blob: 3051269c197ae8d5365d6da9a203774e527421f1 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
BASH PATCH REPORT
=================
Bash-Release: 5.2
Patch-ID: bash52-013
Bug-Reported-by: Ralf Oehler <Ralf@Oehler-Privat.de>
Bug-Reference-ID: <20221120140252.2fc6489b@bilbo>
Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-11/msg00082.html
Bug-Description:
Bash can leak memory when referencing a non-existent associative array
element.
Patch (apply with `patch -p0'):
*** ../bash-5.2-patched/subst.c 2022-11-05 17:27:48.000000000 -0400
--- subst.c 2022-11-21 14:42:59.000000000 -0500
***************
*** 7498,7503 ****
: quote_escapes (temp);
rflags |= W_ARRAYIND;
- if (estatep)
- *estatep = es; /* structure copy */
}
/* Note that array[*] and array[@] expanded to a quoted null string by
--- 7508,7511 ----
***************
*** 7508,7512 ****
rflags |= W_HASQUOTEDNULL;
! if (estatep == 0)
flush_eltstate (&es);
}
--- 7516,7522 ----
rflags |= W_HASQUOTEDNULL;
! if (estatep)
! *estatep = es; /* structure copy */
! else
flush_eltstate (&es);
}
*** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400
--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 12
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 13
#endif /* _PATCHLEVEL_H_ */
|
