summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/bash/bash/CVE-2016-9401.patch
diff options
context:
space:
mode:
authorHongxu Jia <hongxu.jia@windriver.com>2017-08-18 03:31:51 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-08-18 23:46:37 +0100
commit0390b0975e24158755e41060646eb4c4fe367a1e (patch)
tree2f05e26cadc5d267262658a2c60bd2256112efb3 /meta/recipes-extended/bash/bash/CVE-2016-9401.patch
parent0bd2dd08e3daf284a6bb7757651af8d40393aec2 (diff)
downloadpoky-0390b0975e24158755e41060646eb4c4fe367a1e.tar.gz
bash: 4.3.30 -> 4.4
1. Rebase patches: - fix-run-coproc-run-heredoc-run-execscript-run-test-f.patch - test-output.patch 2. Drop backported patches: - CVE-2016-9401.patch - fix-run-intl.patch 3. Add ${PN}-loadable for loadable builtins which is new features in Bash 4.4 4. The 4.4 fixed CVE-2017-5932 and CVE-2016-0634 - https://security-tracker.debian.org/tracker/CVE-2017-5932 - https://security-tracker.debian.org/tracker/CVE-2016-0634 5. The 4.4 installed include header files, fix bash-dev confilicts with lib32-bash-dev ..... $ bitbake lib32-core-image-sato-sdk ... |Error: Transaction check error: file /usr/include/bash/config.h conflicts between attempted installs |of lib32-bash-dev-4.4-r0.x86 and bash-dev-4.4-r0.core2_64 ...... (From OE-Core rev: 4097694b13cd5f0d68987551c3f9af80c87dc6ae) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/bash/bash/CVE-2016-9401.patch')
-rw-r--r--meta/recipes-extended/bash/bash/CVE-2016-9401.patch50
1 files changed, 0 insertions, 50 deletions
diff --git a/meta/recipes-extended/bash/bash/CVE-2016-9401.patch b/meta/recipes-extended/bash/bash/CVE-2016-9401.patch
deleted file mode 100644
index 28c927743c..0000000000
--- a/meta/recipes-extended/bash/bash/CVE-2016-9401.patch
+++ /dev/null
@@ -1,50 +0,0 @@
1From fa741771ed47b30547be63b5b5dbfb51977aca12 Mon Sep 17 00:00:00 2001
2From: Chet Ramey <chet.ramey@case.edu>
3Date: Fri, 20 Jan 2017 11:47:31 -0500
4Subject: [PATCH] Bash-4.4 patch 6
5
6Bug-Reference-URL:
7https://lists.gnu.org/archive/html/bug-bash/2016-11/msg00116.html
8
9Reference to upstream patch:
10https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/bash44-006
11
12Bug-Description:
13Out-of-range negative offsets to popd can cause the shell to crash attempting
14to free an invalid memory block.
15
16Upstream-Status: Backport
17CVE: CVE-2016-9401
18Signed-off-by: Li Zhou <li.zhou@windriver.com>
19---
20 builtins/pushd.def | 7 ++++++-
21 1 file changed, 6 insertions(+), 1 deletion(-)
22
23diff --git a/builtins/pushd.def b/builtins/pushd.def
24index 9c6548f..8a13bae 100644
25--- a/builtins/pushd.def
26+++ b/builtins/pushd.def
27@@ -359,7 +359,7 @@ popd_builtin (list)
28 break;
29 }
30
31- if (which > directory_list_offset || (directory_list_offset == 0 && which == 0))
32+ if (which > directory_list_offset || (which < -directory_list_offset) || (directory_list_offset == 0 && which == 0))
33 {
34 pushd_error (directory_list_offset, which_word ? which_word : "");
35 return (EXECUTION_FAILURE);
36@@ -381,6 +381,11 @@ popd_builtin (list)
37 remove that directory from the list and shift the remainder
38 of the list into place. */
39 i = (direction == '+') ? directory_list_offset - which : which;
40+ if (i < 0 || i > directory_list_offset)
41+ {
42+ pushd_error (directory_list_offset, which_word ? which_word : "");
43+ return (EXECUTION_FAILURE);
44+ }
45 free (pushd_directory_list[i]);
46 directory_list_offset--;
47
48--
491.9.1
50