diff --git a/bash.spec b/bash.spec index c872ebe..827c432 100644 --- a/bash.spec +++ b/bash.spec @@ -29,6 +29,9 @@ Patch005: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-005 Patch006: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-006 Patch007: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-007 Patch008: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-008 +Patch009: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-009 +Patch010: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-010 +Patch011: ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-011 # Other patches Patch101: bash-2.02-security.patch @@ -110,6 +113,9 @@ This package contains documentation files for %{name}. %patch006 -p0 -b .006 %patch007 -p0 -b .007 %patch008 -p0 -b .008 +%patch009 -p0 -b .009 +%patch010 -p0 -b .010 +%patch011 -p0 -b .011 # Other patches %patch101 -p1 -b .security @@ -330,6 +336,9 @@ end %doc doc/*.ps doc/*.0 doc/*.html doc/article.txt %changelog +* Mon Apr 14 2014 Ondrej Oprala - 4.3.11-1 +- Patchlevel 11 + * Tue Apr 01 2014 Ondrej Oprala - 4.3.8-1 - Patchlevel 8 diff --git a/bash43-009 b/bash43-009 new file mode 100644 index 0000000..015835c --- /dev/null +++ b/bash43-009 @@ -0,0 +1,64 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-009 + +Bug-Reported-by: Matthias Klose +Bug-Reference-ID: <53346FC8.6090005@debian.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00171.html + +Bug-Description: + +There is a problem with unsigned sign extension when attempting to reallocate +the input line when it is fewer than 3 characters long and there has been a +history expansion. The sign extension causes the shell to not reallocate the +line, which results in a segmentation fault when it writes past the end. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/parse.y 2014-02-11 09:42:10.000000000 -0500 +--- parse.y 2014-03-27 16:33:29.000000000 -0400 +*************** +*** 2425,2429 **** + if (shell_input_line_terminator != EOF) + { +! if (shell_input_line_size < SIZE_MAX && shell_input_line_len > shell_input_line_size - 3) + shell_input_line = (char *)xrealloc (shell_input_line, + 1 + (shell_input_line_size += 2)); +--- 2425,2429 ---- + if (shell_input_line_terminator != EOF) + { +! if (shell_input_line_size < SIZE_MAX-3 && (shell_input_line_len+3 > shell_input_line_size)) + shell_input_line = (char *)xrealloc (shell_input_line, + 1 + (shell_input_line_size += 2)); +*** ../bash-4.3-patched/y.tab.c 2014-03-28 11:17:06.000000000 -0400 +--- y.tab.c 2014-04-07 11:48:31.000000000 -0400 +*************** +*** 4737,4741 **** + if (shell_input_line_terminator != EOF) + { +! if (shell_input_line_size < SIZE_MAX && shell_input_line_len > shell_input_line_size - 3) + shell_input_line = (char *)xrealloc (shell_input_line, + 1 + (shell_input_line_size += 2)); +--- 4737,4741 ---- + if (shell_input_line_terminator != EOF) + { +! if (shell_input_line_size < SIZE_MAX-3 && (shell_input_line_len+3 > shell_input_line_size)) + shell_input_line = (char *)xrealloc (shell_input_line, + 1 + (shell_input_line_size += 2)); +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-010 b/bash43-010 new file mode 100644 index 0000000..835a96e --- /dev/null +++ b/bash43-010 @@ -0,0 +1,157 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-010 + +Bug-Reported-by: Albert Shih +Bug-Reference-ID: Wed, 5 Mar 2014 23:01:40 +0100 +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00028.html + +Bug-Description: + +Patch (apply with `patch -p0'): + +This patch changes the behavior of programmable completion to compensate +for two assumptions made by the bash-completion package. Bash-4.3 changed +to dequote the argument to programmable completion only under certain +circumstances, to make the behavior of compgen more consistent when run +from the command line -- closer to the behavior when run by a shell function +run as part of programmable completion. Bash-completion can pass quoted +arguments to compgen when the original word to be completed was not quoted, +expecting programmable completion to dequote the word before attempting +completion. + +This patch fixes two cases: + +1. An empty string that bash-completion passes to compgen as a quoted null + string (''). + +2. An unquoted word that bash-completion quotes using single quotes or + backslashes before passing it to compgen. + +In these cases, since readline did not detect a quote character in the original +word to be completed, bash-4.3 + +*** ../bash-4.3/externs.h 2014-01-02 14:58:20.000000000 -0500 +--- externs.h 2014-03-13 14:42:57.000000000 -0400 +*************** +*** 325,328 **** +--- 325,329 ---- + extern char *sh_backslash_quote_for_double_quotes __P((char *)); + extern int sh_contains_shell_metas __P((char *)); ++ extern int sh_contains_quotes __P((char *)); + + /* declarations for functions defined in lib/sh/spell.c */ +*** ../bash-4.3/lib/sh/shquote.c 2013-03-31 21:53:32.000000000 -0400 +--- lib/sh/shquote.c 2014-03-13 14:42:57.000000000 -0400 +*************** +*** 312,313 **** +--- 312,327 ---- + return (0); + } ++ ++ int ++ sh_contains_quotes (string) ++ char *string; ++ { ++ char *s; ++ ++ for (s = string; s && *s; s++) ++ { ++ if (*s == '\'' || *s == '"' || *s == '\\') ++ return 1; ++ } ++ return 0; ++ } +*** ../bash-4.3/pcomplete.c 2013-08-26 15:23:45.000000000 -0400 +--- pcomplete.c 2014-03-25 17:23:23.000000000 -0400 +*************** +*** 184,187 **** +--- 184,188 ---- + COMPSPEC *pcomp_curcs; + const char *pcomp_curcmd; ++ const char *pcomp_curtxt; + + #ifdef DEBUG +*************** +*** 754,757 **** +--- 755,784 ---- + dfn = (*rl_filename_dequoting_function) ((char *)text, rl_completion_quote_character); + } ++ /* Intended to solve a mismatched assumption by bash-completion. If ++ the text to be completed is empty, but bash-completion turns it into ++ a quoted string ('') assuming that this code will dequote it before ++ calling readline, do the dequoting. */ ++ else if (iscompgen && iscompleting && ++ pcomp_curtxt && *pcomp_curtxt == 0 && ++ text && (*text == '\'' || *text == '"') && text[1] == text[0] && text[2] == 0 && ++ rl_filename_dequoting_function) ++ dfn = (*rl_filename_dequoting_function) ((char *)text, rl_completion_quote_character); ++ /* Another mismatched assumption by bash-completion. If compgen is being ++ run as part of bash-completion, and the argument to compgen is not ++ the same as the word originally passed to the programmable completion ++ code, dequote the argument if it has quote characters. It's an ++ attempt to detect when bash-completion is quoting its filename ++ argument before calling compgen. */ ++ /* We could check whether gen_shell_function_matches is in the call ++ stack by checking whether the gen-shell-function-matches tag is in ++ the unwind-protect stack, but there's no function to do that yet. ++ We could simply check whether we're executing in a function by ++ checking variable_context, and may end up doing that. */ ++ else if (iscompgen && iscompleting && rl_filename_dequoting_function && ++ pcomp_curtxt && text && ++ STREQ (pcomp_curtxt, text) == 0 && ++ variable_context && ++ sh_contains_quotes (text)) /* guess */ ++ dfn = (*rl_filename_dequoting_function) ((char *)text, rl_completion_quote_character); + else + dfn = savestring (text); +*************** +*** 1523,1527 **** + { + COMPSPEC *cs, *oldcs; +! const char *oldcmd; + STRINGLIST *ret; + +--- 1550,1554 ---- + { + COMPSPEC *cs, *oldcs; +! const char *oldcmd, *oldtxt; + STRINGLIST *ret; + +*************** +*** 1546,1552 **** +--- 1573,1581 ---- + oldcs = pcomp_curcs; + oldcmd = pcomp_curcmd; ++ oldtxt = pcomp_curtxt; + + pcomp_curcs = cs; + pcomp_curcmd = cmd; ++ pcomp_curtxt = word; + + ret = gen_compspec_completions (cs, cmd, word, start, end, foundp); +*************** +*** 1554,1557 **** +--- 1583,1587 ---- + pcomp_curcs = oldcs; + pcomp_curcmd = oldcmd; ++ pcomp_curtxt = oldtxt; + + /* We need to conditionally handle setting *retryp here */ +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/bash43-011 b/bash43-011 new file mode 100644 index 0000000..cdc1572 --- /dev/null +++ b/bash43-011 @@ -0,0 +1,49 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-011 + +Bug-Reported-by: Egmont Koblinger +Bug-Reference-ID: +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-03/msg00153.html + +Bug-Description: + +The signal handling changes to bash and readline (to avoid running any code +in a signal handler context) cause the cursor to be placed on the wrong +line of a multi-line command after a ^C interrupts editing. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/lib/readline/display.c 2013-12-27 13:10:56.000000000 -0500 +--- lib/readline/display.c 2014-03-27 11:52:45.000000000 -0400 +*************** +*** 2678,2682 **** + if (_rl_echoing_p) + { +! _rl_move_vert (_rl_vis_botlin); + _rl_vis_botlin = 0; + fflush (rl_outstream); +--- 2678,2683 ---- + if (_rl_echoing_p) + { +! if (_rl_vis_botlin > 0) /* minor optimization plus bug fix */ +! _rl_move_vert (_rl_vis_botlin); + _rl_vis_botlin = 0; + fflush (rl_outstream); +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */