| blob | ade1fac01e7398ee31c4cbb11257deb0c4df0f3c |
1 BASH PATCH REPORT
2 =================
4 Bash-Release: 5.2
5 Patch-ID: bash52-021
7 Bug-Reported-by: Norbert Lange <nolange79@gmail.com>
8 Bug-Reference-ID: <CADYdroPZFdVZSL6KkhqkAPgKKopbsLQVSm7_TvLCwadL2=UAWw@mail.gmail.com>
9 Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-12/msg00046.html
11 Bug-Description:
13 There is an off-by-one error that causes command substitutions to fail when
14 they appear in a word expansion inside a here-document.
16 Patch (apply with `patch -p0'):
18 *** ../bash-5.2-patched/subst.c 2022-12-13 12:08:58.000000000 -0500
19 --- subst.c 2022-12-14 09:09:53.000000000 -0500
20 ***************
21 *** 1694,1698 ****
22 CHECK_STRING_OVERRUN (i, si, slen, c);
24 ! tlen = si - i - 1;
25 RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
26 result[result_index++] = c;
27 --- 1699,1703 ----
28 CHECK_STRING_OVERRUN (i, si, slen, c);
30 ! tlen = si - i - 2;
31 RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
32 result[result_index++] = c;
33 ***************
34 *** 1714,1718 ****
35 CHECK_STRING_OVERRUN (i, si, slen, c);
37 ! tlen = si - i - 1;
38 RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
39 result[result_index++] = c;
40 --- 1719,1723 ----
41 CHECK_STRING_OVERRUN (i, si, slen, c);
43 ! tlen = si - i - 2;
44 RESIZE_MALLOCED_BUFFER (result, result_index, tlen + 4, result_size, 64);
45 result[result_index++] = c;
47 *** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400
48 --- patchlevel.h 2020-10-01 11:01:28.000000000 -0400
49 ***************
50 *** 26,30 ****
51 looks for to find the patch level (for the sccs version string). */
53 ! #define PATCHLEVEL 20
55 #endif /* _PATCHLEVEL_H_ */
56 --- 26,30 ----
57 looks for to find the patch level (for the sccs version string). */
59 ! #define PATCHLEVEL 21
61 #endif /* _PATCHLEVEL_H_ */