PUBLIC_REPOS
/
buildroot
réplica de git://git.buildroot.net/buildroot


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318
										     BASH PATCH REPORT
			     =================

Bash-Release:	4.2
Patch-ID:	bash42-003

Bug-Reported-by:	Clark J. Wang <dearvoid@gmail.com>
Bug-Reference-ID:	<AANLkTikZ_rVV-frR8Fh0PzhXnMKnm5XsUR-F3qtPPs5G@mail.gmail.com>
Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2011-02/msg00136.html

Bug-Description:

When using the pattern replacement and pattern removal word expansions, bash
miscalculates the possible match length in the presence of an unescaped left
bracket without a closing right bracket, resulting in a failure to match
the pattern.

Patch (apply with `patch -p0'):

*** ../bash-4.2-patched/lib/glob/gmisc.c	2011-02-05 16:11:17.000000000 -0500
--- ./lib/glob/gmisc.c	2011-02-18 23:53:42.000000000 -0500
***************
*** 78,83 ****
       size_t wmax;
  {
!   wchar_t wc, *wbrack;
!   int matlen, t, in_cclass, in_collsym, in_equiv;
  
    if (*wpat == 0)
--- 78,83 ----
       size_t wmax;
  {
!   wchar_t wc;
!   int matlen, bracklen, t, in_cclass, in_collsym, in_equiv;
  
    if (*wpat == 0)
***************
*** 119,123 ****
  	case L'[':
  	  /* scan for ending `]', skipping over embedded [:...:] */
! 	  wbrack = wpat;
  	  wc = *wpat++;
  	  do
--- 119,123 ----
  	case L'[':
  	  /* scan for ending `]', skipping over embedded [:...:] */
! 	  bracklen = 1;
  	  wc = *wpat++;
  	  do
***************
*** 125,140 ****
  	      if (wc == 0)
  		{
! 	          matlen += wpat - wbrack - 1;	/* incremented below */
! 	          break;
  	        }
  	      else if (wc == L'\\')
  		{
! 		  wc = *wpat++;
! 		  if (*wpat == 0)
! 		    break;
  		}
  	      else if (wc == L'[' && *wpat == L':')	/* character class */
  		{
  		  wpat++;
  		  in_cclass = 1;
  		}
--- 125,148 ----
  	      if (wc == 0)
  		{
! 		  wpat--;			/* back up to NUL */
! 	          matlen += bracklen;
! 	          goto bad_bracket;
  	        }
  	      else if (wc == L'\\')
  		{
! 		  /* *wpat == backslash-escaped character */
! 		  bracklen++;
! 		  /* If the backslash or backslash-escape ends the string,
! 		     bail.  The ++wpat skips over the backslash escape */
! 		  if (*wpat == 0 || *++wpat == 0)
! 		    {
! 		      matlen += bracklen;
! 		      goto bad_bracket;
! 		    }
  		}
  	      else if (wc == L'[' && *wpat == L':')	/* character class */
  		{
  		  wpat++;
+ 		  bracklen++;
  		  in_cclass = 1;
  		}
***************
*** 142,145 ****
--- 150,154 ----
  		{
  		  wpat++;
+ 		  bracklen++;
  		  in_cclass = 0;
  		}
***************
*** 147,152 ****
  		{
  		  wpat++;
  		  if (*wpat == L']')	/* right bracket can appear as collating symbol */
! 		    wpat++;
  		  in_collsym = 1;
  		}
--- 156,165 ----
  		{
  		  wpat++;
+ 		  bracklen++;
  		  if (*wpat == L']')	/* right bracket can appear as collating symbol */
! 		    {
! 		      wpat++;
! 		      bracklen++;
! 		    }
  		  in_collsym = 1;
  		}
***************
*** 154,157 ****
--- 167,171 ----
  		{
  		  wpat++;
+ 		  bracklen++;
  		  in_collsym = 0;
  		}
***************
*** 159,164 ****
  		{
  		  wpat++;
  		  if (*wpat == L']')	/* right bracket can appear as equivalence class */
! 		    wpat++;
  		  in_equiv = 1;
  		}
--- 173,182 ----
  		{
  		  wpat++;
+ 		  bracklen++;
  		  if (*wpat == L']')	/* right bracket can appear as equivalence class */
! 		    {
! 		      wpat++;
! 		      bracklen++;
! 		    }
  		  in_equiv = 1;
  		}
***************
*** 166,174 ****
--- 184,196 ----
  		{
  		  wpat++;
+ 		  bracklen++;
  		  in_equiv = 0;
  		}
+ 	      else
+ 		bracklen++;
  	    }
  	  while ((wc = *wpat++) != L']');
  	  matlen++;		/* bracket expression can only match one char */
+ bad_bracket:
  	  break;
  	}
***************
*** 214,219 ****
       size_t max;
  {
!   char c, *brack;
!   int matlen, t, in_cclass, in_collsym, in_equiv;
  
    if (*pat == 0)
--- 236,241 ----
       size_t max;
  {
!   char c;
!   int matlen, bracklen, t, in_cclass, in_collsym, in_equiv;
  
    if (*pat == 0)
***************
*** 255,259 ****
  	case '[':
  	  /* scan for ending `]', skipping over embedded [:...:] */
! 	  brack = pat;
  	  c = *pat++;
  	  do
--- 277,281 ----
  	case '[':
  	  /* scan for ending `]', skipping over embedded [:...:] */
! 	  bracklen = 1;
  	  c = *pat++;
  	  do
***************
*** 261,276 ****
  	      if (c == 0)
  		{
! 	          matlen += pat - brack - 1;	/* incremented below */
! 	          break;
  	        }
  	      else if (c == '\\')
  		{
! 		  c = *pat++;
! 		  if (*pat == 0)
! 		    break;
  		}
  	      else if (c == '[' && *pat == ':')	/* character class */
  		{
  		  pat++;
  		  in_cclass = 1;
  		}
--- 283,306 ----
  	      if (c == 0)
  		{
! 		  pat--;			/* back up to NUL */
! 		  matlen += bracklen;
! 		  goto bad_bracket;
  	        }
  	      else if (c == '\\')
  		{
! 		  /* *pat == backslash-escaped character */
! 		  bracklen++;
! 		  /* If the backslash or backslash-escape ends the string,
! 		     bail.  The ++pat skips over the backslash escape */
! 		  if (*pat == 0 || *++pat == 0)
! 		    {
! 		      matlen += bracklen;
! 		      goto bad_bracket;
! 		    }
  		}
  	      else if (c == '[' && *pat == ':')	/* character class */
  		{
  		  pat++;
+ 		  bracklen++;
  		  in_cclass = 1;
  		}
***************
*** 278,281 ****
--- 308,312 ----
  		{
  		  pat++;
+ 		  bracklen++;
  		  in_cclass = 0;
  		}
***************
*** 283,288 ****
  		{
  		  pat++;
  		  if (*pat == ']')	/* right bracket can appear as collating symbol */
! 		    pat++;
  		  in_collsym = 1;
  		}
--- 314,323 ----
  		{
  		  pat++;
+ 		  bracklen++;
  		  if (*pat == ']')	/* right bracket can appear as collating symbol */
! 		    {
! 		      pat++;
! 		      bracklen++;
! 		    }
  		  in_collsym = 1;
  		}
***************
*** 290,293 ****
--- 325,329 ----
  		{
  		  pat++;
+ 		  bracklen++;
  		  in_collsym = 0;
  		}
***************
*** 295,300 ****
  		{
  		  pat++;
  		  if (*pat == ']')	/* right bracket can appear as equivalence class */
! 		    pat++;
  		  in_equiv = 1;
  		}
--- 331,340 ----
  		{
  		  pat++;
+ 		  bracklen++;
  		  if (*pat == ']')	/* right bracket can appear as equivalence class */
! 		    {
! 		      pat++;
! 		      bracklen++;
! 		    }
  		  in_equiv = 1;
  		}
***************
*** 302,310 ****
--- 342,354 ----
  		{
  		  pat++;
+ 		  bracklen++;
  		  in_equiv = 0;
  		}
+ 	      else
+ 		bracklen++;
  	    }
  	  while ((c = *pat++) != ']');
  	  matlen++;		/* bracket expression can only match one char */
+ bad_bracket:
  	  break;
  	}
*** ../bash-4.2-patched/patchlevel.h	Sat Jun 12 20:14:48 2010
--- ./patchlevel.h	Thu Feb 24 21:41:34 2011
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 2
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 3
  
  #endif /* _PATCHLEVEL_H_ */