diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2012-09-26 01:10:42 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:51:55 +0200 |
| commit | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (patch) | |
| tree | b428a16618e36ed864a8d76ea3435e19a452bf90 /source/a/bash/bash-4.2-patches/bash42-033 | |
| parent | 75a4a592e5ccda30715f93563d741b83e0dcf39e (diff) | |
| download | current-9664bee729d487bcc0a0bc35859f8e13d5421c75.tar.gz | |
Slackware 14.0slackware-14.0
Wed Sep 26 01:10:42 UTC 2012
Slackware 14.0 x86_64 stable is released!
We're perfectionists here at Slackware, so this release has been a long
time a-brewing. But we think you'll agree that it was worth the wait.
Slackware 14.0 combines modern components, ease of use, and flexible
configuration... our "KISS" philosophy demands it.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Thanks to everyone who helped make this happen. The Slackware team, the
upstream developers, and (of course) the awesome Slackware user
community.
Have fun! :-)
Diffstat (limited to 'source/a/bash/bash-4.2-patches/bash42-033')
| -rw-r--r-- | source/a/bash/bash-4.2-patches/bash42-033 | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/source/a/bash/bash-4.2-patches/bash42-033 b/source/a/bash/bash-4.2-patches/bash42-033 new file mode 100644 index 00000000..e58d7286 --- /dev/null +++ b/source/a/bash/bash-4.2-patches/bash42-033 @@ -0,0 +1,57 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.2 +Patch-ID: bash42-033 + +Bug-Reported-by: David Leverton <levertond@googlemail.com> +Bug-Reference-ID: <4FCCE737.1060603@googlemail.com> +Bug-Reference-URL: + +Bug-Description: + +Bash uses a static buffer when expanding the /dev/fd prefix for the test +and conditional commands, among other uses, when it should use a dynamic +buffer to avoid buffer overflow. + +Patch (apply with `patch -p0'): + +*** ../bash-4.2-patched/lib/sh/eaccess.c 2011-01-08 20:50:10.000000000 -0500 +--- lib/sh/eaccess.c 2012-06-04 21:06:43.000000000 -0400 +*************** +*** 83,86 **** +--- 83,88 ---- + struct stat *finfo; + { ++ static char *pbuf = 0; ++ + if (*path == '\0') + { +*************** +*** 107,111 **** + On most systems, with the notable exception of linux, this is + effectively a no-op. */ +! char pbuf[32]; + strcpy (pbuf, DEV_FD_PREFIX); + strcat (pbuf, path + 8); +--- 109,113 ---- + On most systems, with the notable exception of linux, this is + effectively a no-op. */ +! pbuf = xrealloc (pbuf, sizeof (DEV_FD_PREFIX) + strlen (path + 8)); + strcpy (pbuf, DEV_FD_PREFIX); + strcat (pbuf, path + 8); +*** ../bash-4.2-patched/patchlevel.h Sat Jun 12 20:14:48 2010 +--- patchlevel.h Thu Feb 24 21:41:34 2011 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 32 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 33 + + #endif /* _PATCHLEVEL_H_ */ |