6b13f685e
 김민수
BSP 최초 추가
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
From http://ftp.gnu.org/pub/gnu/bash/bash-4.3-patches/bash43-035
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
BASH PATCH REPORT
=================
Bash-Release: 4.3
Patch-ID: bash43-035
Bug-Reported-by: <romerox.adrian@gmail.com>
Bug-Reference-ID: <CABV5r3zhPXmSKUe9uedeGc5YFBM2njJ1iVmY2h5neWdQpDBQug@mail.gmail.com>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2014-08/msg00045.html
Bug-Description:
A locale with a long name can trigger a buffer overflow and core dump. This
applies on systems that do not have locale_charset in libc, are not using
GNU libiconv, and are not using the libintl that ships with bash in lib/intl.
Patch (apply with `patch -p0'):
*** a/bash-4.3-patched/lib/sh/unicode.c 2014-01-30 16:47:19.000000000 -0500
--- b/lib/sh/unicode.c 2015-05-01 08:58:30.000000000 -0400
***************
*** 79,83 ****
if (s)
{
! strcpy (charsetbuf, s+1);
t = strchr (charsetbuf, '@');
if (t)
--- 79,84 ----
if (s)
{
! strncpy (charsetbuf, s+1, sizeof (charsetbuf) - 1);
! charsetbuf[sizeof (charsetbuf) - 1] = '\0';
t = strchr (charsetbuf, '@');
if (t)
***************
*** 85,89 ****
return charsetbuf;
}
! strcpy (charsetbuf, locale);
return charsetbuf;
}
--- 86,91 ----
return charsetbuf;
}
! strncpy (charsetbuf, locale, sizeof (charsetbuf) - 1);
! charsetbuf[sizeof (charsetbuf) - 1] = '\0';
return charsetbuf;
}
*** a/bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500
--- b/patchlevel.h 2014-03-20 20:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 34
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 35
#endif /* _PATCHLEVEL_H_ */
|