Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Lars Wendler (polynomial-c)" <polynomial-c@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in app-shells/bash/files: bash-4.3-funcdef-import.patch bash-3.1-funcdef-import.patch
Date: Wed, 24 Sep 2014 14:01:59
Message-Id: 20140924140155.DA51B6209@oystercatcher.gentoo.org
1 polynomial-c 14/09/24 14:01:55
2
3 Added: bash-4.3-funcdef-import.patch
4 bash-3.1-funcdef-import.patch
5 Log:
6 Security bump (bug #523592). Fixed environment handling command injection (CVE-2014-6271)
7
8 (Portage version: 2.2.13/cvs/Linux x86_64, signed Manifest commit with key 0x981CA6FC)
9
10 Revision Changes Path
11 1.1 app-shells/bash/files/bash-4.3-funcdef-import.patch
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-shells/bash/files/bash-4.3-funcdef-import.patch?rev=1.1&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-shells/bash/files/bash-4.3-funcdef-import.patch?rev=1.1&content-type=text/plain
15
16 Index: bash-4.3-funcdef-import.patch
17 ===================================================================
18 *** ../bash-4.3-patched/builtins/common.h 2013-07-08 16:54:47.000000000 -0400
19 --- builtins/common.h 2014-09-12 14:25:47.000000000 -0400
20 ***************
21 *** 34,37 ****
22 --- 49,54 ----
23 #define SEVAL_PARSEONLY 0x020
24 #define SEVAL_NOLONGJMP 0x040
25 + #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */
26 + #define SEVAL_ONECMD 0x100 /* only allow a single command */
27
28 /* Flags for describe_command, shared between type.def and command.def */
29 *** ../bash-4.3-patched/builtins/evalstring.c 2014-02-11 09:42:10.000000000 -0500
30 --- builtins/evalstring.c 2014-09-14 14:15:13.000000000 -0400
31 ***************
32 *** 309,312 ****
33 --- 313,324 ----
34 struct fd_bitmap *bitmap;
35
36 + if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
37 + {
38 + internal_warning ("%s: ignoring function definition attempt", from_file);
39 + should_jump_to_top_level = 0;
40 + last_result = last_command_exit_value = EX_BADUSAGE;
41 + break;
42 + }
43 +
44 bitmap = new_fd_bitmap (FD_BITMAP_SIZE);
45 begin_unwind_frame ("pe_dispose");
46 ***************
47 *** 369,372 ****
48 --- 381,387 ----
49 dispose_fd_bitmap (bitmap);
50 discard_unwind_frame ("pe_dispose");
51 +
52 + if (flags & SEVAL_ONECMD)
53 + break;
54 }
55 }
56 *** ../bash-4.3-patched/variables.c 2014-05-15 08:26:50.000000000 -0400
57 --- variables.c 2014-09-14 14:23:35.000000000 -0400
58 ***************
59 *** 359,369 ****
60 strcpy (temp_string + char_index + 1, string);
61
62 ! if (posixly_correct == 0 || legal_identifier (name))
63 ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
64 !
65 ! /* Ancient backwards compatibility. Old versions of bash exported
66 ! functions like name()=() {...} */
67 ! if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
68 ! name[char_index - 2] = '\0';
69
70 if (temp_var = find_function (name))
71 --- 364,372 ----
72 strcpy (temp_string + char_index + 1, string);
73
74 ! /* Don't import function names that are invalid identifiers from the
75 ! environment, though we still allow them to be defined as shell
76 ! variables. */
77 ! if (legal_identifier (name))
78 ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
79
80 if (temp_var = find_function (name))
81 ***************
82 *** 382,389 ****
83 report_error (_("error importing function definition for `%s'"), name);
84 }
85 -
86 - /* ( */
87 - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
88 - name[char_index - 2] = '('; /* ) */
89 }
90 #if defined (ARRAY_VARS)
91 --- 385,388 ----
92 *** ../bash-4.3-patched/subst.c 2014-08-11 11:16:35.000000000 -0400
93 --- subst.c 2014-09-12 15:31:04.000000000 -0400
94 ***************
95 *** 8048,8052 ****
96 goto return0;
97 }
98 ! else if (var = find_variable_last_nameref (temp1))
99 {
100 temp = nameref_cell (var);
101 --- 8118,8124 ----
102 goto return0;
103 }
104 ! else if (var && (invisible_p (var) || var_isset (var) == 0))
105 ! temp = (char *)NULL;
106 ! else if ((var = find_variable_last_nameref (temp1)) && var_isset (var) && invisible_p (var) == 0)
107 {
108 temp = nameref_cell (var);
109
110
111
112
113 1.1 app-shells/bash/files/bash-3.1-funcdef-import.patch
114
115 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-shells/bash/files/bash-3.1-funcdef-import.patch?rev=1.1&view=markup
116 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-shells/bash/files/bash-3.1-funcdef-import.patch?rev=1.1&content-type=text/plain
117
118 Index: bash-3.1-funcdef-import.patch
119 ===================================================================
120 *** ../bash-3.1.17/builtins/common.h 2004-09-09 13:21:08.000000000 -0400
121 --- builtins/common.h 2014-09-16 22:00:02.000000000 -0400
122 ***************
123 *** 34,37 ****
124 --- 34,39 ----
125
126 /* Flags for describe_command, shared between type.def and command.def */
127 + #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */
128 + #define SEVAL_ONECMD 0x100 /* only allow a single command */
129 #define CDESC_ALL 0x001 /* type -a */
130 #define CDESC_SHORTDESC 0x002 /* command -V */
131 *** ../bash-3.1.17/builtins/evalstring.c 2005-10-30 18:28:24.000000000 -0500
132 --- builtins/evalstring.c 2014-09-16 22:00:02.000000000 -0400
133 ***************
134 *** 224,227 ****
135 --- 224,235 ----
136 struct fd_bitmap *bitmap;
137
138 + if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
139 + {
140 + internal_warning ("%s: ignoring function definition attempt", from_file);
141 + should_jump_to_top_level = 0;
142 + last_result = last_command_exit_value = EX_BADUSAGE;
143 + break;
144 + }
145 +
146 bitmap = new_fd_bitmap (FD_BITMAP_SIZE);
147 begin_unwind_frame ("pe_dispose");
148 ***************
149 *** 279,282 ****
150 --- 287,293 ----
151 dispose_fd_bitmap (bitmap);
152 discard_unwind_frame ("pe_dispose");
153 +
154 + if (flags & SEVAL_ONECMD)
155 + break;
156 }
157 }
158 *** ../bash-3.1.17/variables.c 2006-03-10 16:56:29.000000000 -0500
159 --- variables.c 2014-09-16 22:00:02.000000000 -0400
160 ***************
161 *** 311,320 ****
162 strcpy (temp_string + char_index + 1, string);
163
164 ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
165 !
166 ! /* Ancient backwards compatibility. Old versions of bash exported
167 ! functions like name()=() {...} */
168 ! if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
169 ! name[char_index - 2] = '\0';
170
171 if (temp_var = find_function (name))
172 --- 311,318 ----
173 strcpy (temp_string + char_index + 1, string);
174
175 ! /* Don't import function names that are invalid identifiers from the
176 ! environment. */
177 ! if (legal_identifier (name))
178 ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
179
180 if (temp_var = find_function (name))
181 ***************
182 *** 325,332 ****
183 else
184 report_error (_("error importing function definition for `%s'"), name);
185 -
186 - /* ( */
187 - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
188 - name[char_index - 2] = '('; /* ) */
189 }
190 #if defined (ARRAY_VARS)
191 --- 323,326 ----
Report Message
Find on MARC Find on Google Groups