Blame SOURCES/bash42-052

ff19ae
			     BASH PATCH REPORT
ff19ae
			     =================
ff19ae
ff19ae
Bash-Release:	4.2
ff19ae
Patch-ID:	bash42-052
ff19ae
ff19ae
Bug-Reported-by:	Michal Zalewski <lcamtuf@coredump.cx>
ff19ae
Bug-Reference-ID:
ff19ae
Bug-Reference-URL:
ff19ae
ff19ae
Bug-Description:
ff19ae
ff19ae
When bash is parsing a function definition that contains a here-document
ff19ae
delimited by end-of-file (or end-of-string), it leaves the closing delimiter
ff19ae
uninitialized.  This can result in an invalid memory access when the parsed
ff19ae
function is later copied.
ff19ae
ff19ae
Patch (apply with `patch -p0'):
ff19ae
ff19ae
*** ../bash-4.2.51/make_cmd.c	2009-09-11 17:26:12.000000000 -0400
ff19ae
--- make_cmd.c	2014-10-02 11:26:58.000000000 -0400
ff19ae
***************
ff19ae
*** 690,693 ****
ff19ae
--- 690,694 ----
ff19ae
    temp->redirector = source;
ff19ae
    temp->redirectee = dest_and_filename;
ff19ae
+   temp->here_doc_eof = 0;
ff19ae
    temp->instruction = instruction;
ff19ae
    temp->flags = 0;
ff19ae
*** ../bash-4.2.51/copy_cmd.c	2009-09-11 16:28:02.000000000 -0400
ff19ae
--- copy_cmd.c	2014-10-02 11:26:58.000000000 -0400
ff19ae
***************
ff19ae
*** 127,131 ****
ff19ae
      case r_reading_until:
ff19ae
      case r_deblank_reading_until:
ff19ae
!       new_redirect->here_doc_eof = savestring (redirect->here_doc_eof);
ff19ae
        /*FALLTHROUGH*/
ff19ae
      case r_reading_string:
ff19ae
--- 127,131 ----
ff19ae
      case r_reading_until:
ff19ae
      case r_deblank_reading_until:
ff19ae
!       new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0;
ff19ae
        /*FALLTHROUGH*/
ff19ae
      case r_reading_string: