Home Explore Help
Sign In
n4dir
/
dragora
forked from dragora/dragora
Watch 1
Star 0
Fork 0
Files
Tree: ded43c75fa
Branches Tags
dragora
/
patches
/
bash
/
bash44-004

bash44-004 2.3 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. 			     BASH PATCH REPORT
    2. 

  2. 			     =================
    3. 

  3. 

  4. Bash-Release:	4.4
    5. 

  5. Patch-ID:	bash44-004
    6. 

  6. 

  7. Bug-Reported-by:	Christian Weisgerber <naddy@mips.inka.de>
    8. 

  8. Bug-Reference-ID:	<20161101160302.GB54856@lorvorc.mips.inka.de>
    9. 

  9. Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00004.html
    10. 

  10. 

  11. Bug-Description:
    12. 

  12. 

  13. There is a race condition that can result in bash referencing freed memory
    14. 

  14. when freeing data associated with the last process substitution.
    15. 

  15. 

  16. Patch (apply with `patch -p0'):
    17. 

  17. 

  18. *** ../bash-4.4/jobs.c	2016-08-23 16:38:44.000000000 -0400
    19. 

  19. --- jobs.c	2016-11-02 18:24:45.000000000 -0400
    20. 

  20. ***************
    21. 

  21. *** 454,457 ****
    22. 

  22. --- 454,472 ----
    23. 

  23.   }
    24. 

  24.   
    25. 

  25. + void
    26. 

  26. + discard_last_procsub_child ()
    27. 

  27. + {
    28. 

  28. +   PROCESS *disposer;
    29. 

  29. +   sigset_t set, oset;
    30. 

  30. + 
    31. 

  31. +   BLOCK_CHILD (set, oset);
    32. 

  32. +   disposer = last_procsub_child;
    33. 

  33. +   last_procsub_child = (PROCESS *)NULL;
    34. 

  34. +   UNBLOCK_CHILD (oset);
    35. 

  35. + 
    36. 

  36. +   if (disposer)
    37. 

  37. +     discard_pipeline (disposer);
    38. 

  38. + }
    39. 

  39. + 
    40. 

  40.   struct pipeline_saver *
    41. 

  41.   alloc_pipeline_saver ()
    42. 

  42. *** ../bash-4.4/jobs.h	2016-04-27 10:35:51.000000000 -0400
    43. 

  43. --- jobs.h	2016-11-02 18:25:08.000000000 -0400
    44. 

  44. ***************
    45. 

  45. *** 191,194 ****
    46. 

  46. --- 191,195 ----
    47. 

  47.   extern void stop_making_children __P((void));
    48. 

  48.   extern void cleanup_the_pipeline __P((void));
    49. 

  49. + extern void discard_last_procsub_child __P((void));
    50. 

  50.   extern void save_pipeline __P((int));
    51. 

  51.   extern PROCESS *restore_pipeline __P((int));
    52. 

  52. *** ../bash-4.4/subst.c	2016-08-30 16:46:38.000000000 -0400
    53. 

  53. --- subst.c	2016-11-02 18:23:24.000000000 -0400
    54. 

  54. ***************
    55. 

  55. *** 5809,5816 ****
    56. 

  56.   #if defined (JOB_CONTROL)
    57. 

  57.         if (last_procsub_child)
    58. 

  58. ! 	{
    59. 

  59. ! 	  discard_pipeline (last_procsub_child);
    60. 

  60. ! 	  last_procsub_child = (PROCESS *)NULL;
    61. 

  61. ! 	}
    62. 

  62.         last_procsub_child = restore_pipeline (0);
    63. 

  63.   #endif
    64. 

  64. --- 5834,5838 ----
    65. 

  65.   #if defined (JOB_CONTROL)
    66. 

  66.         if (last_procsub_child)
    67. 

  67. ! 	discard_last_procsub_child ();
    68. 

  68.         last_procsub_child = restore_pipeline (0);
    69. 

  69.   #endif
    70. 

  70. *** ../bash-4.4/patchlevel.h	2016-06-22 14:51:03.000000000 -0400
    71. 

  71. --- patchlevel.h	2016-10-01 11:01:28.000000000 -0400
    72. 

  72. ***************
    73. 

  73. *** 26,30 ****
    74. 

  74.      looks for to find the patch level (for the sccs version string). */
    75. 

  75.   
    76. 

  76. ! #define PATCHLEVEL 3
    77. 

  77.   
    78. 

  78.   #endif /* _PATCHLEVEL_H_ */
    79. 

  79. --- 26,30 ----
    80. 

  80.      looks for to find the patch level (for the sccs version string). */
    81. 

  81.   
    82. 

  82. ! #define PATCHLEVEL 4
    83. 

  83.   
    84. 

  84.   #endif /* _PATCHLEVEL_H_ */
    85. 

  85.