1 			     BASH PATCH REPORT

     2 			     =================

     3 

     4 Bash-Release:	4.4

     5 Patch-ID:	bash44-008

     6 

     7 Bug-Reported-by:	Koichi MURASE <[email protected]>

     8 Bug-Reference-ID:	<CAFLRLk-V+1AeQ2k=pY7ih6V+MfQ_w8EF3YWL2E+wmLfgKBtzXA@mail.gmail.com>

     9 Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00050.html

    10 

    11 Bug-Description:

    12 

    13 Under certain circumstances, bash will evaluate arithmetic expressions as

    14 part of reading an expression token even when evaluation is suppressed. This

    15 happens while evaluating a conditional expression and skipping over the

    16 failed branch of the expression.

    17 

    18 Patch (apply with `patch -p0'):

    19 

    20 *** ../bash-4.4-patched/expr.c	2015-10-11 14:46:36.000000000 -0400

    21 --- expr.c	2016-11-08 11:55:46.000000000 -0500

    22 ***************

    23 *** 579,585 ****

    24     if (curtok == QUES)		/* found conditional expr */

    25       {

    26 -       readtok ();

    27 -       if (curtok == 0 || curtok == COL)

    28 - 	evalerror (_("expression expected"));

    29         if (cval == 0)

    30   	{

    31 --- 579,582 ----

    32 ***************

    33 *** 588,591 ****

    34 --- 585,592 ----

    35   	}

    36   

    37 +       readtok ();

    38 +       if (curtok == 0 || curtok == COL)

    39 + 	evalerror (_("expression expected"));

    40 + 

    41         val1 = EXP_HIGHEST ();

    42   

    43 ***************

    44 *** 594,600 ****

    45         if (curtok != COL)

    46   	evalerror (_("`:' expected for conditional expression"));

    47 !       readtok ();

    48 !       if (curtok == 0)

    49 ! 	evalerror (_("expression expected"));

    50         set_noeval = 0;

    51         if (cval)

    52 --- 595,599 ----

    53         if (curtok != COL)

    54   	evalerror (_("`:' expected for conditional expression"));

    55 ! 

    56         set_noeval = 0;

    57         if (cval)

    58 ***************

    59 *** 604,608 ****

    60 --- 603,611 ----

    61    	}

    62   

    63 +       readtok ();

    64 +       if (curtok == 0)

    65 + 	evalerror (_("expression expected"));

    66         val2 = expcond ();

    67 + 

    68         if (set_noeval)

    69   	noeval--;

    70 *** ../bash-4.4/patchlevel.h	2016-06-22 14:51:03.000000000 -0400

    71 --- patchlevel.h	2016-10-01 11:01:28.000000000 -0400

    72 ***************

    73 *** 26,30 ****

    74      looks for to find the patch level (for the sccs version string). */

    75   

    76 ! #define PATCHLEVEL 7

    77   

    78   #endif /* _PATCHLEVEL_H_ */

    79 --- 26,30 ----

    80      looks for to find the patch level (for the sccs version string). */

    81   

    82 ! #define PATCHLEVEL 8

    83   

    84   #endif /* _PATCHLEVEL_H_ */