Solaris/dbpware-for-solaris
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bash: update to 4.3.27

Browse Source
This commit is contained in:
Tom G. Christensen 2014-09-28 10:46:10 +02:00
parent 84c620f162
commit ba0960bae8
4 changed files with 229 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bash/build.sh
View File

@ -7,7 +7,7 @@
# Check the following 4 variables before running the script
topdir=bash
real_version=4.3
version=4.3.26
version=4.3.27
pkgver=1
source[0]=ftp://ftp.sunet.se/pub/gnu/bash/$topdir-$real_version.tar.gz
@ -43,7 +43,7 @@ patch[22]=bash43-023.edited
patch[23]=bash43-024.edited
patch[24]=bash43-025.edited
patch[25]=bash43-026.edited
patch[26]=bash-4.2-cve-2014-7169-1.patch
patch[26]=bash43-027.edited
patch[27]=bash-4.2-cve-2014-7169-2.patch
# Global settings
@ -79,6 +79,8 @@ install()
compat bash 3.2.39 1 1
compat bash 4.2.42 1 1
compat bash 4.2.45 1 1
compat bash 4.3.25 1 1
compat bash 4.3.26 1 1
}
reg pack

5
bash/meta/ChangeLog
View File

@ -1,8 +1,11 @@
CHANGELOG
---------
* Sun Sep 28 2014 Tom G. Christensen <swpkg@jupiterrise.com> - 4.3.27-1
- Update to 4.3.27 (replaces a RedHat patch with identical from upstream)
* Sat Sep 27 2014 Tom G. Christensen <swpkg@jupiterrise.com> - 4.3.26-1
- Update to 4.3.26 to fix CVE-2014-7169
- Add patches from RedHat that provides more hardening against ShellShock
- Add patches from RedHat that provides more hardening against Shellshock
and also fixes CVE-2014-7186
* Thu Sep 25 2014 Tom G. Christensen <swpkg@jupiterrise.com> - 4.3.25-1

155
bash/src/bash-4.2-cve-2014-7169-1.patch
View File

@ -1,155 +0,0 @@
--- variables.c 2014-09-25 13:07:59.313209541 +0200
+++ variables.c 2014-09-25 13:15:29.869420719 +0200
@@ -268,7 +268,7 @@
static void propagate_temp_var __P((PTR_T));
static void dispose_temporary_env __P((sh_free_func_t *));
-static inline char *mk_env_string __P((const char *, const char *));
+static inline char *mk_env_string __P((const char *, const char *, int));
static char **make_env_array_from_var_list __P((SHELL_VAR **));
static char **make_var_export_array __P((VAR_CONTEXT *));
static char **make_func_export_array __P((void));
@@ -301,6 +301,14 @@
#endif
}
+/* Prefix and suffix for environment variable names which contain
+ shell functions. */
+#define FUNCDEF_PREFIX "BASH_FUNC_"
+#define FUNCDEF_PREFIX_LEN (strlen (FUNCDEF_PREFIX))
+#define FUNCDEF_SUFFIX "()"
+#define FUNCDEF_SUFFIX_LEN (strlen (FUNCDEF_SUFFIX))
+
+
/* Initialize the shell variables from the current environment.
If PRIVMODE is nonzero, don't import functions from ENV or
parse $SHELLOPTS. */
@@ -338,36 +346,48 @@
/* If exported function, define it now. Don't import functions from
the environment in privileged mode. */
- if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
- {
- string_length = strlen (string);
- temp_string = (char *)xmalloc (3 + string_length + char_index);
+ if (privmode == 0 && read_but_dont_execute == 0
+ && STREQN (FUNCDEF_PREFIX, name, FUNCDEF_PREFIX_LEN)
+ && STREQ (name + char_index - FUNCDEF_SUFFIX_LEN, FUNCDEF_SUFFIX)
+ && STREQN ("() {", string, 4))
+ {
+ size_t name_length
+ = char_index - (FUNCDEF_PREFIX_LEN + FUNCDEF_SUFFIX_LEN);
+ char *temp_name = name + FUNCDEF_PREFIX_LEN;
+ /* Temporarily remove the suffix. */
+ temp_name[name_length] = '\0';
- strcpy (temp_string, name);
- temp_string[char_index] = ' ';
- strcpy (temp_string + char_index + 1, string);
+ string_length = strlen (string);
+ temp_string = (char *)xmalloc (name_length + 1 + string_length + 1);
+ memcpy (temp_string, temp_name, name_length);
+ temp_string[name_length] = ' ';
+ memcpy (temp_string + name_length + 1, string, string_length + 1);
/* Don't import function names that are invalid identifiers from the
environment, though we still allow them to be defined as shell
variables. */
- if (legal_identifier (name))
- parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
+ if (legal_identifier (temp_name))
+ parse_and_execute (temp_string, temp_name,
+ SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
- if (temp_var = find_function (name))
+ if (temp_var = find_function (temp_name))
{
VSETATTR (temp_var, (att_exported|att_imported));
array_needs_making = 1;
}
else
{
if (temp_var = bind_variable (name, string, 0))
{
VSETATTR (temp_var, (att_exported | att_imported | att_invisible));
array_needs_making = 1;
}
last_command_exit_value = 1;
report_error (_("error importing function definition for `%s'"), name);
}
+
+ /* Restore the original suffix. */
+ temp_name[name_length] = FUNCDEF_SUFFIX[0];
}
#if defined (ARRAY_VARS)
# if ARRAY_EXPORT
@@ -2537,7 +2557,7 @@
var->context = variable_context; /* XXX */
INVALIDATE_EXPORTSTR (var);
- var->exportstr = mk_env_string (name, value);
+ var->exportstr = mk_env_string (name, value, 0);
array_needs_making = 1;
@@ -3388,22 +3408,43 @@
/* */
/* **************************************************************** */
+/* Returns the string NAME=VALUE if !FUNCTIONP or if VALUE == NULL (in
+ which case it is treated as empty). Otherwise, decorate NAME with
+ FUNCDEF_PREFIX and FUNCDEF_SUFFIX, and return a string of the form
+ FUNCDEF_PREFIX NAME FUNCDEF_SUFFIX = VALUE (without spaces). */
static inline char *
-mk_env_string (name, value)
+mk_env_string (name, value, functionp)
const char *name, *value;
+ int functionp;
{
- int name_len, value_len;
- char *p;
+ size_t name_len, value_len;
+ char *p, *q;
name_len = strlen (name);
value_len = STRLEN (value);
- p = (char *)xmalloc (2 + name_len + value_len);
- strcpy (p, name);
- p[name_len] = '=';
+ if (functionp && value != NULL)
+ {
+ p = (char *)xmalloc (FUNCDEF_PREFIX_LEN + name_len + FUNCDEF_SUFFIX_LEN
+ + 1 + value_len + 1);
+ q = p;
+ memcpy (q, FUNCDEF_PREFIX, FUNCDEF_PREFIX_LEN);
+ q += FUNCDEF_PREFIX_LEN;
+ memcpy (q, name, name_len);
+ q += name_len;
+ memcpy (q, FUNCDEF_SUFFIX, FUNCDEF_SUFFIX_LEN);
+ q += FUNCDEF_SUFFIX_LEN;
+ }
+ else
+ {
+ p = (char *)xmalloc (name_len + 1 + value_len + 1);
+ memcpy (p, name, name_len);
+ q = p + name_len;
+ }
+ q[0] = '=';
if (value && *value)
- strcpy (p + name_len + 1, value);
+ memcpy (q + 1, value, value_len + 1);
else
- p[name_len + 1] = '\0';
+ q[1] = '\0';
return (p);
}
@@ -3489,7 +3530,7 @@
/* Gee, I'd like to get away with not using savestring() if we're
using the cached exportstr... */
list[list_index] = USE_EXPORTSTR ? savestring (value)
- : mk_env_string (var->name, value);
+ : mk_env_string (var->name, value, function_p (var));
if (USE_EXPORTSTR == 0)
SAVE_EXPORTSTR (var, list[list_index]);

221
bash/src/bash43-027.edited Normal file
View File

@ -0,0 +1,221 @@
BASH PATCH REPORT
=================
Bash-Release: 4.3
Patch-ID: bash43-027
Bug-Reported-by: Florian Weimer <fweimer@redhat.com>
Bug-Reference-ID:
Bug-Reference-URL:
Bug-Description:
This patch changes the encoding bash uses for exported functions to avoid
clashes with shell variables and to avoid depending only on an environment
variable's contents to determine whether or not to interpret it as a shell
function.
Patch (apply with `patch -p0'):
*** ../bash-4.3.26/variables.c 2014-09-25 23:02:18.000000000 -0400
--- variables.c 2014-09-27 20:52:04.000000000 -0400
***************
*** 84,87 ****
--- 84,92 ----
#define ifsname(s) ((s)[0] == 'I' && (s)[1] == 'F' && (s)[2] == 'S' && (s)[3] == '\0')
+ #define BASHFUNC_PREFIX "BASH_FUNC_"
+ #define BASHFUNC_PREFLEN 10 /* == strlen(BASHFUNC_PREFIX */
+ #define BASHFUNC_SUFFIX "%%"
+ #define BASHFUNC_SUFFLEN 2 /* == strlen(BASHFUNC_SUFFIX) */
+
extern char **environ;
***************
*** 280,284 ****
static void dispose_temporary_env __P((sh_free_func_t *));
! static inline char *mk_env_string __P((const char *, const char *));
static char **make_env_array_from_var_list __P((SHELL_VAR **));
static char **make_var_export_array __P((VAR_CONTEXT *));
--- 285,289 ----
static void dispose_temporary_env __P((sh_free_func_t *));
! static inline char *mk_env_string __P((const char *, const char *, int));
static char **make_env_array_from_var_list __P((SHELL_VAR **));
static char **make_var_export_array __P((VAR_CONTEXT *));
***************
*** 350,369 ****
/* If exported function, define it now. Don't import functions from
the environment in privileged mode. */
! if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
{
string_length = strlen (string);
! temp_string = (char *)xmalloc (3 + string_length + char_index);
! strcpy (temp_string, name);
! temp_string[char_index] = ' ';
! strcpy (temp_string + char_index + 1, string);
/* Don't import function names that are invalid identifiers from the
environment, though we still allow them to be defined as shell
variables. */
! if (legal_identifier (name))
! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
! if (temp_var = find_function (name))
{
VSETATTR (temp_var, (att_exported|att_imported));
--- 355,385 ----
/* If exported function, define it now. Don't import functions from
the environment in privileged mode. */
! if (privmode == 0 && read_but_dont_execute == 0 &&
! STREQN (BASHFUNC_PREFIX, name, BASHFUNC_PREFLEN) &&
! STREQ (BASHFUNC_SUFFIX, name + char_index - BASHFUNC_SUFFLEN) &&
! STREQN ("() {", string, 4))
{
+ size_t namelen;
+ char *tname; /* desired imported function name */
+
+ namelen = char_index - BASHFUNC_PREFLEN - BASHFUNC_SUFFLEN;
+
+ tname = name + BASHFUNC_PREFLEN; /* start of func name */
+ tname[namelen] = '\0'; /* now tname == func name */
+
string_length = strlen (string);
! temp_string = (char *)xmalloc (namelen + string_length + 2);
! memcpy (temp_string, tname, namelen);
! temp_string[namelen] = ' ';
! memcpy (temp_string + namelen + 1, string, string_length + 1);
/* Don't import function names that are invalid identifiers from the
environment, though we still allow them to be defined as shell
variables. */
! if (absolute_program (tname) == 0 && (posixly_correct == 0 || legal_identifier (tname)))
! parse_and_execute (temp_string, tname, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
! if (temp_var = find_function (tname))
{
VSETATTR (temp_var, (att_exported|att_imported));
***************
*** 378,383 ****
}
last_command_exit_value = 1;
! report_error (_("error importing function definition for `%s'"), name);
}
}
#if defined (ARRAY_VARS)
--- 394,402 ----
}
last_command_exit_value = 1;
! report_error (_("error importing function definition for `%s'"), tname);
}
+
+ /* Restore original suffix */
+ tname[namelen] = BASHFUNC_SUFFIX[0];
}
#if defined (ARRAY_VARS)
***************
*** 2955,2959 ****
INVALIDATE_EXPORTSTR (var);
! var->exportstr = mk_env_string (name, value);
array_needs_making = 1;
--- 2974,2978 ----
INVALIDATE_EXPORTSTR (var);
! var->exportstr = mk_env_string (name, value, 0);
array_needs_making = 1;
***************
*** 3853,3871 ****
static inline char *
! mk_env_string (name, value)
const char *name, *value;
{
! int name_len, value_len;
! char *p;
name_len = strlen (name);
value_len = STRLEN (value);
! p = (char *)xmalloc (2 + name_len + value_len);
! strcpy (p, name);
! p[name_len] = '=';
if (value && *value)
! strcpy (p + name_len + 1, value);
else
! p[name_len + 1] = '\0';
return (p);
}
--- 3872,3911 ----
static inline char *
! mk_env_string (name, value, isfunc)
const char *name, *value;
+ int isfunc;
{
! size_t name_len, value_len;
! char *p, *q;
name_len = strlen (name);
value_len = STRLEN (value);
!
! /* If we are exporting a shell function, construct the encoded function
! name. */
! if (isfunc && value)
! {
! p = (char *)xmalloc (BASHFUNC_PREFLEN + name_len + BASHFUNC_SUFFLEN + value_len + 2);
! q = p;
! memcpy (q, BASHFUNC_PREFIX, BASHFUNC_PREFLEN);
! q += BASHFUNC_PREFLEN;
! memcpy (q, name, name_len);
! q += name_len;
! memcpy (q, BASHFUNC_SUFFIX, BASHFUNC_SUFFLEN);
! q += BASHFUNC_SUFFLEN;
! }
! else
! {
! p = (char *)xmalloc (2 + name_len + value_len);
! memcpy (p, name, name_len);
! q = p + name_len;
! }
!
! q[0] = '=';
if (value && *value)
! memcpy (q + 1, value, value_len + 1);
else
! q[1] = '\0';
!
return (p);
}
***************
*** 3953,3957 ****
using the cached exportstr... */
list[list_index] = USE_EXPORTSTR ? savestring (value)
! : mk_env_string (var->name, value);
if (USE_EXPORTSTR == 0)
--- 3993,3997 ----
using the cached exportstr... */
list[list_index] = USE_EXPORTSTR ? savestring (value)
! : mk_env_string (var->name, value, function_p (var));
if (USE_EXPORTSTR == 0)
*** patchlevel.h 2012-12-29 10:47:57.000000000 -0500
--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 26
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 27
#endif /* _PATCHLEVEL_H_ */