diff options
author | Chet Ramey <chet.ramey@case.edu> | 2019-11-25 00:43:03 +0100 |
---|---|---|
committer | Vasyl Gello <vasek.gello@gmail.com> | 2019-11-26 20:24:31 +0000 |
commit | e69f0429dd813203640719a13716d3d4a093b87e (patch) | |
tree | 003d86e492a3d0811a1bec01db4a0028007aadd8 | |
parent | 31dca5f935e41e55ec55934dc480ba1c514652e6 (diff) | |
download | android_external_bash-e69f0429dd813203640719a13716d3d4a093b87e.tar.gz android_external_bash-e69f0429dd813203640719a13716d3d4a093b87e.tar.bz2 android_external_bash-e69f0429dd813203640719a13716d3d4a093b87e.zip |
Bash-4.3 patch 48
If a malicious user can inject a value of $SHELLOPTS containing `xtrace'
and a value for $PS4 that includes a command substitution into a shell
running as root, bash will expand the command substitution as part of
expanding $PS4 when it executes a traced command.
Change-Id: I89582f14a979f733b3504cc456ce671621825680
-rw-r--r-- | patchlevel.h | 2 | ||||
-rw-r--r-- | variables.c | 6 |
2 files changed, 6 insertions, 2 deletions
diff --git a/patchlevel.h b/patchlevel.h index d243f2d..a5241c6 100644 --- a/patchlevel.h +++ b/patchlevel.h @@ -25,6 +25,6 @@ regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh looks for to find the patch level (for the sccs version string). */ -#define PATCHLEVEL 47 +#define PATCHLEVEL 48 #endif /* _PATCHLEVEL_H_ */ diff --git a/variables.c b/variables.c index f39eb64..f816ffe 100644 --- a/variables.c +++ b/variables.c @@ -495,7 +495,11 @@ initialize_shell_variables (env, privmode) #endif set_if_not ("PS2", secondary_prompt); } - set_if_not ("PS4", "+ "); + + if (current_user.euid == 0) + bind_variable ("PS4", "+ ", 0); + else + set_if_not ("PS4", "+ "); /* Don't allow IFS to be imported from the environment. */ temp_var = bind_variable ("IFS", " \t\n", 0); |