1729997 – Regression introduced by CVE-2017-18206

Bug 1729997 - Regression introduced by CVE-2017-18206

Summary: Regression introduced by CVE-2017-18206

Keywords:
Status:	VERIFIED
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	zsh
Sub Component:
Version:	7.6
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Kamil Dudka
QA Contact:	Karel Volný
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-07-15 14:23 UTC by Renaud Métrich
Modified:	2020-02-07 09:23 UTC (History)
CC List:	2 users (show)
Fixed In Version:	zsh-5.0.2-34.el7
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Renaud Métrich 2019-07-15 14:23:39 UTC

Description of problem:

A customer reported a regression in zsh-5.0.2-31.el7.x86_64 compared to zsh-5.0.2-28.el7.x86_64 around "chaselinks" option:

$ unsetopt chaselinks; cd /
$ setopt chaselinks; cd /
zsh: path expansion failed, using root directory


Version-Release number of selected component (if applicable):

zsh-5.0.2-31.el7.x86_64


How reproducible:

Always, see above with zsh-5.0.2-31.el7.x86_64


Additional info:

Patch 34 (zsh-5.0.2-CVE-2014-10072.patch) introduces the regression.
I was able to fix it by backporting some additional code.

Comment 3 Kamil Dudka 2019-07-15 15:14:13 UTC

Thank you for debugging it and providing the patch!  It looks good to me.

Note You need to log in before you can comment on or make changes to this bug.