summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app-shells/bash/bash-2.05b_p13.ebuild1
-rw-r--r--app-shells/bash/bash-3.0_p22.ebuild1
-rw-r--r--app-shells/bash/bash-3.1_p23.ebuild1
-rw-r--r--app-shells/bash/bash-3.2_p57.ebuild1
-rw-r--r--app-shells/bash/bash-4.0_p44.ebuild1
-rw-r--r--app-shells/bash/bash-4.1_p17.ebuild1
-rw-r--r--app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch16
-rw-r--r--app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch46
8 files changed, 68 insertions, 0 deletions
diff --git a/app-shells/bash/bash-2.05b_p13.ebuild b/app-shells/bash/bash-2.05b_p13.ebuild
index 7e69f0f1e75e..56d5bcd6c655 100644
--- a/app-shells/bash/bash-2.05b_p13.ebuild
+++ b/app-shells/bash/bash-2.05b_p13.ebuild
@@ -73,6 +73,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-2.05b-parallel-build.patch #41002
epatch "${FILESDIR}"/${PN}-2.05b-jobs.patch
epatch "${FILESDIR}"/${PN}-2.05b-fix-job-warning.patch
+ epatch "${FILESDIR}"/${PN}-3.1-dev-fd-buffer-overflow.patch #431850
epatch_user
}
diff --git a/app-shells/bash/bash-3.0_p22.ebuild b/app-shells/bash/bash-3.0_p22.ebuild
index b8d8fe7284c4..33a50c8c1bed 100644
--- a/app-shells/bash/bash-3.0_p22.ebuild
+++ b/app-shells/bash/bash-3.0_p22.ebuild
@@ -81,6 +81,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-3.0-trap-fg-signals.patch
epatch "${FILESDIR}"/${PN}-3.0-pgrp-pipe-fix.patch #92349
epatch "${FILESDIR}"/${PN}-3.0-strnlen.patch
+ epatch "${FILESDIR}"/${PN}-3.1-dev-fd-buffer-overflow.patch #431850
epatch_user
}
diff --git a/app-shells/bash/bash-3.1_p23.ebuild b/app-shells/bash/bash-3.1_p23.ebuild
index 95ef23b64f9a..d984d0d0575a 100644
--- a/app-shells/bash/bash-3.1_p23.ebuild
+++ b/app-shells/bash/bash-3.1_p23.ebuild
@@ -73,6 +73,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-3.0-trap-fg-signals.patch
epatch "${FILESDIR}"/${PN}-3.1-fix-dash-login-shell.patch #118257
epatch "${FILESDIR}"/${PN}-3.1-dev-fd-test-as-user.patch #131875
+ epatch "${FILESDIR}"/${PN}-3.1-dev-fd-buffer-overflow.patch #431850
epatch_user
}
diff --git a/app-shells/bash/bash-3.2_p57.ebuild b/app-shells/bash/bash-3.2_p57.ebuild
index 1d373c7d321e..511e7b22cdf6 100644
--- a/app-shells/bash/bash-3.2_p57.ebuild
+++ b/app-shells/bash/bash-3.2_p57.ebuild
@@ -75,6 +75,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-3.2-ulimit.patch
epatch "${FILESDIR}"/${PN}-3.0-trap-fg-signals.patch
epatch "${FILESDIR}"/${PN}-3.2-dev-fd-test-as-user.patch #131875
+ epatch "${FILESDIR}"/${PN}-4.2-dev-fd-buffer-overflow.patch #431850
epatch_user
}
diff --git a/app-shells/bash/bash-4.0_p44.ebuild b/app-shells/bash/bash-4.0_p44.ebuild
index 543ea45b6124..2d8a80e01941 100644
--- a/app-shells/bash/bash-4.0_p44.ebuild
+++ b/app-shells/bash/bash-4.0_p44.ebuild
@@ -72,6 +72,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-4.0-ldflags-for-build.patch #211947
epatch "${FILESDIR}"/${PN}-4.0-negative-return.patch
epatch "${FILESDIR}"/${PN}-4.0-parallel-build.patch #267613
+ epatch "${FILESDIR}"/${PN}-4.2-dev-fd-buffer-overflow.patch #431850
sed -i '/\.o: .*shell\.h/s:$: pathnames.h:' Makefile.in #267613
epatch_user
diff --git a/app-shells/bash/bash-4.1_p17.ebuild b/app-shells/bash/bash-4.1_p17.ebuild
index 3bc12cbf36af..ad19cf367709 100644
--- a/app-shells/bash/bash-4.1_p17.ebuild
+++ b/app-shells/bash/bash-4.1_p17.ebuild
@@ -68,6 +68,7 @@ src_prepare() {
epatch "${FILESDIR}"/${PN}-4.1-fbsd-eaccess.patch #303411
sed -i '1i#define NEED_FPURGE_DECL' execute_cmd.c # needs fpurge() decl
epatch "${FILESDIR}"/${PN}-4.1-parallel-build.patch
+ epatch "${FILESDIR}"/${PN}-4.2-dev-fd-buffer-overflow.patch #431850
epatch_user
}
diff --git a/app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch b/app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch
new file mode 100644
index 000000000000..9d08856e5b00
--- /dev/null
+++ b/app-shells/bash/files/bash-3.1-dev-fd-buffer-overflow.patch
@@ -0,0 +1,16 @@
+https://bugs.gentoo.org/431850
+
+this is a backport of the upstream bash42-033 patch for bash 3.1/3.0/2.05
+
+--- a/test.c
++++ b/test.c
+@@ -194,7 +194,8 @@
+ trailing slash. Make sure /dev/fd/xx really uses DEV_FD_PREFIX/xx.
+ On most systems, with the notable exception of linux, this is
+ effectively a no-op. */
+- char pbuf[32];
++ static char *pbuf = 0;
++ pbuf = xrealloc (pbuf, sizeof (DEV_FD_PREFIX) + strlen (path + 8));
+ strcpy (pbuf, DEV_FD_PREFIX);
+ strcat (pbuf, path + 8);
+ return (stat (pbuf, finfo));
diff --git a/app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch b/app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch
new file mode 100644
index 000000000000..bef960ab980c
--- /dev/null
+++ b/app-shells/bash/files/bash-4.2-dev-fd-buffer-overflow.patch
@@ -0,0 +1,46 @@
+https://bugs.gentoo.org/431850
+
+this is a minor tweak to the upstream patch to also apply to bash 4.1/4.0/3.2
+
+ BASH PATCH REPORT
+ =================
+
+Bash-Release: 4.2
+Patch-ID: bash42-033
+
+Bug-Reported-by: David Leverton <levertond@googlemail.com>
+Bug-Reference-ID: <4FCCE737.1060603@googlemail.com>
+Bug-Reference-URL:
+
+Bug-Description:
+
+Bash uses a static buffer when expanding the /dev/fd prefix for the test
+and conditional commands, among other uses, when it should use a dynamic
+buffer to avoid buffer overflow.
+
+Patch (apply with `patch -p0'):
+
+*** ../bash-4.2-patched/lib/sh/eaccess.c 2011-01-08 20:50:10.000000000 -0500
+--- lib/sh/eaccess.c 2012-06-04 21:06:43.000000000 -0400
+***************
+*** 83,86 ****
+--- 83,88 ----
+ struct stat *finfo;
+ {
++ static char *pbuf = 0;
++
+ if (*path == '\0')
+ {
+***************
+*** 107,111 ****
+ On most systems, with the notable exception of linux, this is
+ effectively a no-op. */
+! char pbuf[32];
+ strcpy (pbuf, DEV_FD_PREFIX);
+ strcat (pbuf, path + 8);
+--- 109,113 ----
+ On most systems, with the notable exception of linux, this is
+ effectively a no-op. */
+! pbuf = xrealloc (pbuf, sizeof (DEV_FD_PREFIX) + strlen (path + 8));
+ strcpy (pbuf, DEV_FD_PREFIX);
+ strcat (pbuf, path + 8);