diff options
Diffstat (limited to 'meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch')
-rw-r--r-- | meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch deleted file mode 100644 index 7226ffb665..0000000000 --- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch +++ /dev/null | |||
@@ -1,77 +0,0 @@ | |||
1 | Fix CVE-2014-6271, aka ShellShock. | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
5 | |||
6 | *** ../bash-3.2.51/builtins/common.h 2006-03-06 09:38:44.000000000 -0500 | ||
7 | --- builtins/common.h 2014-09-16 19:08:02.000000000 -0400 | ||
8 | *************** | ||
9 | *** 34,37 **** | ||
10 | --- 34,39 ---- | ||
11 | |||
12 | /* Flags for describe_command, shared between type.def and command.def */ | ||
13 | + #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ | ||
14 | + #define SEVAL_ONECMD 0x100 /* only allow a single command */ | ||
15 | #define CDESC_ALL 0x001 /* type -a */ | ||
16 | #define CDESC_SHORTDESC 0x002 /* command -V */ | ||
17 | *** ../bash-3.2.51/builtins/evalstring.c 2008-11-15 17:47:04.000000000 -0500 | ||
18 | --- builtins/evalstring.c 2014-09-16 19:08:02.000000000 -0400 | ||
19 | *************** | ||
20 | *** 235,238 **** | ||
21 | --- 235,246 ---- | ||
22 | struct fd_bitmap *bitmap; | ||
23 | |||
24 | + if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) | ||
25 | + { | ||
26 | + internal_warning ("%s: ignoring function definition attempt", from_file); | ||
27 | + should_jump_to_top_level = 0; | ||
28 | + last_result = last_command_exit_value = EX_BADUSAGE; | ||
29 | + break; | ||
30 | + } | ||
31 | + | ||
32 | bitmap = new_fd_bitmap (FD_BITMAP_SIZE); | ||
33 | begin_unwind_frame ("pe_dispose"); | ||
34 | *************** | ||
35 | *** 292,295 **** | ||
36 | --- 300,306 ---- | ||
37 | dispose_fd_bitmap (bitmap); | ||
38 | discard_unwind_frame ("pe_dispose"); | ||
39 | + | ||
40 | + if (flags & SEVAL_ONECMD) | ||
41 | + break; | ||
42 | } | ||
43 | } | ||
44 | *** ../bash-3.2.51/variables.c 2008-11-15 17:15:06.000000000 -0500 | ||
45 | --- variables.c 2014-09-16 19:10:39.000000000 -0400 | ||
46 | *************** | ||
47 | *** 319,328 **** | ||
48 | strcpy (temp_string + char_index + 1, string); | ||
49 | |||
50 | ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); | ||
51 | ! | ||
52 | ! /* Ancient backwards compatibility. Old versions of bash exported | ||
53 | ! functions like name()=() {...} */ | ||
54 | ! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') | ||
55 | ! name[char_index - 2] = '\0'; | ||
56 | |||
57 | if (temp_var = find_function (name)) | ||
58 | --- 319,326 ---- | ||
59 | strcpy (temp_string + char_index + 1, string); | ||
60 | |||
61 | ! /* Don't import function names that are invalid identifiers from the | ||
62 | ! environment. */ | ||
63 | ! if (legal_identifier (name)) | ||
64 | ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); | ||
65 | |||
66 | if (temp_var = find_function (name)) | ||
67 | *************** | ||
68 | *** 333,340 **** | ||
69 | else | ||
70 | report_error (_("error importing function definition for `%s'"), name); | ||
71 | - | ||
72 | - /* ( */ | ||
73 | - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') | ||
74 | - name[char_index - 2] = '('; /* ) */ | ||
75 | } | ||
76 | #if defined (ARRAY_VARS) | ||
77 | --- 331,334 ---- | ||