You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

67 lines
2.1 KiB

BASH PATCH REPORT
=================
Bash-Release: 4.3
Patch-ID: bash43-041
Bug-Reported-by: Hanno Böck <hanno@hboeck.de>
Bug-Reference-ID: <20150623131106.6f111da9@pc1>, <20150707004640.0e61d2f9@pc1>
Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-06/msg00089.html,
http://lists.gnu.org/archive/html/bug-bash/2015-07/msg00018.html
Bug-Description:
There are several out-of-bounds read errors that occur when completing command
lines where assignment statements appear before the command name. The first
two appear only when programmable completion is enabled; the last one only
happens when listing possible completions.
Patch (apply with `patch -p0'):
--- a/bashline.c
+++ b/bashline.c
@@ -1468,10 +1468,23 @@ attempt_shell_completion (text, start, e
os = start;
n = 0;
+ was_assignment = 0;
s = find_cmd_start (os);
e = find_cmd_end (end);
do
{
+ /* Don't read past the end of rl_line_buffer */
+ if (s > rl_end)
+ {
+ s1 = s = e1;
+ break;
+ }
+ /* Or past point if point is within an assignment statement */
+ else if (was_assignment && s > rl_point)
+ {
+ s1 = s = e1;
+ break;
+ }
/* Skip over assignment statements preceding a command name. If we
don't find a command name at all, we can perform command name
completion. If we find a partial command name, we should perform
--- a/lib/readline/complete.c
+++ b/lib/readline/complete.c
@@ -689,6 +689,8 @@ printable_part (pathname)
if (temp == 0 || *temp == '\0')
return (pathname);
+ else if (temp[1] == 0 && temp == pathname)
+ return (pathname);
/* If the basename is NULL, we might have a pathname like '/usr/src/'.
Look for a previous slash and, if one is found, return the portion
following that slash. If there's no previous slash, just return the
--- a/patchlevel.h
+++ b/patchlevel.h
@@ -25,6 +25,6 @@
regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
looks for to find the patch level (for the sccs version string). */
-#define PATCHLEVEL 40
+#define PATCHLEVEL 41
#endif /* _PATCHLEVEL_H_ */