diff options
Diffstat (limited to 'meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch')
| -rw-r--r-- | meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch | 77 |
1 files changed, 0 insertions, 77 deletions
diff --git a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch b/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch deleted file mode 100644 index 7226ffb665..0000000000 --- a/meta/recipes-extended/bash/bash-3.2.48/cve-2014-6271.patch +++ /dev/null @@ -1,77 +0,0 @@ -Fix CVE-2014-6271, aka ShellShock. - -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -*** ../bash-3.2.51/builtins/common.h 2006-03-06 09:38:44.000000000 -0500 ---- builtins/common.h 2014-09-16 19:08:02.000000000 -0400 -*************** -*** 34,37 **** ---- 34,39 ---- - - /* Flags for describe_command, shared between type.def and command.def */ -+ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ -+ #define SEVAL_ONECMD 0x100 /* only allow a single command */ - #define CDESC_ALL 0x001 /* type -a */ - #define CDESC_SHORTDESC 0x002 /* command -V */ -*** ../bash-3.2.51/builtins/evalstring.c 2008-11-15 17:47:04.000000000 -0500 ---- builtins/evalstring.c 2014-09-16 19:08:02.000000000 -0400 -*************** -*** 235,238 **** ---- 235,246 ---- - struct fd_bitmap *bitmap; - -+ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) -+ { -+ internal_warning ("%s: ignoring function definition attempt", from_file); -+ should_jump_to_top_level = 0; -+ last_result = last_command_exit_value = EX_BADUSAGE; -+ break; -+ } -+ - bitmap = new_fd_bitmap (FD_BITMAP_SIZE); - begin_unwind_frame ("pe_dispose"); -*************** -*** 292,295 **** ---- 300,306 ---- - dispose_fd_bitmap (bitmap); - discard_unwind_frame ("pe_dispose"); -+ -+ if (flags & SEVAL_ONECMD) -+ break; - } - } -*** ../bash-3.2.51/variables.c 2008-11-15 17:15:06.000000000 -0500 ---- variables.c 2014-09-16 19:10:39.000000000 -0400 -*************** -*** 319,328 **** - strcpy (temp_string + char_index + 1, string); - -! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); -! -! /* Ancient backwards compatibility. Old versions of bash exported -! functions like name()=() {...} */ -! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') -! name[char_index - 2] = '\0'; - - if (temp_var = find_function (name)) ---- 319,326 ---- - strcpy (temp_string + char_index + 1, string); - -! /* Don't import function names that are invalid identifiers from the -! environment. */ -! if (legal_identifier (name)) -! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); - - if (temp_var = find_function (name)) -*************** -*** 333,340 **** - else - report_error (_("error importing function definition for `%s'"), name); -- -- /* ( */ -- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') -- name[char_index - 2] = '('; /* ) */ - } - #if defined (ARRAY_VARS) ---- 331,334 ---- |