Bash-4.4 Official Patch 8

Chet Ramey Fri, 20 Jan 2017 12:40:21 -0800

                             BASH PATCH REPORT
                             =================


Bash-Release:   4.4
Patch-ID:       bash44-008

Bug-Reported-by:        Koichi MURASE <myoga.mur...@gmail.com>
Bug-Reference-ID:       
<CAFLRLk-V+1AeQ2k=py7ih6v+mfq_w8ef3ywl2e+wmlfgkbt...@mail.gmail.com>
Bug-Reference-URL:      
http://lists.gnu.org/archive/html/bug-bash/2016-11/msg00050.html

Bug-Description:

Under certain circumstances, bash will evaluate arithmetic expressions as
part of reading an expression token even when evaluation is suppressed. This
happens while evaluating a conditional expression and skipping over the
failed branch of the expression.

Patch (apply with `patch -p0'):

*** ../bash-4.4-patched/expr.c  2015-10-11 14:46:36.000000000 -0400
--- expr.c      2016-11-08 11:55:46.000000000 -0500
***************
*** 579,585 ****
    if (curtok == QUES)         /* found conditional expr */
      {
-       readtok ();
-       if (curtok == 0 || curtok == COL)
-       evalerror (_("expression expected"));
        if (cval == 0)
        {
--- 579,582 ----
***************
*** 588,591 ****
--- 585,592 ----
        }
  
+       readtok ();
+       if (curtok == 0 || curtok == COL)
+       evalerror (_("expression expected"));
+ 
        val1 = EXP_HIGHEST ();
  
***************
*** 594,600 ****
        if (curtok != COL)
        evalerror (_("`:' expected for conditional expression"));
!       readtok ();
!       if (curtok == 0)
!       evalerror (_("expression expected"));
        set_noeval = 0;
        if (cval)
--- 595,599 ----
        if (curtok != COL)
        evalerror (_("`:' expected for conditional expression"));
! 
        set_noeval = 0;
        if (cval)
***************
*** 604,608 ****
--- 603,611 ----
        }
  
+       readtok ();
+       if (curtok == 0)
+       evalerror (_("expression expected"));
        val2 = expcond ();
+ 
        if (set_noeval)
        noeval--;
*** ../bash-4.4/patchlevel.h    2016-06-22 14:51:03.000000000 -0400
--- patchlevel.h        2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 7
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 8
  
  #endif /* _PATCHLEVEL_H_ */

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    c...@case.edu    http://cnswww.cns.cwru.edu/~chet/

Bash-4.4 Official Patch 8

Reply via email to