public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
From: "Mike Frysinger" <vapier@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: app-shells/bash/files/, app-shells/bash/
Date: Tue, 20 Oct 2015 20:35:06 +0000 (UTC)	[thread overview]
Message-ID: <1445373286.d3b9fc42cadf308da7fab21c338cca55aa778ae7.vapier@gentoo> (raw)

commit:     d3b9fc42cadf308da7fab21c338cca55aa778ae7
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Tue Oct 20 20:34:01 2015 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Tue Oct 20 20:34:46 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d3b9fc42

app-shells/bash: backport /dev/fd fix to older versions #431850

 app-shells/bash/bash-2.05b_p13.ebuild              |  1 +
 app-shells/bash/bash-3.0_p22.ebuild                |  1 +
 app-shells/bash/bash-3.1_p23.ebuild                |  1 +
 app-shells/bash/bash-3.2_p57.ebuild                |  1 +
 app-shells/bash/bash-4.0_p44.ebuild                |  1 +
 app-shells/bash/bash-4.1_p17.ebuild                |  1 +
 .../files/bash-3.1-dev-fd-buffer-overflow.patch    | 16 ++++++++
 .../files/bash-4.2-dev-fd-buffer-overflow.patch    | 46 ++++++++++++++++++++++
 8 files changed, 68 insertions(+)

diff --git a/app-shells/bash/bash-2.05b_p13.ebuild b/app-shells/bash/bash-2.05b_p13.ebuild
index 7e69f0f..56d5bcd 100644
--- a/app-shells/bash/bash-2.05b_p13.ebuild
+++ b/app-shells/bash/bash-2.05b_p13.ebuild
@@ -73,6 +73,7 @@ src_prepare() {
 	epatch "${FILESDIR}"/${PN}-2.05b-parallel-build.patch #41002
 	epatch "${FILESDIR}"/${PN}-2.05b-jobs.patch
 	epatch "${FILESDIR}"/${PN}-2.05b-fix-job-warning.patch
+	epatch "${FILESDIR}"/${PN}-3.1-dev-fd-buffer-overflow.patch #431850
 
 	epatch_user
 }

diff --git a/app-shells/bash/bash-3.0_p22.ebuild b/app-shells/bash/bash-3.0_p22.ebuild
index b8d8fe7..33a50c8 100644
--- a/app-shells/bash/bash-3.0_p22.ebuild
+++ b/app-shells/bash/bash-3.0_p22.ebuild
@@ -81,6 +81,7 @@ src_prepare() {
 	epatch "${FILESDIR}"/${PN}-3.0-trap-fg-signals.patch
 	epatch "${FILESDIR}"/${PN}-3.0-pgrp-pipe-fix.patch #92349
 	epatch "${FILESDIR}"/${PN}-3.0-strnlen.patch
+	epatch "${FILESDIR}"/${PN}-3.1-dev-fd-buffer-overflow.patch #431850
 
 	epatch_user
 }

diff --git a/app-shells/bash/bash-3.1_p23.ebuild b/app-shells/bash/bash-3.1_p23.ebuild
index 95ef23b..d984d0d 100644
--- a/app-shells/bash/bash-3.1_p23.ebuild
+++ b/app-shells/bash/bash-3.1_p23.ebuild
@@ -73,6 +73,7 @@ src_prepare() {
 	epatch "${FILESDIR}"/${PN}-3.0-trap-fg-signals.patch
 	epatch "${FILESDIR}"/${PN}-3.1-fix-dash-login-shell.patch #118257
 	epatch "${FILESDIR}"/${PN}-3.1-dev-fd-test-as-user.patch #131875
+	epatch "${FILESDIR}"/${PN}-3.1-dev-fd-buffer-overflow.patch #431850
 
 	epatch_user
 }

diff --git a/app-shells/bash/bash-3.2_p57.ebuild b/app-shells/bash/bash-3.2_p57.ebuild
index 1d373c7..511e7b2 100644
--- a/app-shells/bash/bash-3.2_p57.ebuild
+++ b/app-shells/bash/bash-3.2_p57.ebuild
@@ -75,6 +75,7 @@ src_prepare() {
 	epatch "${FILESDIR}"/${PN}-3.2-ulimit.patch
 	epatch "${FILESDIR}"/${PN}-3.0-trap-fg-signals.patch
 	epatch "${FILESDIR}"/${PN}-3.2-dev-fd-test-as-user.patch #131875
+	epatch "${FILESDIR}"/${PN}-4.2-dev-fd-buffer-overflow.patch #431850
 
 	epatch_user
 }

diff --git a/app-shells/bash/bash-4.0_p44.ebuild b/app-shells/bash/bash-4.0_p44.ebuild
index 543ea45..2d8a80e 100644
--- a/app-shells/bash/bash-4.0_p44.ebuild
+++ b/app-shells/bash/bash-4.0_p44.ebuild
@@ -72,6 +72,7 @@ src_prepare() {
 	epatch "${FILESDIR}"/${PN}-4.0-ldflags-for-build.patch #211947
 	epatch "${FILESDIR}"/${PN}-4.0-negative-return.patch
 	epatch "${FILESDIR}"/${PN}-4.0-parallel-build.patch #267613
+	epatch "${FILESDIR}"/${PN}-4.2-dev-fd-buffer-overflow.patch #431850
 	sed -i '/\.o: .*shell\.h/s:$: pathnames.h:' Makefile.in #267613
 
 	epatch_user

diff --git a/app-shells/bash/bash-4.1_p17.ebuild b/app-shells/bash/bash-4.1_p17.ebuild
index 3bc12cb..ad19cf3 100644
--- a/app-shells/bash/bash-4.1_p17.ebuild
+++ b/app-shells/bash/bash-4.1_p17.ebuild
@@ -68,6 +68,7 @@ src_prepare() {
 	epatch "${FILESDIR}"/${PN}-4.1-fbsd-eaccess.patch #303411
 	sed -i '1i#define NEED_FPURGE_DECL' execute_cmd.c # needs fpurge() decl
 	epatch "${FILESDIR}"/${PN}-4.1-parallel-build.patch
+	epatch "${FILESDIR}"/${PN}-4.2-dev-fd-buffer-overflow.patch #431850
 
 	epatch_user
 }

diff --git a/app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch b/app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch
new file mode 100644
index 0000000..9d08856
--- /dev/null
+++ b/app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch
@@ -0,0 +1,16 @@
+https://bugs.gentoo.org/431850
+
+this is a backport of the upstream bash42-033 patch for bash 3.1/3.0/2.05
+
+--- a/test.c
++++ b/test.c
+@@ -194,7 +194,8 @@
+      trailing slash.  Make sure /dev/fd/xx really uses DEV_FD_PREFIX/xx.
+      On most systems, with the notable exception of linux, this is
+      effectively a no-op. */
+-      char pbuf[32];
++      static char *pbuf = 0;
++      pbuf = xrealloc (pbuf, sizeof (DEV_FD_PREFIX) + strlen (path + 8));
+       strcpy (pbuf, DEV_FD_PREFIX);
+       strcat (pbuf, path + 8);
+       return (stat (pbuf, finfo));

diff --git a/app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch b/app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch
new file mode 100644
index 0000000..bef960a
--- /dev/null
+++ b/app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch
@@ -0,0 +1,46 @@
+https://bugs.gentoo.org/431850
+
+this is a minor tweak to the upstream patch to also apply to bash 4.1/4.0/3.2
+
+			     BASH PATCH REPORT
+			     =================
+
+Bash-Release:	4.2
+Patch-ID:	bash42-033
+
+Bug-Reported-by:	David Leverton <levertond@googlemail.com>
+Bug-Reference-ID:	<4FCCE737.1060603@googlemail.com>
+Bug-Reference-URL:
+
+Bug-Description:
+
+Bash uses a static buffer when expanding the /dev/fd prefix for the test
+and conditional commands, among other uses, when it should use a dynamic
+buffer to avoid buffer overflow.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/lib/sh/eaccess.c	2011-01-08 20:50:10.000000000 -0500
+--- lib/sh/eaccess.c	2012-06-04 21:06:43.000000000 -0400
+***************
+*** 83,86 ****
+--- 83,88 ----
+       struct stat *finfo;
+  {
++   static char *pbuf = 0;
++ 
+    if (*path == '\0')
+      {
+***************
+*** 107,111 ****
+       On most systems, with the notable exception of linux, this is
+       effectively a no-op. */
+!       char pbuf[32];
+        strcpy (pbuf, DEV_FD_PREFIX);
+        strcat (pbuf, path + 8);
+--- 109,113 ----
+       On most systems, with the notable exception of linux, this is
+       effectively a no-op. */
+!       pbuf = xrealloc (pbuf, sizeof (DEV_FD_PREFIX) + strlen (path + 8));
+        strcpy (pbuf, DEV_FD_PREFIX);
+        strcat (pbuf, path + 8);


             reply	other threads:[~2015-10-20 20:35 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-20 20:35 Mike Frysinger [this message]
  -- strict thread matches above, loose matches on Subject: below --
2016-01-26  7:23 [gentoo-commits] repo/gentoo:master commit in: app-shells/bash/files/, app-shells/bash/ Mike Frysinger
2016-09-20 14:59 Lars Wendler
2016-11-10  6:03 Mike Frysinger
2016-11-27  1:45 Mike Frysinger
2019-01-09 17:50 Lars Wendler
2019-01-15  1:05 Thomas Deutschmann
2019-03-08 20:56 Lars Wendler
2019-04-21  9:16 Lars Wendler
2019-08-15 10:50 Lars Wendler
2020-12-07 13:18 Lars Wendler
2021-01-07  0:48 Lars Wendler
2022-06-13 19:38 Sam James
2022-10-08 13:25 Sam James
2023-02-09  4:08 Sam James
2023-06-23  2:32 Sam James
2023-11-11  0:21 Sam James
2023-12-02  4:26 Sam James

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1445373286.d3b9fc42cadf308da7fab21c338cca55aa778ae7.vapier@gentoo \
    --to=vapier@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox