT *r; | ||
+ { | ||
+ if (need_here_doc >= HEREDOC_MAX) | ||
+ { | ||
+ last_command_exit_value = EX_BADUSAGE; | ||
+ need_here_doc = 0; | ||
+ report_syntax_error (_("maximum here-document count exceeded")); | ||
+ reset_parser (); | ||
+ exit_shell (last_command_exit_value); | ||
+ } | ||
+ redir_stack[need_here_doc++] = r; | ||
+ } | ||
+ | ||
void | ||
gather_here_documents () |