--- a/components/bash/patches/bash42-053.patch Mon Feb 29 17:20:30 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,132 +0,0 @@
- BASH PATCH REPORT
- =================
-
-Bash-Release: 4.2
-Patch-ID: bash42-053
-
-Bug-Reported-by: Michal Zalewski <[email protected]>
-Bug-Reference-ID:
-Bug-Reference-URL:
-
-Bug-Description:
-
-A combination of nested command substitutions and function importing from
-the environment can cause bash to execute code appearing in the environment
-variable value following the function definition.
-
-Patch (apply with `patch -p0'):
-
-*** ../bash-4.2.52/builtins/evalstring.c 2014-09-16 19:35:45.000000000 -0400
---- builtins/evalstring.c 2014-10-04 15:00:26.000000000 -0400
-***************
-*** 262,271 ****
- struct fd_bitmap *bitmap;
-
-! if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
- {
-! internal_warning ("%s: ignoring function definition attempt", from_file);
-! should_jump_to_top_level = 0;
-! last_result = last_command_exit_value = EX_BADUSAGE;
-! break;
- }
-
---- 262,284 ----
- struct fd_bitmap *bitmap;
-
-! if (flags & SEVAL_FUNCDEF)
- {
-! char *x;
-!
-! /* If the command parses to something other than a straight
-! function definition, or if we have not consumed the entire
-! string, or if the parser has transformed the function
-! name (as parsing will if it begins or ends with shell
-! whitespace, for example), reject the attempt */
-! if (command->type != cm_function_def ||
-! ((x = parser_remaining_input ()) && *x) ||
-! (STREQ (from_file, command->value.Function_def->name->word) == 0))
-! {
-! internal_warning (_("%s: ignoring function definition attempt"), from_file);
-! should_jump_to_top_level = 0;
-! last_result = last_command_exit_value = EX_BADUSAGE;
-! reset_parser ();
-! break;
-! }
- }
-
-***************
-*** 332,336 ****
-
- if (flags & SEVAL_ONECMD)
-! break;
- }
- }
---- 345,352 ----
-
- if (flags & SEVAL_ONECMD)
-! {
-! reset_parser ();
-! break;
-! }
- }
- }
-*** ../bash-4.2.52/parse.y 2014-09-30 19:24:19.000000000 -0400
---- parse.y 2014-10-04 15:00:26.000000000 -0400
-***************
-*** 2436,2439 ****
---- 2436,2449 ----
- }
-
-+ char *
-+ parser_remaining_input ()
-+ {
-+ if (shell_input_line == 0)
-+ return 0;
-+ if (shell_input_line_index < 0 || shell_input_line_index >= shell_input_line_len)
-+ return '\0'; /* XXX */
-+ return (shell_input_line + shell_input_line_index);
-+ }
-+
- #ifdef INCLUDE_UNUSED
- /* Back the input pointer up by one, effectively `ungetting' a character. */
-***************
-*** 3891,3896 ****
- /* reset_parser clears shell_input_line and associated variables */
- restore_input_line_state (&ls);
-! if (interactive)
-! token_to_read = 0;
-
- /* Need to find how many characters parse_and_execute consumed, update
---- 3901,3906 ----
- /* reset_parser clears shell_input_line and associated variables */
- restore_input_line_state (&ls);
-!
-! token_to_read = 0;
-
- /* Need to find how many characters parse_and_execute consumed, update
-*** ../bash-4.2.52/shell.h 2011-11-21 18:03:32.000000000 -0500
---- shell.h 2014-10-04 15:00:26.000000000 -0400
-***************
-*** 178,181 ****
---- 178,183 ----
-
- /* Let's try declaring these here. */
-+ extern char *parser_remaining_input __P((void));
-+
- extern sh_parser_state_t *save_parser_state __P((sh_parser_state_t *));
- extern void restore_parser_state __P((sh_parser_state_t *));
-*** ../bash-4.2-patched/patchlevel.h Sat Jun 12 20:14:48 2010
---- patchlevel.h Thu Feb 24 21:41:34 2011
-***************
-*** 26,30 ****
- looks for to find the patch level (for the sccs version string). */
-
-! #define PATCHLEVEL 52
-
- #endif /* _PATCHLEVEL_H_ */
---- 26,30 ----
- looks for to find the patch level (for the sccs version string). */
-
-! #define PATCHLEVEL 53
-
- #endif /* _PATCHLEVEL_H_ */