checked in

OBS-URL: https://build.opensuse.org/package/show/Base:System/bash?expand=0&rev=15

bash-4.0-patches.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b64645f66d1d3121f0fc26215a902d5ca5ec6b4d59a14981617fdf69554ce259
+oid sha256:64b45587a32f84769d300c251406047bf8ecf8e54eec72281da82913b4ad4b5b
-size 18292
+size 17535

bash-4.0-security.patch

@@ -1,43 +1,85 @@
---- variables.c
+Index: variables.c
-+++ variables.c	2009-12-04 09:31:06.579929599 +0000
+===================================================================
-@@ -1216,6 +1216,7 @@ static unsigned long rseed = 1;
+--- variables.c.orig
- static int last_random_value;
++++ variables.c
- static int seeded_subshell = 0;
+@@ -1203,6 +1203,7 @@ init_seconds_var ()
+   return v;      
+ }
       
 +#if !defined(linux)
- /* A linear congruential random number generator based on the example
+ /* The random number seed.  You can change this by setting RANDOM. */
-    one in the ANSI C standard.  This one isn't very good, but a more
+ static unsigned long rseed = 1;
-    complicated one is overkill. */
+ static int last_random_value;
-@@ -1264,6 +1265,32 @@ seedrand ()
+@@ -1256,6 +1257,24 @@ seedrand ()
    sbrand (tv.tv_sec ^ tv.tv_usec ^ getpid ());
  }
  
 +#else
-+/* Use ISO C Random Number Functions of the glibc */
++
-+static int
++static int last_sbrand_pid;
-+brand (void)
++
++static int brand ()
 +{
-+  if (rseed == 0)
++  return random() & 32767;
-+    seedrand ();
++}
-+  return rand() & 32767;
++
++static void sbrand (unsigned long seed)
++{
++  srandom(seed);
 +}
 +
 +static void
-+sbrand (unsigned long seed)
++seedrand () {}
-+{
-+  rseed = seed;
-+  srand(seed);
-+}
-+
-+static void
-+seedrand (void)
-+{
-+  struct timeval tv;
-+  gettimeofday (&tv, NULL);
-+  srand (tv.tv_sec ^ tv.tv_usec ^ getpid ());
-+}
 +#endif
 +
  static SHELL_VAR *
  assign_random (self, value, unused, key)
       SHELL_VAR *self;
+@@ -1264,8 +1283,10 @@ assign_random (self, value, unused, key)
+      char *key;
+ {
+   sbrand (strtoul (value, (char **)NULL, 10));
++#if !defined(linux)
+   if (subshell_environment)
+     seeded_subshell = getpid ();
++#endif
+   return (self);
+ }
+ 
+@@ -1274,6 +1295,7 @@ get_random_number ()
+ {
+   int rv, pid;
+ 
++#if !defined(linux)
+   /* Reset for command and process substitution. */
+   pid = getpid ();
+   if (subshell_environment && seeded_subshell != pid)
+@@ -1285,6 +1307,18 @@ get_random_number ()
+   do
+     rv = brand ();
+   while (rv == last_random_value);
++#else
++  if (subshell_environment)
++    {
++      int mypid = getpid();
++      if (mypid != last_sbrand_pid)
++	{
++	  last_sbrand_pid = mypid;
++	  sbrand (mypid + NOW);
++	}
++    }
++  rv = brand();
++#endif
+   return rv;
+ }
+ 
+@@ -1296,7 +1330,9 @@ get_random (var)
+   char *p;
+ 
+   rv = get_random_number ();
++#if !defined(linux)
+   last_random_value = rv;
++#endif
+   p = itos (rv);
+ 
+   FREE (value_cell (var));

bash.changes

@@ -1,19 +1,3 @@
--------------------------------------------------------------------
-Fri Dec  4 10:40:02 CET 2009 - werner@suse.de
-
-- Fix bug in bash-4.0-security.patch (bnc#559877)
-
--------------------------------------------------------------------
-Thu Oct 29 15:23:20 CET 2009 - werner@suse.de
-
-- Update to newest patch level 35
-  * bash incorrectly interprets wildcarded path components between
-    a **/ and the last /
-  * bash incorrectly treated single and double quotes as
-    delimiters rather than introducing quoted strings when
-    splitting the line into words for programmable completion
-    functions
-
 -------------------------------------------------------------------
 Wed Sep 30 13:24:57 CEST 2009 - werner@suse.de