diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2018-05-25 23:29:36 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-06-01 00:36:01 +0200 |
commit | 39366733c3fe943363566756e2e152c45a1b3cb2 (patch) | |
tree | 228b0735896af90ca78151c9a69aa3efd12c8cae /patches/source/bash/bash-4.3-patches/bash43-035 | |
parent | d31c50870d0bee042ce660e445c9294a59a3a65b (diff) | |
download | current-14.2.tar.gz |
Fri May 25 23:29:36 UTC 201814.2
patches/packages/glibc-zoneinfo-2018e-noarch-2_slack14.2.txz: Rebuilt.
Handle removal of US/Pacific-New timezone. If we see that the machine is
using this, it will be automatically switched to US/Pacific.
Diffstat (limited to 'patches/source/bash/bash-4.3-patches/bash43-035')
-rw-r--r-- | patches/source/bash/bash-4.3-patches/bash43-035 | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/patches/source/bash/bash-4.3-patches/bash43-035 b/patches/source/bash/bash-4.3-patches/bash43-035 new file mode 100644 index 00000000..f18bc602 --- /dev/null +++ b/patches/source/bash/bash-4.3-patches/bash43-035 @@ -0,0 +1,63 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-035 + +Bug-Reported-by: <romerox.adrian@gmail.com> +Bug-Reference-ID: <CABV5r3zhPXmSKUe9uedeGc5YFBM2njJ1iVmY2h5neWdQpDBQug@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00045.html + +Bug-Description: + +A locale with a long name can trigger a buffer overflow and core dump. This +applies on systems that do not have locale_charset in libc, are not using +GNU libiconv, and are not using the libintl that ships with bash in lib/intl. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/lib/sh/unicode.c 2014-01-30 16:47:19.000000000 -0500 +--- lib/sh/unicode.c 2015-05-01 08:58:30.000000000 -0400 +*************** +*** 79,83 **** + if (s) + { +! strcpy (charsetbuf, s+1); + t = strchr (charsetbuf, '@'); + if (t) +--- 79,84 ---- + if (s) + { +! strncpy (charsetbuf, s+1, sizeof (charsetbuf) - 1); +! charsetbuf[sizeof (charsetbuf) - 1] = '\0'; + t = strchr (charsetbuf, '@'); + if (t) +*************** +*** 85,89 **** + return charsetbuf; + } +! strcpy (charsetbuf, locale); + return charsetbuf; + } +--- 86,91 ---- + return charsetbuf; + } +! strncpy (charsetbuf, locale, sizeof (charsetbuf) - 1); +! charsetbuf[sizeof (charsetbuf) - 1] = '\0'; + return charsetbuf; + } +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 34 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 35 + + #endif /* _PATCHLEVEL_H_ */ |