[ksh/f15] fix: IFS manipulation in a function can cause crash
Michal Hlavinka
mhlavink at fedoraproject.org
Wed Aug 3 20:45:01 UTC 2011
commit 7e9fd4fad4252f9f224d78b23745d425497f0b62
Author: Michal Hlavinka <mhlavink at redhat.com>
Date: Wed Aug 3 22:44:43 2011 +0200
fix: IFS manipulation in a function can cause crash
ksh-20110630-ifsfix.patch | 23 +++++++++++++++++++++++
ksh.spec | 9 ++++++++-
2 files changed, 31 insertions(+), 1 deletions(-)
---
diff --git a/ksh-20110630-ifsfix.patch b/ksh-20110630-ifsfix.patch
new file mode 100644
index 0000000..4393005
--- /dev/null
+++ b/ksh-20110630-ifsfix.patch
@@ -0,0 +1,23 @@
+diff -up ksh-20110630/src/cmd/ksh93/sh/subshell.c.ifsfix ksh-20110630/src/cmd/ksh93/sh/subshell.c
+--- ksh-20110630/src/cmd/ksh93/sh/subshell.c.ifsfix 2011-06-09 15:16:19.000000000 +0200
++++ ksh-20110630/src/cmd/ksh93/sh/subshell.c 2011-08-03 07:58:55.749400810 +0200
+@@ -304,7 +304,7 @@ static void nv_restore(struct subshell *
+ register Namval_t *mp, *np;
+ const char *save = sp->shpwd;
+ Namval_t *mpnext;
+- int flags;
++ int flags,nofree;
+ sp->shpwd = 0; /* make sure sh_assignok doesn't save with nv_unset() */
+ for(lp=sp->svar; lp; lp=lq)
+ {
+@@ -327,7 +327,9 @@ static void nv_restore(struct subshell *
+ nv_setsize(mp,nv_size(np));
+ if(!(flags&NV_MINIMAL))
+ mp->nvenv = np->nvenv;
+- mp->nvfun = np->nvfun;
++ nofree = mp->nvfun?mp->nvfun->nofree:0;
++ if((mp->nvfun = np->nvfun) && nofree)
++ mp->nvfun->nofree = nofree;
+ if(nv_isattr(np,NV_IDENT))
+ {
+ nv_offattr(np,NV_IDENT);
diff --git a/ksh.spec b/ksh.spec
index 126c027..5b97e9e 100644
--- a/ksh.spec
+++ b/ksh.spec
@@ -6,7 +6,7 @@ URL: http://www.kornshell.com/
Group: System Environment/Shells
License: CPL
Version: 20110505
-Release: 2%{?dist}
+Release: 3%{?dist}
Source0: http://www.research.att.com/~gsf/download/tgz/ast-ksh.%{releasedate}.tgz
Source1: http://www.research.att.com/~gsf/download/tgz/INIT.%{releasedate}.tgz
Source3: kshrc.rhs
@@ -22,6 +22,9 @@ Patch2: ksh-20100826-fixregr.patch
Patch3: ksh-20110505-resume.patch
+# for ksh < 2011-08-03
+Patch4: ksh-20110630-ifsfix.patch
+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Conflicts: pdksh
Requires: coreutils, glibc-common, diffutils
@@ -43,6 +46,7 @@ with "sh" (the Bourne Shell).
%patch1 -p1 -b .builtins
%patch2 -p1 -b .fixregr
%patch3 -p1 -b .resume
+%patch4 -p1 -b .fixifs
#/dev/fd test does not work because of mock
sed -i 's|ls /dev/fd|ls /proc/self/fd|' src/cmd/ksh93/features/options
@@ -121,6 +125,9 @@ fi
rm -rf $RPM_BUILD_ROOT
%changelog
+* Wed Aug 03 2011 Michal Hlavinka <mhlavink at redhat.com> - 20110505-3
+- fix: IFS manipulation in a function can cause crash
+
* Wed Jun 08 2011 Michal Hlavinka <mhlavink at redhat.com> - 20110505-2
- fix: resume of suspended process using pipes does not work (#708909)
More information about the scm-commits
mailing list