From patchwork Fri Dec 5 19:24:40 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 9357 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4dNLtG4NGZz3wpD for ; Fri, 05 Dec 2025 19:24:54 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [IPv6:2001:678:b28::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "E8" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4dNLtF44Kwz44C for ; Fri, 05 Dec 2025 19:24:53 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4dNLtC5WfYz334Y for ; Fri, 05 Dec 2025 19:24:51 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4dNLt86zyVz2xyW for ; Fri, 05 Dec 2025 19:24:48 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4dNLt71z8bz3N3; Fri, 05 Dec 2025 19:24:46 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1764962687; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=L4HMgKPoFkig0AdAY0Azy+0ZMLxzH71mKObv90ttJqU=; b=ux7+O+4YDinW/PxBSJ1wSkok8e1bOGlMnGH6Yq7KZ+8e8PE9QzxCHhxN8sEGBGkFQnoz09 GYCBPc+4snh2MNBw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1764962687; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=L4HMgKPoFkig0AdAY0Azy+0ZMLxzH71mKObv90ttJqU=; b=onVlDQtXwg5wtrkL4HI1G34Ip9019XBJFXhMPQu0wEuWad1EYKwHvfpNPi9Al+5qVyHzff p9CYC301ggF3qn3dZbhFlqCtgALLu7LwkyrI/dzbMPj5HVcGi4/blzIA4XKi8M+zml5wBf YLotlzlUVd+R1cPQRYG8us+Qs3SJlXCvNhxBDX40yzUnAI3TypbQQYTwQqAKllKfS1WXwA JIZnAQ22/0RPE4u3b1bqovJP1ndDo6tzRkOEAPyLO2vwddWfNwEzHsJ3A2OGoUgOVi6X3N TmxdwLhu8tyr0iib5OwzaMoPTm1KaI8BgvIBws4RN5437+DCBHlgpH3Fz6FZag== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH] bash: Update to version 5.3 patch 8 Date: Fri, 5 Dec 2025 20:24:40 +0100 Message-ID: <20251205192443.3558213-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 - Update from version 5.3 patch 3 to 5.3 patch 8 - No change to rootfile - Changelog patch 8 Bash tries to consume entire multibyte characters when looking for backslash escapes in $'...' strings, and treats too many characters as potentially beginning a multibyte character in UTF-8 locales. Being more selective about when to call mbrtowc() can lead to optimized string processing and script speedups. This patch also handles the unlikely situation of a locale encoding null wide characters with non-null bytes. patch 7 No-fork command substitutions can perform redirections that act on the enclosing command as well. patch 6 When `globasciiranges' is enabled, glob patterns with ranges in bracket expressions can produce incorrect matches for character ranges whose start and end are non-ascii characters. patch 5 Restoring the default disposition in a subshell for a signal bash treats specially can cause a crash. patch 4 The Linux kernel reports incorrect sizes for files in /sys/block/*/uevent, leading bash to report a read error when the byte count does not agree with the file size from fstat(2). Signed-off-by: Adolf Belka --- lfs/bash | 2 +- src/patches/bash/bash53-004 | 47 ++++++++ src/patches/bash/bash53-005 | 42 +++++++ src/patches/bash/bash53-006 | 48 ++++++++ src/patches/bash/bash53-007 | 56 +++++++++ src/patches/bash/bash53-008 | 231 ++++++++++++++++++++++++++++++++++++ 6 files changed, 425 insertions(+), 1 deletion(-) create mode 100644 src/patches/bash/bash53-004 create mode 100644 src/patches/bash/bash53-005 create mode 100644 src/patches/bash/bash53-006 create mode 100644 src/patches/bash/bash53-007 create mode 100644 src/patches/bash/bash53-008 diff --git a/lfs/bash b/lfs/bash index 1bc7b52f6..adfbd35d1 100644 --- a/lfs/bash +++ b/lfs/bash @@ -25,7 +25,7 @@ include Config VER = 5.3 -PATCHVER = 3 +PATCHVER = 8 THISAPP = bash-$(VER) DL_FILE = $(THISAPP).tar.gz diff --git a/src/patches/bash/bash53-004 b/src/patches/bash/bash53-004 new file mode 100644 index 000000000..5d7705c0d --- /dev/null +++ b/src/patches/bash/bash53-004 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-004 + +Bug-Reported-by: Emanuele Torre +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2025-07/msg00031.html + +Bug-Description: + +The Linux kernel reports incorrect sizes for files in /sys/block/*/uevent, +leading bash to report a read error when the byte count does not agree +with the file size from fstat(2). + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/builtins/evalfile.c Fri Sep 6 15:42:40 2024 +--- builtins/evalfile.c Fri Sep 12 11:38:57 2025 +*************** +*** 161,166 **** +--- 161,168 ---- + if (nr >= 0) + string[nr] = '\0'; ++ #if 0 + if (nr != file_size) + nr = -1; /* XXX - didn't get the whole file */ ++ #endif + } + else + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash53-005 b/src/patches/bash/bash53-005 new file mode 100644 index 000000000..2bebca8be --- /dev/null +++ b/src/patches/bash/bash53-005 @@ -0,0 +1,42 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-005 + +Bug-Reported-by: chet.ramey@case.edu +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +Restoring the default disposition in a subshell for a signal bash treats +specially can cause a crash. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/trap.c Thu Dec 19 11:35:49 2024 +--- trap.c Fri Nov 7 11:23:31 2025 +*************** +*** 965,968 **** +--- 965,969 ---- + set_signal_handler (sig, SIG_DFL); + change_signal (sig, (char *)DEFAULT_SIG); ++ sigmodes[sig] &= ~SIG_TRAPPED; /* no longer trapped */ + return; + } +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash53-006 b/src/patches/bash/bash53-006 new file mode 100644 index 000000000..95891a474 --- /dev/null +++ b/src/patches/bash/bash53-006 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-006 + +Bug-Reported-by: Duncan Roe +Bug-Reference-ID: +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2025-09/msg00053.html + +Bug-Description: + +When `globasciiranges' is enabled, glob patterns with ranges in bracket +expressions can produce incorrect matches for character ranges whose +start and end are non-ascii characters. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/lib/glob/smatch.c Mon May 29 14:15:17 2023 +--- lib/glob/smatch.c Mon Sep 8 12:54:59 2025 +*************** +*** 391,395 **** + return 0; + +! if (forcecoll == 0 && glob_asciirange && c1 <= UCHAR_MAX && c2 <= UCHAR_MAX) + return ((int)(c1 - c2)); + +--- 391,395 ---- + return 0; + +! if (forcecoll == 0 && glob_asciirange) + return ((int)(c1 - c2)); + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash53-007 b/src/patches/bash/bash53-007 new file mode 100644 index 000000000..58bc0d710 --- /dev/null +++ b/src/patches/bash/bash53-007 @@ -0,0 +1,56 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-007 + +Bug-Reported-by: jdhedden@gmail.com +Bug-Reference-ID: <689ac876.050a0220.334a3f.30fb@mx.google.com> +Bug-Reference-URL: + +Bug-Description: + +No-fork command substitutions can perform redirections that act on the +enclosing command as well. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/subst.c Fri Jul 25 08:53:25 2025 +--- subst.c Tue Aug 12 15:41:01 2025 +*************** +*** 207,210 **** +--- 207,212 ---- + extern int extended_quote; + ++ extern REDIRECT *exec_redirection_undo_list, *redirection_undo_list; ++ + #if !defined (HAVE_WCSDUP) && defined (HANDLE_MULTIBYTE) + extern wchar_t *wcsdup (const wchar_t *); +*************** +*** 7001,7004 **** +--- 7003,7011 ---- + } + #endif ++ ++ unwind_protect_pointer (redirection_undo_list); ++ redirection_undo_list = NULL; ++ unwind_protect_pointer (exec_redirection_undo_list); ++ exec_redirection_undo_list = NULL; + + subst_assign_varlist = 0; + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/src/patches/bash/bash53-008 b/src/patches/bash/bash53-008 new file mode 100644 index 000000000..4ab993518 --- /dev/null +++ b/src/patches/bash/bash53-008 @@ -0,0 +1,231 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 5.3 +Patch-ID: bash53-008 + +Bug-Reported-by: Grisha Levit +Bug-Reference-ID: <20251022174207.10518-1-grishalevit@gmail.com> +Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2025-10/msg00145.html + +Bug-Description: + +Bash tries to consume entire multibyte characters when looking for backslash +escapes in $'...' strings, and treats too many characters as potentially +beginning a multibyte character in UTF-8 locales. Being more selective about +when to call mbrtowc() can lead to optimized string processing and script +speedups. This patch also handles the unlikely situation of a locale +encoding null wide characters with non-null bytes. + +Patch (apply with `patch -p0'): + +*** ../bash-5.3-patched/lib/sh/strtrans.c Fri Oct 13 11:57:46 2023 +--- lib/sh/strtrans.c Mon Oct 27 14:30:35 2025 +*************** +*** 56,60 **** + unsigned long v; + size_t clen; +! int mb_cur_max; + #if defined (HANDLE_MULTIBYTE) + wchar_t wc; +--- 56,60 ---- + unsigned long v; + size_t clen; +! size_t mb_cur_max; + #if defined (HANDLE_MULTIBYTE) + wchar_t wc; +*************** +*** 64,68 **** + return ((char *)0); + +! mb_cur_max = MB_CUR_MAX; + #if defined (HANDLE_MULTIBYTE) + temp = 4*len + 4; +--- 64,68 ---- + return ((char *)0); + +! mb_cur_max = locale_mb_cur_max; + #if defined (HANDLE_MULTIBYTE) + temp = 4*len + 4; +*************** +*** 80,87 **** + clen = 1; + #if defined (HANDLE_MULTIBYTE) +! if ((locale_utf8locale && (c & 0x80)) || +! (locale_utf8locale == 0 && mb_cur_max > 0 && is_basic (c) == 0)) + { + clen = mbrtowc (&wc, s - 1, mb_cur_max, 0); + if (MB_INVALIDCH (clen)) + clen = 1; +--- 80,91 ---- + clen = 1; + #if defined (HANDLE_MULTIBYTE) +! /* We read an entire multibyte character at a time if we are in a +! locale where a backslash can possibly appear as part of a +! multibyte character. UTF-8 encodings prohibit this. */ +! if (locale_utf8locale == 0 && mb_cur_max > 1 && is_basic (c) == 0) + { + clen = mbrtowc (&wc, s - 1, mb_cur_max, 0); ++ if (MB_NULLWCH (clen)) ++ break; /* it apparently can happen */ + if (MB_INVALIDCH (clen)) + clen = 1; +*************** +*** 228,237 **** + char *r, *ret; + const char *s; +- size_t l, rsize; + unsigned char c; + size_t clen; + int b; +- #if defined (HANDLE_MULTIBYTE) + wchar_t wc; + #endif + +--- 232,241 ---- + char *r, *ret; + const char *s; + unsigned char c; ++ #if defined (HANDLE_MULTIBYTE) + size_t clen; + int b; + wchar_t wc; ++ DECLARE_MBSTATE; + #endif + +*************** +*** 239,245 **** + return ((char *)0); + +! l = strlen (str); +! rsize = 4 * l + 4; +! r = ret = (char *)xmalloc (rsize); + + *r++ = '$'; +--- 243,247 ---- + return ((char *)0); + +! r = ret = (char *)xmalloc (4 * strlen (str) + 4); + + *r++ = '$'; +*************** +*** 248,255 **** + for (s = str; c = *s; s++) + { +- b = 1; /* 1 == add backslash; 0 == no backslash */ +- l = 1; +- clen = 1; +- + switch (c) + { +--- 250,253 ---- +*************** +*** 267,303 **** + default: + #if defined (HANDLE_MULTIBYTE) +! b = is_basic (c); +! /* XXX - clen comparison to 0 is dicey */ +! if ((b == 0 && ((clen = mbrtowc (&wc, s, MB_CUR_MAX, 0)) < 0 || MB_INVALIDCH (clen) || iswprint (wc) == 0)) || +! (b == 1 && ISPRINT (c) == 0)) +! #else +! if (ISPRINT (c) == 0) +! #endif + { +! *r++ = '\\'; +! *r++ = TOCHAR ((c >> 6) & 07); +! *r++ = TOCHAR ((c >> 3) & 07); +! *r++ = TOCHAR (c & 07); +! continue; + } +! l = 0; +! break; +! } +! if (b == 0 && clen == 0) +! break; + +! if (l) +! *r++ = '\\'; +! +! if (clen == 1) +! *r++ = c; +! else +! { +! for (b = 0; b < (int)clen; b++) +! *r++ = (unsigned char)s[b]; +! s += clen - 1; /* -1 because of the increment above */ + } + } + + *r++ = '\''; + *r = '\0'; +--- 265,304 ---- + default: + #if defined (HANDLE_MULTIBYTE) +! if ((locale_utf8locale && (c & 0x80)) || +! (locale_utf8locale == 0 && locale_mb_cur_max > 1 && is_basic (c) == 0)) + { +! clen = mbrtowc (&wc, s, locale_mb_cur_max, &state); +! if (MB_NULLWCH (clen)) +! goto quote_end; +! if (MB_INVALIDCH (clen)) +! INITIALIZE_MBSTATE; +! else if (iswprint (wc)) +! { +! for (b = 0; b < (int)clen; b++) +! *r++ = (unsigned char)s[b]; +! s += clen - 1; /* -1 because of the increment above */ +! continue; +! } + } +! else +! #endif +! if (ISPRINT (c)) +! { +! *r++ = c; +! continue; +! } + +! *r++ = '\\'; +! *r++ = TOCHAR ((c >> 6) & 07); +! *r++ = TOCHAR ((c >> 3) & 07); +! *r++ = TOCHAR (c & 07); +! continue; + } ++ ++ *r++ = '\\'; ++ *r++ = c; + } + ++ quote_end: + *r++ = '\''; + *r = '\0'; +*************** +*** 349,353 **** + { + #if defined (HANDLE_MULTIBYTE) +! if (is_basic (c) == 0) + return (ansic_wshouldquote (s)); + #endif +--- 350,355 ---- + { + #if defined (HANDLE_MULTIBYTE) +! if ((locale_utf8locale && (c & 0x80)) || +! (locale_utf8locale == 0 && locale_mb_cur_max > 1 && is_basic (c) == 0)) + return (ansic_wshouldquote (s)); + #endif + +*** ../bash-5.3/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 +--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */