首页 发现 帮助
登录
PUBLIC_REPOS
/
buildroot
镜像自地址 git://git.buildroot.net/buildroot
2
1
派生 0
文件
目录树: 64d3c35d98
分支列表 标签列表
buildroot
/
package
/
bash
/
bash44-009.patch

bash44-009.patch 3.2 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-009
    2. 

  2. 

  3. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
    4. 

  4. 

  5. 			     BASH PATCH REPORT
    6. 

  6. 			     =================
    7. 

  7. 

  8. Bash-Release:	4.4
    9. 

  9. Patch-ID:	bash44-009
    10. 

  10. 

  11. Bug-Reported-by:	Hong Cho <hong.cho@citrix.com>
    12. 

  12. Bug-Reference-ID:	<c30b5fe62b2543af8297e47ca487c29c@SJCPEX02CL02.citrite.net>
    13. 

  13. Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2016-12/msg00043.html
    14. 

  14. 

  15. Bug-Description:
    16. 

  16. 

  17. There is a race condition in add_history() that can be triggered by a fatal
    18. 

  18. signal arriving between the time the history length is updated and the time
    19. 

  19. the history list update is completed. A later attempt to reference an
    20. 

  20. invalid history entry can cause a crash.
    21. 

  21. 

  22. Patch (apply with `patch -p0'):
    23. 

  23. 

  24. *** bash-4.4-patched/lib/readline/history.c	2016-11-11 13:42:49.000000000 -0500
    25. 

  25. --- b/lib/readline/history.c	2016-12-05 10:37:51.000000000 -0500
    26. 

  26. ***************
    27. 

  27. *** 280,283 ****
    28. 

  28. --- b/280,284 ----
    29. 

  29.   {
    30. 

  30.     HIST_ENTRY *temp;
    31. 

  31. +   int new_length;
    32. 

  32.   
    33. 

  33.     if (history_stifled && (history_length == history_max_entries))
    34. 

  34. ***************
    35. 

  35. *** 296,306 ****
    36. 

  36.         /* Copy the rest of the entries, moving down one slot.  Copy includes
    37. 

  37.   	 trailing NULL.  */
    38. 

  38. - #if 0
    39. 

  39. -       for (i = 0; i < history_length; i++)
    40. 

  40. - 	the_history[i] = the_history[i + 1];
    41. 

  41. - #else
    42. 

  42.         memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *));
    43. 

  43. - #endif
    44. 

  44.   
    45. 

  45.         history_base++;
    46. 

  46.       }
    47. 

  47. --- b/297,303 ----
    48. 

  48.         /* Copy the rest of the entries, moving down one slot.  Copy includes
    49. 

  49.   	 trailing NULL.  */
    50. 

  50.         memmove (the_history, the_history + 1, history_length * sizeof (HIST_ENTRY *));
    51. 

  51.   
    52. 

  52. +       new_length = history_length;
    53. 

  53.         history_base++;
    54. 

  54.       }
    55. 

  55. ***************
    56. 

  56. *** 316,320 ****
    57. 

  57.   	    history_size = DEFAULT_HISTORY_INITIAL_SIZE;
    58. 

  58.   	  the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *));
    59. 

  59. ! 	  history_length = 1;
    60. 

  60.   	}
    61. 

  61.         else
    62. 

  62. --- b/313,317 ----
    63. 

  63.   	    history_size = DEFAULT_HISTORY_INITIAL_SIZE;
    64. 

  64.   	  the_history = (HIST_ENTRY **)xmalloc (history_size * sizeof (HIST_ENTRY *));
    65. 

  65. ! 	  new_length = 1;
    66. 

  66.   	}
    67. 

  67.         else
    68. 

  68. ***************
    69. 

  69. *** 326,330 ****
    70. 

  70.   		xrealloc (the_history, history_size * sizeof (HIST_ENTRY *));
    71. 

  71.   	    }
    72. 

  72. ! 	  history_length++;
    73. 

  73.   	}
    74. 

  74.       }
    75. 

  75. --- b/323,327 ----
    76. 

  76.   		xrealloc (the_history, history_size * sizeof (HIST_ENTRY *));
    77. 

  77.   	    }
    78. 

  78. ! 	  new_length = history_length + 1;
    79. 

  79.   	}
    80. 

  80.       }
    81. 

  81. ***************
    82. 

  82. *** 332,337 ****
    83. 

  83.     temp = alloc_history_entry ((char *)string, hist_inittime ());
    84. 

  84.   
    85. 

  85. !   the_history[history_length] = (HIST_ENTRY *)NULL;
    86. 

  86. !   the_history[history_length - 1] = temp;
    87. 

  87.   }
    88. 

  88.   
    89. 

  89. --- b/329,335 ----
    90. 

  90.     temp = alloc_history_entry ((char *)string, hist_inittime ());
    91. 

  91.   
    92. 

  92. !   the_history[new_length] = (HIST_ENTRY *)NULL;
    93. 

  93. !   the_history[new_length - 1] = temp;
    94. 

  94. !   history_length = new_length;
    95. 

  95.   }
    96. 

  96.   
    97. 

  97. *** bash-4.4/patchlevel.h	2016-06-22 14:51:03.000000000 -0400
    98. 

  98. --- b/patchlevel.h	2016-10-01 11:01:28.000000000 -0400
    99. 

  99. ***************
    100. 

  100. *** 26,30 ****
    101. 

  101.      looks for to find the patch level (for the sccs version string). */
    102. 

  102.   
    103. 

  103. ! #define PATCHLEVEL 8
    104. 

  104.   
    105. 

  105.   #endif /* _PATCHLEVEL_H_ */
    106. 

  106. --- b/26,30 ----
    107. 

  107.      looks for to find the patch level (for the sccs version string). */
    108. 

  108.   
    109. 

  109. ! #define PATCHLEVEL 9
    110. 

  110.   
    111. 

  111.   #endif /* _PATCHLEVEL_H_ */
    112.