From: Michael Olbrich <m.olbrich@pengutronix.de>
To: Christian Melki <christian.melki@t2data.com>
Cc: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH v2] bash: Version bump. 4.3.30 (+patches-33) -> 5.1.8 (patches-12).
Date: Thu, 6 Jan 2022 08:06:07 +0100 [thread overview]
Message-ID: <20220106070607.GD16404@pengutronix.de> (raw)
In-Reply-To: <20220105135614.4160369-1-christian.melki@t2data.com>
On Wed, Jan 05, 2022 at 02:56:14PM +0100, Christian Melki wrote:
> Upgrade bash to 5.1.8 plus patches to patchlevel 12.
> Roll up patches as in previous series.
>
> Fixes CVE-2019-18276 and CVE-2019-9924 with a new baseline, without patches.
> Fixes loads of bugs in bash.
>
> Update licence file hash, general.c changed a copyright year.
>
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> ---
> .../bash-5.1.8/0001-Bash-5.1-patch-12.patch | 262 ++++++++++++++++++
> patches/bash-5.1.8/series | 1 +
> 2 files changed, 263 insertions(+)
> create mode 100644 patches/bash-5.1.8/0001-Bash-5.1-patch-12.patch
> create mode 100644 patches/bash-5.1.8/series
Hmm, looks like part of the changes got lost here...
Michael
>
> diff --git a/patches/bash-5.1.8/0001-Bash-5.1-patch-12.patch b/patches/bash-5.1.8/0001-Bash-5.1-patch-12.patch
> new file mode 100644
> index 000000000..ef8b6ae7f
> --- /dev/null
> +++ b/patches/bash-5.1.8/0001-Bash-5.1-patch-12.patch
> @@ -0,0 +1,262 @@
> +diff -urN bash-5.1.8.orig/builtins/wait.def bash-5.1.8/builtins/wait.def
> +--- bash-5.1.8.orig/builtins/wait.def 2021-12-21 12:57:08.083139502 +0100
> ++++ bash-5.1.8/builtins/wait.def 2021-12-21 12:58:24.304849937 +0100
> +@@ -111,7 +111,8 @@
> + wait_builtin (list)
> + WORD_LIST *list;
> + {
> +- int status, code, opt, nflag, wflags;
> ++ int status, code, opt, nflag;
> ++ volatile int wflags;
> + char *vname;
> + SHELL_VAR *pidvar;
> + struct procstat pstat;
> +@@ -180,6 +181,8 @@
> + last_command_exit_signal = wait_signal_received;
> + status = 128 + wait_signal_received;
> + wait_sigint_cleanup ();
> ++ if (wflags & JWAIT_WAITING)
> ++ unset_waitlist ();
> + WAIT_RETURN (status);
> + }
> +
> +diff -urN bash-5.1.8.orig/command.h bash-5.1.8/command.h
> +--- bash-5.1.8.orig/command.h 2021-12-21 12:57:08.099139862 +0100
> ++++ bash-5.1.8/command.h 2021-12-21 12:58:27.760927380 +0100
> +@@ -124,6 +124,7 @@
> + #define SUBSHELL_PROCSUB 0x20 /* subshell caused by <(command) or >(command) */
> + #define SUBSHELL_COPROC 0x40 /* subshell from a coproc pipeline */
> + #define SUBSHELL_RESETTRAP 0x80 /* subshell needs to reset trap strings on first call to trap */
> ++#define SUBSHELL_IGNTRAP 0x100 /* subshell should reset trapped signals from trap_handler */
> +
> + /* A structure which represents a word. */
> + typedef struct word_desc {
> +diff -urN bash-5.1.8.orig/execute_cmd.c bash-5.1.8/execute_cmd.c
> +--- bash-5.1.8.orig/execute_cmd.c 2021-12-21 12:57:08.091139683 +0100
> ++++ bash-5.1.8/execute_cmd.c 2021-12-21 12:58:27.764927470 +0100
> +@@ -1547,6 +1547,9 @@
> + clear_pending_traps ();
> + reset_signal_handlers ();
> + subshell_environment |= SUBSHELL_RESETTRAP;
> ++ /* Note that signal handlers have been reset, so we should no longer
> ++ reset the handler and resend trapped signals to ourselves. */
> ++ subshell_environment &= ~SUBSHELL_IGNTRAP;
> +
> + /* We are in a subshell, so forget that we are running a trap handler or
> + that the signal handler has changed (we haven't changed it!) */
> +@@ -4320,7 +4323,8 @@
> + already_forked = 1;
> + cmdflags |= CMD_NO_FORK;
> +
> +- subshell_environment = SUBSHELL_FORK; /* XXX */
> ++ /* We redo some of what make_child() does with SUBSHELL_IGNTRAP */
> ++ subshell_environment = SUBSHELL_FORK|SUBSHELL_IGNTRAP; /* XXX */
> + if (pipe_in != NO_PIPE || pipe_out != NO_PIPE)
> + subshell_environment |= SUBSHELL_PIPE;
> + if (async)
> +@@ -4574,6 +4578,7 @@
> + trap strings if we run trap to change a signal disposition. */
> + reset_signal_handlers ();
> + subshell_environment |= SUBSHELL_RESETTRAP;
> ++ subshell_environment &= ~SUBSHELL_IGNTRAP;
> +
> + if (async)
> + {
> +@@ -5514,6 +5519,7 @@
> + reset_terminating_signals (); /* XXX */
> + /* Cancel traps, in trap.c. */
> + restore_original_signals ();
> ++ subshell_environment &= ~SUBSHELL_IGNTRAP;
> +
> + #if defined (JOB_CONTROL)
> + FREE (p);
> +diff -urN bash-5.1.8.orig/jobs.c bash-5.1.8/jobs.c
> +--- bash-5.1.8.orig/jobs.c 2021-12-21 12:57:08.091139683 +0100
> ++++ bash-5.1.8/jobs.c 2021-12-21 12:58:27.764927470 +0100
> +@@ -2217,6 +2217,8 @@
> + signals to the default state for a new process. */
> + pid_t mypid;
> +
> ++ subshell_environment |= SUBSHELL_IGNTRAP;
> ++
> + /* If this ends up being changed to modify or use `command' in the
> + child process, go back and change callers who free `command' in
> + the child process when this returns. */
> +diff -urN bash-5.1.8.orig/lib/malloc/malloc.c bash-5.1.8/lib/malloc/malloc.c
> +--- bash-5.1.8.orig/lib/malloc/malloc.c 2021-12-21 12:57:08.095139773 +0100
> ++++ bash-5.1.8/lib/malloc/malloc.c 2021-12-21 12:58:22.200802784 +0100
> +@@ -1286,13 +1286,12 @@
> + p = (union mhead *) ap - 1;
> + }
> +
> +- /* XXX - should we return 0 if ISFREE? */
> +- maxbytes = binsize(p->mh_index);
> +-
> +- /* So the usable size is the maximum number of bytes in the bin less the
> +- malloc overhead */
> +- maxbytes -= MOVERHEAD + MSLOP;
> +- return (maxbytes);
> ++ /* return 0 if ISFREE */
> ++ if (p->mh_alloc == ISFREE)
> ++ return 0;
> ++
> ++ /* Since we use bounds checking, the usable size is the last requested size. */
> ++ return (p->mh_nbytes);
> + }
> +
> + #if !defined (NO_VALLOC)
> +diff -urN bash-5.1.8.orig/nojobs.c bash-5.1.8/nojobs.c
> +--- bash-5.1.8.orig/nojobs.c 2021-12-21 12:57:08.091139683 +0100
> ++++ bash-5.1.8/nojobs.c 2021-12-21 12:58:27.764927470 +0100
> +@@ -575,6 +575,8 @@
> + last_asynchronous_pid = getpid ();
> + #endif
> +
> ++ subshell_environment |= SUBSHELL_IGNTRAP;
> ++
> + default_tty_job_signals ();
> + }
> + else
> +diff -urN bash-5.1.8.orig/parse.y bash-5.1.8/parse.y
> +--- bash-5.1.8.orig/parse.y 2021-12-21 12:57:08.099139862 +0100
> ++++ bash-5.1.8/parse.y 2021-12-21 12:58:26.112890455 +0100
> +@@ -6493,10 +6493,8 @@
> + old_expand_aliases = expand_aliases;
> +
> + push_stream (1);
> +-#if 0 /* TAG: bash-5.2 Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> 11/17/2020 */
> + if (ea = expanding_alias ())
> + parser_save_alias ();
> +-#endif
> + last_read_token = WORD; /* WORD to allow reserved words here */
> + current_command_line_count = 0;
> + echo_input_at_read = expand_aliases = 0;
> +@@ -6531,10 +6529,8 @@
> + last_read_token = '\n';
> + pop_stream ();
> +
> +-#if 0 /* TAG: bash-5.2 */
> + if (ea)
> + parser_restore_alias ();
> +-#endif
> +
> + #if defined (HISTORY)
> + remember_on_history = old_remember_on_history;
> +diff -urN bash-5.1.8.orig/patchlevel.h bash-5.1.8/patchlevel.h
> +--- bash-5.1.8.orig/patchlevel.h 2021-12-21 12:57:08.075139321 +0100
> ++++ bash-5.1.8/patchlevel.h 2021-12-21 12:58:27.764927470 +0100
> +@@ -25,6 +25,6 @@
> + regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
> + looks for to find the patch level (for the sccs version string). */
> +
> +-#define PATCHLEVEL 8
> ++#define PATCHLEVEL 12
> +
> + #endif /* _PATCHLEVEL_H_ */
> +diff -urN bash-5.1.8.orig/sig.c bash-5.1.8/sig.c
> +--- bash-5.1.8.orig/sig.c 2021-12-21 12:57:08.071139231 +0100
> ++++ bash-5.1.8/sig.c 2021-12-21 12:58:27.764927470 +0100
> +@@ -55,7 +55,8 @@
> + # include "bashhist.h"
> + #endif
> +
> +-extern void initialize_siglist ();
> ++extern void initialize_siglist PARAMS((void));
> ++extern void set_original_signal PARAMS((int, SigHandler *));
> +
> + #if !defined (JOB_CONTROL)
> + extern void initialize_job_signals PARAMS((void));
> +@@ -255,6 +256,13 @@
> + sigaction (XSIG (i), &act, &oact);
> + XHANDLER(i) = oact.sa_handler;
> + XSAFLAGS(i) = oact.sa_flags;
> ++
> ++#if 0
> ++ set_original_signal (XSIG(i), XHANDLER(i)); /* optimization */
> ++#else
> ++ set_original_signal (XSIG(i), act.sa_handler); /* optimization */
> ++#endif
> ++
> + /* Don't do anything with signals that are ignored at shell entry
> + if the shell is not interactive. */
> + /* XXX - should we do this for interactive shells, too? */
> +diff -urN bash-5.1.8.orig/subst.c bash-5.1.8/subst.c
> +--- bash-5.1.8.orig/subst.c 2021-12-21 12:57:08.099139862 +0100
> ++++ bash-5.1.8/subst.c 2021-12-21 12:58:27.764927470 +0100
> +@@ -5951,6 +5951,7 @@
> + free_pushed_string_input ();
> + /* Cancel traps, in trap.c. */
> + restore_original_signals (); /* XXX - what about special builtins? bash-4.2 */
> ++ subshell_environment &= ~SUBSHELL_IGNTRAP;
> + QUIT; /* catch any interrupts we got post-fork */
> + setup_async_signals ();
> + #if 0
> +@@ -6382,6 +6383,7 @@
> + }
> + QUIT; /* catch any interrupts we got post-fork */
> + subshell_environment |= SUBSHELL_RESETTRAP;
> ++ subshell_environment &= ~SUBSHELL_IGNTRAP;
> + }
> +
> + #if defined (JOB_CONTROL)
> +diff -urN bash-5.1.8.orig/trap.c bash-5.1.8/trap.c
> +--- bash-5.1.8.orig/trap.c 2021-12-21 12:57:08.083139502 +0100
> ++++ bash-5.1.8/trap.c 2021-12-21 12:58:27.764927470 +0100
> +@@ -481,6 +481,32 @@
> + SIGRETURN (0);
> + }
> +
> ++ /* This means we're in a subshell, but have not yet reset the handler for
> ++ trapped signals. We're not supposed to execute the trap in this situation;
> ++ we should restore the original signal and resend the signal to ourselves
> ++ to preserve the Posix "signal traps that are not being ignored shall be
> ++ set to the default action" semantics. */
> ++ if ((subshell_environment & SUBSHELL_IGNTRAP) && trap_list[sig] != (char *)IGNORE_SIG)
> ++ {
> ++ sigset_t mask;
> ++
> ++ /* Paranoia */
> ++ if (original_signals[sig] == IMPOSSIBLE_TRAP_HANDLER)
> ++ original_signals[sig] = SIG_DFL;
> ++
> ++ restore_signal (sig);
> ++
> ++ /* Make sure we let the signal we just caught through */
> ++ sigemptyset (&mask);
> ++ sigprocmask (SIG_SETMASK, (sigset_t *)NULL, &mask);
> ++ sigdelset (&mask, sig);
> ++ sigprocmask (SIG_SETMASK, &mask, (sigset_t *)NULL);
> ++
> ++ kill (getpid (), sig);
> ++
> ++ SIGRETURN (0);
> ++ }
> ++
> + if ((sig >= NSIG) ||
> + (trap_list[sig] == (char *)DEFAULT_SIG) ||
> + (trap_list[sig] == (char *)IGNORE_SIG))
> +diff -urN bash-5.1.8.orig/y.tab.c bash-5.1.8/y.tab.c
> +--- bash-5.1.8.orig/y.tab.c 2021-12-21 12:57:08.075139321 +0100
> ++++ bash-5.1.8/y.tab.c 2021-12-21 12:58:26.116890545 +0100
> +@@ -8787,10 +8787,8 @@
> + old_expand_aliases = expand_aliases;
> +
> + push_stream (1);
> +-#if 0 /* TAG: bash-5.2 Alex fxmbsw7 Ratchev <fxmbsw7@gmail.com> 11/17/2020 */
> + if (ea = expanding_alias ())
> + parser_save_alias ();
> +-#endif
> + last_read_token = WORD; /* WORD to allow reserved words here */
> + current_command_line_count = 0;
> + echo_input_at_read = expand_aliases = 0;
> +@@ -8825,10 +8823,8 @@
> + last_read_token = '\n';
> + pop_stream ();
> +
> +-#if 0 /* TAG: bash-5.2 */
> + if (ea)
> + parser_restore_alias ();
> +-#endif
> +
> + #if defined (HISTORY)
> + remember_on_history = old_remember_on_history;
> diff --git a/patches/bash-5.1.8/series b/patches/bash-5.1.8/series
> new file mode 100644
> index 000000000..0e53e492a
> --- /dev/null
> +++ b/patches/bash-5.1.8/series
> @@ -0,0 +1 @@
> +0001-Bash-5.1-patch-12.patch
> --
> 2.30.2
>
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
prev parent reply other threads:[~2022-01-06 7:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-05 13:56 Christian Melki
2022-01-06 7:06 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220106070607.GD16404@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=christian.melki@t2data.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox