Arch devs,
I have a script that parses IP and CIDR notation using the following
to capture IPs:
[[ $1 =~ ^([^.]{1,3})[.]([^.]{1,3})[.]([^.]{1,3})[.]([^.]{1,3})$ ]]
# validate 5 elements in BASH_REMATCH array
if [ "${#BASH_REMATCH[@]}" -eq 5 ]; then
...
(yes, I can improve it -- but that's not the point here)
Then to capture CIDR:
[[ $1 =~ ^([^.]{1,3})[.]([^.]{1,3})[.]([^.]{1,3})[.]([^.]{1,3})/(.*)$ ]]
# validate 6 elements in BASH_REMATCH array
if [ "${#BASH_REMATCH[@]}" -eq 6 ]; then
...
This script was used to automatically update ipset lists and save
/etc/ipset.conf. It has worked for years.
Today after update to bash-5.2.037-3-x86_64 I get:
$ ipsa 38.0.0.0/8
/home/david/scr/adm/ipset_add.sh: line 6: [: 0/8: integer expression
expected
/home/david/scr/adm/ipset_add.sh: line 6: [: 0/8: integer expression
expected
valid IP: 38.0.0.0/8
ipset v7.23: Hash is full, cannot add more elements
The problem being for the first time ever, the regex in:
[[ $1 =~ ^([^.]{1,3})[.]([^.]{1,3})[.]([^.]{1,3})[.]([^.]{1,3})$ ]]
parsed the IP as 38 0 0 0/8 (with the "/8") instead of 38 0 0 0 filling
the ipset blocklist completely with sequential 38.x.x.x IPs.
Technically this regex matching is correct as the final character
list [^.] doesn't preclude inclusion of '/', but this is a definite
change from all prior bash versions. Is this the intended result of the
gentoo patches change to the package?
I've since fixed the regex with [^./] as the final list. Are there
any other known changes to regex parsing with the changes to the bash
PKGBUILD and patches?
--
David C. Rankin, J.D.,P.E.
