Bug 681462 - bash -c 'TZ=UTC0 :' causes segfault
Summary: bash -c 'TZ=UTC0 :' causes segfault
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: bash
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ---
Assignee: Roman Rakus
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 681460 681461 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-03-02 09:36 UTC by Jim Meyering
Modified: 2014-01-13 00:13 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-03-02 14:32:24 UTC
Type: ---

Attachments (Terms of Use)
don't dereference NULL (337 bytes, patch)
2011-03-02 09:37 UTC, Jim Meyering 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Description Jim Meyering 2011-03-02 09:36:51 UTC 
Description of problem: 
bash -c 'TZ=UTC0 :' causes segfault

The RHS can be any value, not just UTC0.

Version-Release number of selected component (if applicable): x86_64 0:4.2.5-1.fc15


How reproducible: always


Steps to Reproduce:
1. bash -c 'TZ=x :'
2.
3.
  
Actual results: 

$ bash -c 'TZ=x :'
zsh: segmentation fault  bash -c 'TZ=UTC0 :'

Expected results:

no segfault

Additional info:

This bug was introduced with patch bash42-005:
This function must accommodate v == NULL, since exported_p dereferences its argument.  Patch attached.

+ int
+ chkexport (name)
+      char *name;
+ {
+   SHELL_VAR *v;
+ 
+   v = find_variable (name);
+   if (exported_p (v))
+     {
+       array_needs_making = 1;
+       maybe_make_export_env ();
+       return 1;
+     }
+   return 0;
+ }
Comment 1 Jim Meyering 2011-03-02 09:37:42 UTC 
Created attachment 481820 [details]
don't dereference NULL
Comment 2 Roman Rakus 2011-03-02 14:14:25 UTC 
Thanks for the report. There is official upstream patch. I will apply the patch now.
Comment 3 Roman Rakus 2011-03-02 14:32:24 UTC 
Fixed in bash-4.2.6-1.fc16
Comment 4 Roman Rakus 2011-03-07 16:06:52 UTC 
*** Bug 681460 has been marked as a duplicate of this bug. ***
Comment 5 Roman Rakus 2011-03-07 16:07:20 UTC 
*** Bug 681461 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.