From 35499a3e58387e86027a8fce88f55d813e03f55a Mon Sep 17 00:00:00 2001 From: "Vojtech Vitek (V-Teq)" Date: Mon, 24 Jan 2011 17:09:42 +0100 Subject: - Don't allow illegal variable names to be set Resolves: #436901 --- tcsh-6.17.00-variable-names.patch | 92 +++++++++++++++++++++++++++++++++++++++ tcsh.spec | 7 ++- 2 files changed, 98 insertions(+), 1 deletion(-) create mode 100644 tcsh-6.17.00-variable-names.patch diff --git a/tcsh-6.17.00-variable-names.patch b/tcsh-6.17.00-variable-names.patch new file mode 100644 index 0000000..febf984 --- /dev/null +++ b/tcsh-6.17.00-variable-names.patch @@ -0,0 +1,92 @@ +--- tcsh-6.17.00-orig/sh.func.c 2009-06-25 23:15:37.000000000 +0200 ++++ tcsh-6.17.00/sh.func.c 2011-01-17 12:19:47.477051757 +0100 +@@ -520,12 +520,13 @@ doforeach(Char **v, struct command *c) + + USE(c); + v++; +- sp = cp = strip(*v); +- if (!letter(*sp)) ++ cp = sp = strip(*v); ++ if (!letter(*cp)) + stderror(ERR_NAME | ERR_VARBEGIN); +- while (*cp && alnum(*cp)) ++ do { + cp++; +- if (*cp) ++ } while (alnum(*cp)); ++ if (*cp != '\0') + stderror(ERR_NAME | ERR_VARALNUM); + cp = *v++; + if (v[0][0] != '(' || v[blklen(v) - 1][0] != ')') +@@ -1376,13 +1364,16 @@ dosetenv(Char **v, struct command *c) + } + + vp = *v++; +- + lp = vp; +- +- for (; *lp != '\0' ; lp++) { +- if (*lp == '=') +- stderror(ERR_NAME | ERR_SYNTAX); +- } ++ ++ if (!letter(*lp)) ++ stderror(ERR_NAME | ERR_VARBEGIN); ++ do { ++ lp++; ++ } while (alnum(*lp)); ++ if (*lp != '\0') ++ stderror(ERR_NAME | ERR_VARALNUM); ++ + if ((lp = *v++) == 0) + lp = STRNULL; + +--- tcsh-6.17.00-orig/sh.set.c 2007-09-28 23:02:03.000000000 +0200 ++++ tcsh-6.17.00/sh.set.c 2011-01-17 15:02:42.785021782 +0100 +@@ -222,7 +222,7 @@ void + doset(Char **v, struct command *c) + { + Char *p; +- Char *vp, op; ++ Char *vp; + Char **vecp; + int hadsub; + int subscr; +@@ -262,27 +262,26 @@ doset(Char **v, struct command *c) + do { + hadsub = 0; + vp = p; +- if (letter(*p)) +- for (; alnum(*p); p++) +- continue; +- if (vp == p || !letter(*vp)) ++ if (!letter(*p)) + stderror(ERR_NAME | ERR_VARBEGIN); ++ do { ++ p++; ++ } while (alnum(*p)); + if (*p == '[') { + hadsub++; + p = getinx(p, &subscr); + } +- if ((op = *p) != 0) { +- *p++ = 0; +- if (*p == 0 && *v && **v == '(') ++ if (*p != '\0' && *p != '=') ++ stderror(ERR_NAME | ERR_VARALNUM); ++ if (*p == '=') { ++ *p++ = '\0'; ++ if (*p == '\0' && *v != NULL && **v == '(') + p = *v++; + } + else if (*v && eq(*v, STRequal)) { +- op = '=', v++; +- if (*v) ++ if (*++v != NULL) + p = *v++; + } +- if (op && op != '=') +- stderror(ERR_NAME | ERR_SYNTAX); + if (eq(p, STRLparen)) { + Char **e = v; + diff --git a/tcsh.spec b/tcsh.spec index ef940ce..e7b4c46 100644 --- a/tcsh.spec +++ b/tcsh.spec @@ -30,10 +30,12 @@ Patch17: tcsh-6.17.00-testsuite.patch Patch18: tcsh-6.17.00-extrafork.patch # Proposed to upstream (http://bugs.gw.com/view.php?id=109): Patch19: tcsh-6.17.00-wait-intr.patch -# Accepted by upstream (tcsh-6.17.02b http://bugs.gw.com/view.php?id=112): +# Accepted by upstream (tcsh-6.17.03b http://bugs.gw.com/view.php?id=112): Patch21: tcsh-6.17.00-dont-set-empty-remotehost.patch # Proposed to upstream (http://mx.gw.com/pipermail/tcsh-bugs/2010-May/000673.html): Patch22: tcsh-6.14.00-dont-print-history-on-verbose.patch +# Accepted by upstream (tcsh-6.17.03b http://bugs.gw.com/view.php?id=113): +Patch23: tcsh-6.17.00-variable-names.patch Provides: csh = %{version} Requires(post): grep Requires(postun): coreutils, grep @@ -70,6 +72,7 @@ like syntax. %patch19 -p1 -b .wait-intr %patch21 -p1 -b .dont-set-empty-remotehost %patch22 -p1 -b .dont-print-history-on-verbose +%patch23 -p1 -b .variable-names for i in Fixes WishList; do iconv -f iso-8859-1 -t utf-8 "$i" > "${i}_" && \ @@ -149,6 +152,8 @@ fi Resolves: #669176 - Don't print history in verbose mode Resolves: #583075, #658171 +- Don't allow illegal variable names to be set + Resolves: #436901 * Wed Oct 6 2010 Vitezslav Crhonek - 6.17-9 - Remove fork when tcsh processes backquotes -- cgit