Bug 618274 - bad susbstitution can crash mksh
bad susbstitution can crash mksh
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: mksh (Show other bugs)
6.1
All Linux
low Severity medium
: rc
: ---
Assigned To: Michal Hlavinka
BaseOS QE - Apps
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-26 10:40 EDT by Michal Hlavinka
Modified: 2011-05-19 09:13 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
bad substitution could crash mksh. The code that made mksh crash is not expected to work under mksh, but it's expected to work under ksh93 so it could crash mksh if someone tried to run ksh script for newer ksh specification (ksh-93 vs. ksh-88). This was fixed and updated mksh no longer crashes, but reports error as expected
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-05-19 09:13:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to fix this (1.60 KB, patch)
2010-07-26 10:40 EDT, Michal Hlavinka
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:0580 normal SHIPPED_LIVE mksh bug fix and enhancement update 2011-05-18 13:56:53 EDT

  None (edit)
Description Michal Hlavinka 2010-07-26 10:40:30 EDT
Created attachment 434437 [details]
patch to fix this

Description of problem:
bad substitution can crash mksh, the code that makes mksh crashe is not expected to work under mksh, but it's expected to work under ksh93 so it can crash mksh if someone tries to run ksh script for newer ksh specification (ksh93 vs. ksh88)

Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. echo ${x[@]:2}
2.
3.
  
Actual results:
crash

Expected results:
error message, no crash

Additional info:
Comment 4 Florian Nadge 2011-03-01 06:06:56 EST
Please be so kind and add a few key words to the technical note of this
bugzilla entry using the following structure:

Cause:

Consequence:

Fix:

Result:


For details, see:
https://bugzilla.redhat.com/page.cgi?id=fields.html#cf_release_notes

Thanks
Comment 5 Florian Nadge 2011-03-01 06:06:56 EST
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause
    What actions or circumstances cause this bug to present.
Consequence
    What happens when the bug presents.
Fix
    What was done to fix the bug.
Result
    What now happens when the actions or circumstances above occur.
    Note: this is not the same as the bug doesn’t present anymore.
Comment 6 Michal Hlavinka 2011-03-01 08:39:28 EST
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,9 +1 @@
-Cause
+bad substitution could crash mksh. The code that made mksh crash is not expected to work under mksh, but it's expected to work under ksh93 so it could crash mksh if someone tried to run ksh script for newer ksh specification (ksh-93 vs. ksh-88). This was fixed and updated mksh no longer crashes, but reports error as expected-    What actions or circumstances cause this bug to present.
-Consequence
-    What happens when the bug presents.
-Fix
-    What was done to fix the bug.
-Result
-    What now happens when the actions or circumstances above occur.
-    Note: this is not the same as the bug doesn’t present anymore.
Comment 8 errata-xmlrpc 2011-05-19 09:13:47 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0580.html

Note You need to log in before you can comment on or make changes to this bug.