9/15/2016 --------- [bash-4.4 released] 9/17 ---- builtins/common.c - display_signal_list: if 0 is supplied as an argument to kill -l, display a signal-out-of-range error. Fixes bug reported by Martijn Dekker 9/18 ---- print_cmd.c - print_heredoc_bodies: take a list of redirections, all here documents, and print the here-document bodies including the ending delimiter, followed by a newline - print_redirection_list: print the heredoc headers the first time through the list of redirections so we print them in the same left- to-right order they're supplied; print the bodies and delimiters with print_heredoc_bodies after we print all the redirections if we're not printing a list of commands (printing_connection == 0). Fix for problem reported by Isabella Parakiss - print_deferred_heredocs: don't print heredoc headers, since they're now printed in print_redirection_list - print_deferred_heredocs: use print_heredoc_bodies 9/20 ---- builtins/mapfile.def - readarray: update usage synopsis to include -d delim. Report and fix from jhankins@homewood.k12.al.us test.c - test_binop: if op[0] == '-', make sure op[1] != 0 before checking op[2] or op[3]. Fixes out-of-bounds read reported by Franco Costantini parse.y - cond_term: if yylval.word->word[0] == '-' make sure word[1] != 0 before checking word[2] and calling test_unop. Fixes out-of-bounds read reported by Franco Costantini - make sure to check all instances of the return value of the simple_command production before trying to hook redirections onto it, since it can potentially return NULL. Reported by Franco Costantini 9/21 ---- parse.y - token_is_assignment: make sure to check that the return value from assignment() finds the `=' we just added at index I to avoid false positives from g=g=g=g=g=g=(). Reported by Franco Costantini 9/22 ---- parse.y - token_is_assignment: if we're not using the bash malloc (which has guard bytes after the requested allocation size), use a new buffer so we can make sure it's big enough to hold the current token and at least two additional characters. Reported by Franco Costantini 9/23 ---- execute_command.c - execute_in_subshell: call without_job_control for both job control and non-job-control builds to avoid waiting for last_made_pid inherited from parent shell. Related to fix from 8/4 to initialize_subshell. Fixes bug reported by Martijn Dekker builtins/declare.def - local_builtin: allow `local --help' to work even when not executing a function. Suggestion from Norm Abramovitz 9/25 ---- builtins/printf.def - bexpand: if passed a null or empty string, return a newly-allocated empty string (so the return value can always be freed) instead of NULL. - printstr: if passed a null string, treat it as if it were an empty string so any precision or fieldwidth arguments are handled correctly. Report from isabella parakiss subst.c - skip_matched_pair: make the flags argument of 1 affect whether or not backslash can quote characters in the string, so it affects all quoting mechanisms arrayfunc.c - unbind_array_element: now takes a third (flags) argument; flags&1 means to not expand an associative array index. This is only called from a shell builtin context, which means the argument should have already undergone word expansion, so it should be ok. Will still be a problem for uses like "unset -v 'var[$ind]'", quoted to avoid globbing - valid_array_reference: pass second flags argument to skipsubscript; still set to 0 by all callers arrayfunc.h - unbind_array_element: updated prototype builtins/set.def - unset_builtin: add third argument of 1 to unbind_array_element calls [TEMPORARILY DISABLED] - unset_builtin: call valid_array_reference with second arg of 1 to handle unmatched pairs of quotes and [/] array.c - array_reference: optimize access locality as well as sequential access by adding ability to start from last-accessed element and move backwards or forwards depending on the desired index. Inspired by report from Tom McCurdy and followup from Christian Franke variables.c - all_array_variables: include associative arrays, not just indexed arrays. Reported by Grisha Levit execute_cmd.c - execute_disk_command: if we're optimizing out the fork (CMD_NO_FORK), decrement the shell level so we don't end up incrementing it twice. We should decrement the shell level for an implicit exec like an explicit one. Reported by Stephane Chazelas builtins/exec.def - exec_builtin: don't bother to decrement the shell level if we are already in a `(command)' subshell. Reported by Stephane Chazelas lib/readline/macro.c - macro_level: count of macro nesting level, maintained by _rl_push_executing_macro and _rl_pop_executing macro - _rl_with_macro_input: if current nesting level exceeds MAX_MACRO_LEVEL, abort the current command line with _rl_abort_internal and return to the top level. Reported by Christian Klomp lib/readine/history.c - add_history: if allocating the history list for the first time, make sure the max history list size isn't so large that it will cause allocation errors. Cap it at MAX_HISTORY_INITIAL_SIZE (8192). Reported by Sean Zha jobs.c - wait_for: if a foreground job with job control enabled is killed by a SIGINT and sourcelevel != 0, act as if we received the SIGINT so the file sourcing can be terminated. Reported by PePa 9/26 ---- subst.c - read_comsub: only warn once for null bytes in command substitution output, instead of once for every null byte arrayfunc.c - array_variable_part: now takes a `flags' argument; changed all callers to initially pass 0 - array_variable_name: now takes a `flags' argument; changed all callers to initially pass 0 - array_variable_name: pass `flags' argument to skipsubscript instead of just passing 0 arrayfunc.h - array_variable_{name,part}: added new argument to prototypes 9/29 ---- bashline.c - bash_directory_completion_hook: don't bother to try and expand a ${ or $( that isn't complete; expand_prompt_string will complain. Fixes reports from John Passaro and Valentin Bajrami lib/readline/history.c - _hs_append_history_line: use a strategy that attempts to avoid realloc copying memory to a newly-allocated block if the history line we're appending to gets `too long' (currently 256 bytes). We reallocate in powers of 2 starting at 512, and rely on realloc not allocating a new block and copying into it if the size is the same as the last call to realloc. Addresses issue raised by Hubert Schmid trap.h - check_signals: new extern declaration - trapped_signal_received: new extern declaration builtins/read.def - read_builtin: if one of the zread* functions returns < 0 (which usually only happens in Posix mode), make sure we call check_signals() before eventually calling run_pending_traps() because zread() isn't going to call it - include trap.h for correct extern functions and variable declarations lib/sh/zread.c - zread: if executing a builtin, call check_signals_and_traps() for backwards compatibility. If not, call check_signals() only, because we don't want to run traps during, for instance, reading command substitution output. Fixes race condition bug reported by Luiz Angelo Daros de Luca 9/30 ---- subst.c - command_substitute: reset parse_and_execute_level to 0 in the child process, since it's independent of the other parse_and_execute calls. Adds command substitution inside other parse_and_execute calls optimizations to suppress forks, as suggested by Martijn Dekker 10/3 ---- configure.ac - SHOBJ_STATUS: make sure it defaults to unsupported and is substituted if the shobj-conf script isn't run. Fixes `make install' bug with a minimal config reported by Andrew Tomazos 10/5 ---- support/shobj-conf - darwin: set compatibility_version for a shared build of the readline library (the standalone readline distribution shares this file) to $(SHLIB_MAJOR)$(SHLIB_MINOR). Recommendation from Max Horn 10/6 ---- array.h - array_first_index: new convenience define array.c - ADD_AFTER: new define, complement of ADD_BEFORE - UNSET_LASTREF: now takes an array as an argument, prepping for move of lastref pointer into the array struct - array_insert: check whether we are adding at the beginning of the array and take a fast path if so - array_insert: use same strategy as array_reference to find the place to insert, starting from the last-referenced element and moving forward or back from there; use ADD_AFTER if moving backward - array_insert: if replacing an existing element, just replace the value with new->value instead of the entire element - array_reference: short-circuit quickly if looking for an element before the first assigned index - array_reference: if we don't find the element, leave lastref pointing to the closest element under the assumption we will be assigning or looking for something close - array_reference: take advantage of ordered indexes to short-circuit when looking for element that is not set 10/7 ---- array.c - array_remove: short-circuit if asked to remove index after max index or before first index 10/10 ----- lib/malloc/malloc.c - internal_realloc: if we are requesting reallocation to the same size as the block's current size, short-circuit and return `mem' right after doing bounds check - internal_realloc: if we are reducing the size of an allocation, and the new size fits in the next lower bin, just keep the same block and adjust the size, so we can avoid some copies parse.y - set_line_mbstate: keep track of the allocated size of shell_input_line_property, only request reallocation if the size increases, but don't let it get too big 10/11 ----- jobs.c - wait_for_background_pids: make sure we wait for pid in last_procsub_child since it's not found in any job -- still needs more work to wait for multiple process substitutions subst.c - process_substitute: if make_child fails, make sure we call restore_pipeline to undo the previous save_pipeline() 10/15 ----- subst.c - process_substitute,command_substitute: leave subshell_level (reflected as $BASH_SUBSHELL) intact for any exit trap instead of decrementing it. Suggested by Martijn Dekker builtins/evalstring.c - optimize_subshell_command: new function, framework for optimizing out forks for command that have already forked and are executing in a subshell. Not used yet expr.c - readtok: if we have a post-increment or post-decrement, and the previous token is not a string, check whether the previous token is a number that results from a pre-increment or pre-decrement, and make that an error. Report from Conrad Hoffmann 10/16 ----- aclocal.m4 - BASH_JOB_CONTROL_MISSING: convert from AC_TRY_RUN to AC_TRY_COMPILE with existing set of preprocessor defines, so it can work when cross-compiling. Suggested by Felix Janda 10/19 ----- variables.c - get_bashpid: BASHPID is no longer readonly; assignments to it are just ignored. doc/{bash.1,bashref.texi} - BASHPID: note that assignments are ignored and unsetting BASHPID causes it to lose its special properties 10/28 ----- builtins/pushd.def - popd_builtin: make sure to check the normalized stack offset (i.e., negatives counting back from the end of the stack) is within bounds before trying to free that stack entry. Report from Fernando Muñoz lib/readline/histfile.c - chown: protect calls with HAVE_CHOWN. Fixes for MinGW{64,32} from J. Peter Mugaas lib/readline/colors.c - S_ISDIR: add define if missing - S_ISUID, S_ISGID, S_ISLNK, S_ISSOCK: don't use unless defined. Fixes for MinGW{64,32} from J. Peter Mugaas bashhist.c - current_command_line_comment: set to the most recent line in a possibly multi-line command that contains a shell comment; set in maybe_add_history and bash_add_history to either the current command number or -2 - maybe_add_history: set current_command_line_comment for first line of command - bash_add_history: chars_to_add set to "\n" if the current command line is one greater than the previous line containing a comment (current_command_line_comment). Fixes complaint from back in January, 2016 from Dave Rutherford array.h - lastref: move last-referenced pointer into each array struct, so all arrays can have reference locality array.c - array_create: set lastref element to 0 - array_copy: if copying the lastref in array a, set the new lastref in the copy to the same element - IS_LASTREF, LASTREF_START, LASTREF, INVALIDATE_LASTREF, SET_LASTREF, UNSET_LASTREF: change to use new array `lastref' member pathexp.c - quote_string_for_globbing: if quoting for a regexp, make sure to skip and copy a leading `^' in a bracket expression, and skip and copy a subsequent `]' (after an optional `^'), so that leading bracket doesn't close the bracket expression. Report from Stephane Chazelas 10/29 ----- subst.c - extract_delimited_string: add calls to CHECK_STRING_OVERRUN for $( inside $((, nested OPENERs, nested ALT_OPENERs, and backquotes - skip_to_delim: add calls to CHECK_STRING_OVERRUN for $(, ${, process substitution - extract_dollar_brace_string: add calls to CHECK_STRING_OVERRUN for $( - extract_dollar_brace_string: use skipsubscript to skip over the array subscript in ${var[sub]} (non-quoted case uses string_extract, which already uses skipsubscript). Tagged for bash-5.0 10/30 ----- variables.c - EPOCHSECONDS: new dynamic variable, time in seconds since Unix epoch; assignments are ignored. Can be used on systems where strftime() doesn't support '%s' - EPOCHREALTIME: new dynamic variable, time in seconds since Unix epoch with microsecond granularity doc/{bash.1,bashref.texi} - EPOCHSECONDS documentation - EPOCHREALTIME documentation execute_cmd.c - decpoint: moved to locale.c, renamed locale_decpoint; changed callers {bashintl,externs}.h - locale_decpoint: extern declaration or #define if support for localeconv() not there 10/31 ----- lib/malloc/malloc.c - posix_memalign: add new posix-mandated interface examples/loadables/rm.c - rm: minimal loadable builtin, removes files and directories, only handles -r and -f options. Original from Tim Ruehsen , heavily rewritten for inclusion as loadable examples/loadables/Makefile.in - rm: add rules to build rm as one of the `other' targets examples/loadables/stat.c - stat: new loadable builtin that takes a filename and loads the info returned by stat(2) into an associative array specified by the -A argument (default STAT) 11/1 ---- variables.c - BASH_ARGV0: new dynamic variable, returns $0 on reference and sets $0 on assignment. From a suggestion from Rocky Bernstein a few years ago doc/{bash.1,bashref.texi} - BASH_ARGV0: document 11/2 ---- lib/glob/sm_loop.c - parse_collsym: make sure to not return an out-of-bounds read if a collating symbol is unterminated. Fixes OOB read reported by Jerzy Kramarz - brackmatch: after incrementing p, before checking whether it's a character range, check whether *p was NULL before the increment and short-circuit the bracket expression if it is jobs.c - discard_last_procsub_child: new function, safely discards last_procsub_child and sets it to NULL subst.c - process_substitute: call discard_last_procsub_child instead of calling discard_pipeline directly. Fixes bug reported by Christian Weisgerber 11/3 ---- shell.h - EX_DISKFALLBACK: new special return status available to builtins; means to attempt to execute a disk command with the same name as the builtin examples/loadables/rm.c - if we see the -i option, return EX_DISKFALLBACK execute_cmd.c - execute_simple_command: if executing a builtin returns EX_DISKFALLBACK, try running execute_disk_command instead bashline.c - shell_expand_line: use expand_word to expand the readline line buffer, which allows us to pass flags with the word. If a numeric argument is supplied, do not perform quote removal (pass Q_HERE_DOCUMENT since here-doc quoting does the right thing) and do not perform command or process subsitution. From a suggestion by Dabrien 'Dabe' Murphy based on an old bug-bash discussion subst.c - expand_word_internal: note that we have added a quoted IFS char to istring by setting sentinel has_quoted_ifs. Usually we only add one if we are not going to be performing word splitting, but we will not perform word splitting if there's no expansion, so we need to take care of that case - expand_word_internal: when performing final word split, if there are no expansions but has_quoted_ifs is non-zero, call remove_quoted_ifs() to remove any quoted ifs characters we added while processing - remove_quoted_ifs: new function, removes CTLESC chars preceding (single-byte) chars in IFS. Used when we are not performing word splitting. Fixes bug reported by Martijn Dekker 11/4 ---- lib/readline/macro.c - _rl_peek_macro_key: return the next character from the current keyboard macro; the next character from the `next' keyboard macro, if there is one, if at the end of the current macro; or 0 to indicate that we are at the end of a keyboard macro sequence lib/readline/rlprivate.h - _rl_peek_macro_key: extern declaration lib/readline/readline.c - _rl_dispatch_subseq: add test for ESC at the end of a keyboard macro, which should cause the keyboard timeout for ESC to kick in. The previous test didn't run the timeout code if executing from a macro, even if we had read the last character of the macro. Fixes bug reported by Clark Wang lib/glob/sm_loop.c - GMATCH: allow trailing backslash in pattern to explicitly match a backslash that is the last character in the string. Bug report from Stephane Chazelas 11/5 ---- builtins/common.c - display_signal_list: if displaying a signal name corresponding to an exit status > 128, don't display the SIG prefix at all. Old code made displaying the SIG prefix dependent on JOB_CONTROL define. Report and fix from Martijn Dekker execute_cmd.c - execute_subshell_builtin_or_function: call without_job_control even if JOB_CONTROL is not defined. Similar to fix from 9/23. Report from Martijn Dekker execute_cmd.c - execute_simple_command: free memory allocated and passed to make_child in the child process if JOB_CONTROL is defined - execute_command_internal: free memory allocated and passed to make_child in the child process created to run a () subshell or a compound command within a pipeline if JOB_CONTROL is defined - execute_coproc: free memory allocated and passed to make_child in the child process if JOB_CONTROL is defined - execute_disk_command: free memory allocated and passed to make_child in the child process if JOB_CONTROL is defined. This series of fixes is the result of reports from Eduardo A. Bustamante López 11/6 ---- lib/sh/unicode.c - u32toutf16: fix to prevent outputting broken surrogate pairs for Japanese locales (ja_JP.UTF-8) on cygwin (which uses UTF-16 natively). Report and fix from Koichi MURASE builtins/trap.def - trap_builtin: if OP is `-' (revert), set the SIGINT signal handler to sigint_sighandler if the shell is interactive and sourcing a file (interactive_shell && sourcelevel) or running a trap (interactive_shell && running_trap) even if it's not currently interactive. Report from Martijn Dekker builtins/read.def - check for and read multibyte characters in all cases, not just when we are reading a specific number of characters, as long as mb_cur_max > 1 subst.c - expand_word_internal: some improvements to code that converts istring into a WORD_LIST * to avoid multiple allocations and copies of istring, which is already malloc'ed memory -- reduce number of malloc and free calls test.c - unary_test: make sure if we test -v array[@] or array[*] that we free the return value from array_value 11/8 ---- expr.c - expcond: make sure to set `noeval' before reading tokens depending on the result of the conditional test, since readtok() can evaluate identifiers (and recursively those containing expressions). Report and fix from Koichi MURASE builtins/evalstring.c - should_suppress_fork: make sure to check for traps on EXIT and ERR, since any_signals_trapped() only checks for `real' signals, not the fake shell ones. Fixes bug reported by Werner Fink - optimize_subshell_command: ditto 11/9 ---- eval.c - reader_loop: change so that we don't reset the SIGINT handler every time through the command loop in an interactive shell if the signal is trapped (as the comment noted). Reported by Report from Martijn Dekker subst.c - parameter_brace_{patsub,remove_pattern,transform,casemod}: save and restore this_command_name while temporarily setting it for use in error messages. Fixes use-after-free error reported by Jerzy Kramarz - string_extract_verbatim: make sure when we increment i by 2 due to a CTLESC or CTLESC-CTLNUL that we don't read past the end of the string. This can happen if the string ends with an odd number of CTLESC chars. Fixes oob-read error reported by Jerzy Kramarz 11/11 ----- configure.ac,aclocal.m4 - BASH_FUNC_SBRK: make sure sbrk actually works, instead of being just a stub function like on several Linux distributions lib/malloc/malloc.c - malloc_usable_size: return the maximum number of bytes available for a particular memory allocation (size of block allocated for it) 11/12 ----- configure.ac - changes to make --enable-profiling work on Linux (-pg, no static link, no -static in LDFLAGS) Makefile.in - changes to make --enable-profiling work on Linux (take ${PROFILE_FLAGS} out of BASE_CCFLAGS, add to CCFLAGS instead; add BASE_LDFLAGS define that doesn't include -pg or -static; use BASE_LDFLAGS in LDFLAGS; move ${PROFILE_FLAGS} and ${STATIC_LD} to LDFLAGS) tests/run-gprof - changes to make profiling test suite with gprof work on Linux (set GMON_OUT_PREFIX to handle multiple profiled processes per test; change default filename to gmon.out from bash.gmon; look for gprof output files in ${TMPDIR} instead of /tmp; handle multiple profiling files starting with $GMON_OUT_PREFIX) locale.c - locale_isutf8: use locale_charset() if it's available and nl_langinfo isn't - locale_isutf8: add code to parse a locale specification and determine whether the encoding is UTF-8 (or utf8) in the absence of nl_langinfo and locale_charset - set_default_locale: make sure to set locale_utf8locale early on - locale_utf8locale: set via call to locale_isutf8 wherever LANG, LC_ALL, or LC_CTYPE is set 11/13 ----- lib/readline/display.c - rl_redisplay: handle report of potential integer overflow in horizontal display mode from Mateusz Lenik lib/sh/mbschr.c - mbschr: if in a UTF-8 locale (locale_utf8locale) and we are looking for an ASCII character, use (essentially) strchr as a shortcut lib/sh/shmbchar.c - utf8_{mbstrlen,mblen,mbsmbchar,mbsnlen}: UTF-8-specific replacement functions (should also be able to use utf8_mblen in subst.c: string_extract_verbatim) - mbsmbchar: if locale_utf8locale is true, call utf8_mbsmbchar - mbsmbchar: in UTF-8 locale, use utf8_mblen instead of mbrlen (not used if earlier shortcut taken) lib/sh/unicode.c - u32cconv: don't use nl_langinfo early to call u32toutf8() - u32cconv: use locale_utf8locale to set utf8locale - u32cconv: when initializing (u32init == 0), use locale_charset, then nl_langinfo, then stub_charset to determine the charset - u32cconv: even if we don't have iconv, if locale_utf8locale is non- zero, return u32toutf8 11/15 ----- lib/readline/nls.c - _rl_init_locale: new function, split off code that determines current locale from _rl_init_eightbit, use it to set _rl_utf8locale lib/readiline/rlprivate.h - _rl_init_locale: new extern declaration lib/readline/readline.c - rl_initialize: if not initializing everything the first time, call _rl_init_locale to check current locale and set _rl_utf8locale lib/readline/text.c - _rl_insert_char: optimize cases where we are inserting a single-byte character in a locale with multibyte characters - _rl_insert_char: check whether character is single byte if we know we are in a UTF-8 locale, optimize single-byte case to avoid calls to mbrtowc and memmove/memcpy lib/readline/mbutil.c - _rl_char_value: if we are in a UTF-8 locale (_rl_utf8locale) and the current character does not have the eighth bit set ((c & 0x80) == 0), return that char without bothering to call mbrtowc - _rl_adjust_point: don't bother calling mbrlen if we are in a UTF-8 locale and the current character is not a multibyte character - _rl_find_next_mbchar_internal: if we are in a UTF-8 locale, use that to avoid calls to mbrtowc lib/readline/display.c - _rl_col_width: if in a UTF-8 locale, take advantage of that to avoid calls to mbrlen and mbrtowc - rl_redisplay: if in a UTF-8 locale, take advantage of that to avoid calls to mbrtowc 11/17 ----- lib/readline/histlib.h - PATTERN_SEARCH: new flag for history search interfaces, means to search for a pattern as Posix specifies lib/readline/histsearch.c - history_search_internal: now takes a `flags' argument instead of just an `anchored' argument to accommodate PATTERN_SEARCH - _hs_history_patsearch: new internal interface to use when flags specify PATTERN_SEARCH lib/readline/rlprivate.h - SF_PATTERN: new flag for non-incremental search contexts, means to treat search string as a pattern (maps to PATTERN_SEARCH) lib/readline/search.c - noninc_dosearch: takes an additional `flags' argument for SF_PATTERN - noninc_search_from_pos: takes an additional `flags' argument for SF_PATTERN - noninc_dosearch: pass flags argument through to noninc_search_from_pos - _rl_nsearch_init: if we are in vi command mode, and `pchar' (key used to invoke the search) is `?' or `/', add SF_PATTERN to the flags to conform to Posix spec for vi-mode editing - _rl_nsearch_dosearch: if cxt->sflags indicates that we should do a pattern search, pass SF_PATTERN to noninc_search_from_pos - rl_noninc_forward_search_again: if in vi command mode and key == `N', make sure flags arg passed to noninc_dosearch includes SF_PATTERN - rl_noninc_reverse_search_again: if in vi command mode and key == `n', make sure flags arg passed to noninc_dosearch includes SF_PATTERN - rl_history_search_internal: pass extra flags arg to noninc_search_from_pos 11/18 ----- lib/readline/search.c - noninc_search_from_pos: takes a new argument, a pointer to int where it stores the offset of the match in the history line (if non-NULL), modified callers - rl_history_search_internal: pass newcol pointer to noninc_search_from_pos to avoid having to recompute the match offset in the matching history entry config.h.in - define HAVE_FNMATCH if we have the fnmatch function (configure was already checking for it) lib/readline/histsearch.c - _hs_history_patsearch: transform the pattern into one ending in a `*' to avoid having to perform multiple match attempts from each index in the history line - history_search_internal: changes to handle pattern matching if PATTERN_SEARCH is in the flags and HAVE_FNMATCH is defined. This makes vi-mode history searching treat the user-specified search string as an fnmatch pattern, as Posix requires. Fixes issue reported by 11/19 ----- builtins/shopt.def - shopt_enable_hostname_completion: only declare this if READLINE defined, since that's the only time it's used. Reported by isabella parakiss 11/20 ----- builtins/common.c - display_signal_list: make `kill -l 0' print `EXIT', modifying change from 9/17 11/21 ----- subst.c - expand_word_internal: when the shell encounters a backslash as the last character of the string, don't try to add a '\'0' to the end of the string if the string is quoted, just add a <\> and skip to the end of string processing. Fixes oob-read error reported by Jerzy Kramarz test.c - two_arguments: check argv[pos][1] before checking argv[pos][2] when looking for a unary argument. Fixes oob-read error on single `-' in unary operator position reported by Jerzy Kramarz - ANDOR: check s[1] before checking s[2] in case s[1] == end of string. Fixes oob-read error reported by Jerzy Kramarz subst.c - command_substitute: now takes additional flags argument, changed one caller (param_expand) to pass through PF_ASSIGNRHS flag; other callers pass 0 - command_substitute: pass through flags argument to read_comsub - read_comsub: now takes additional new flags argument to indicate whether or not the word is in a context where word splitting will eventually be performed - read_comsub: if we are running in a context where word splitting will not take place (PF_ASSIGNRHS), we read a CTLESC, and CTLESC is in $IFS, add a CTLESC to make sure it gets through a round of dequoting 11/23 ----- parse.y - xparse_dolparen: since reset_parser frees the pushed string list, and this is supposed to be a separate parsing context, we need to save and restore pushed_string_list around the call to parse_string and reset_parser. Fixes bug reported by Dan Douglas bashhist.h - HISTEXPAND_DEFAULT: default value of history_expansion, moved here from flags.c flags.[ch] - histexp_flag: new variable, this is what set -H/set -o histexpand sets; history_expansion set to value of this variable; defaults to 0 - history_expansion: now set to HISTEXPAND_DEFAULT bashhist.c - bash_history_reinit: if interact == 0, set history_expansion to the value of histexp_flag, to allow -H option to enable history expansion - bash_history_reinit: if interact == 0, make sure history_expansion_inhibited is set opposite of histexp_flag, so enabling history expansion with -H invocation option turns off inhibited expansion. If interactive shell, we turn it off so history_expansion controls whether or not history expansion takes place. In practice, this function is always called with interact == 0, and -c command still doesn't perform history expansion shell.c - init_interactive: make sure histexp_flag and history_expansion are identical in an interactive shell; allows both -H/+H option and default compilation options (HISTEXPAND_DEFAULT) to work 11/24 ----- subst.c - get_word_from_string: take advantage of the fact that SEPARATORS is always a (possibly local) copy of IFS, so build a local charmap of separators and use it instead of the (cached and possibly stale) ifs_cmap map and isifs macro. Fixes bug with -N stripping leading whitespace reported by Clark Wang 11/25 ----- builtins/read.def - read_builtin: make `i' volatile, since auto variables are technically undefined after a longjmp, and a timeout on SIGALRM causes one. Fix suggested by Dmitry Goncharov 11/27 ----- parse.y - shell_getc: if we are reading input from a string, and we get the ending '\0', and we are not expanding an alias, return EOF right away. It might be an eval'ed string that has a syntax error. Fixes bug reported by Dan Douglas 11/28 ----- subst.c - expand_word_internal: if we're expanding a quoted string containing a tilde as the first character of a word, only expand the tilde if we're expanding an array subscript (Q_ARRAYSUB), not if we're expanding any arithmetic expression (Q_ARITH). This fixes a backwards compatibility issue with expressions like ~0 reported by Bize Ma subst.c - parameter_brace_expand_indir: if the variable is not special and the indirect variable is unset (!variable where variable is unset), report an error. This is a slight incompatibility with previous versions, which did not differentiate between indirecting an unset variable and an indirect expansion resulting in an unset variable. Fixes omission reported by otenba@protonmail.com 11/30 ----- lib/readline/doc/{rluser.texi,readline.3},doc/bash.1 - do-uppercase-version: since this doesn't actually exist, replace it with do-lowercase-version, with the caveat that do-lowercase-version results in undefined behavior if bound to a character that's already lowercase. Suggested by Branden Robinson lib/readline/doc/rluser.texi - history-substring-search-forward: was misspelled as "substr-search"; ditto for search-backward doc/bash.1 - history-substring-search-{backward,forward}: add documentation, text straight from readline.3 jobs.c - initialize_job_control: if the terminal's process group is valid, but the shell is not the foreground process, check for terminating signals (like SIGHUP, which the kernel would send if the process group were orphaned) during the loop where we try to stop the shell if it's not in the foreground. Not a perfect solution; the kernel might not send SIGHUP 12/1 ---- jobs.c - initialize_job_control: only go through the SIGTTIN loop 16 times at most before deciding we're in the background and probably a member of an orphaned process group; set original_pgrp to the terminal's pgrp (so the eventual give_terminal_to doesn't leave the terminal in the wrong pgrp); and bail on job control initialization tests/run-all - unset SHELLOPTS to avoid its options `polluting' the test environment. Suggestion from Vladimir Marek tests/execscript - use $PWD/exec8.sub to protect against someone who has a cd command in his bashrc. Report from Vladimir Marek 12/2 ---- shell.c - open_shell_script: call end_job_control before exiting the shell in case we were run as `bash -i script' and there is a problem with executing `script'. If we don't, the terminal ends up in the wrong process group. Fix from Clark Wang 12/3 ---- parse.y - read_comsub: if we look for a character following a `<' and it's not `<' (indicating that we don't have to read a here-document), make sure we push that character back and go through the loop again so we note the right word start location. Fixes bug reported by parasite parasite <42parasite@gmail.com> subst.c - parameter_brace_expand_indir: clean up checks for unset variables to minimize incompatibilities with previous versions 12/5 ---- lib/readline/history.c - add_history: don't update history_length until all of the updates to the_history are complete, so history_length is always consistent. Report and fix from Hong Cho bashline.c - bash_backward_shellword: fix to work better at the end of the line, with multiple trailing whitespace characters. Inspired by report from Kirill Timofeev Makefile.in - bashbug: use `^' as the sed delimiter instead of `%'; some compilers use `%' in CFLAGS. Report from Vladimir Marek 12/6 ---- test.c - test_unop: make sure op[1] != 0 before testing op[2] - term: make sure argv[pos][1] != 0 before testing argv[pos][2]. Fixes oob-read reported by Jerzy Kramarz 12/7 ---- lib/glob/glob.c - glob_filename: assign the return value of realloc (results, ...) to a temp pointer, so if realloc returns NULL, we make sure we free results. Report from Kirill Timofeev 12/12 ----- lib/sh/shquote.c - sh_backslash_quote: if FLAGS&2, backslash-quote other single-byte characters that are in the current locale's character class builtins/printf.def - printf_builtin: when processing the `%q' format, make sure to backslash quote all characters by making sure that FLAGS passed to sh_backslash_quote includes 2. Fixes issue for certain iso-8859-1 locales where character 160 (octal 240, hex 0xa0) is a non-breaking space. Report from Stephane Chazelas lib/sh/eaccess.c - sh_stat: if DEV_FD_STAT_BROKEN is defined, take /dev/fd/N and turn it into a stat on file descriptor N, as if /dev/fd were not available. This is the case on some old versions of SunOS. Report and patch from Dmitry Goncharov config.h.in - DEV_FD_STAT_BROKEN: add define configure.ac - --enable-dev-fd-stat-broken: new command-line option, defines DEV_FD_STAT_BROKEN if supplied at configure time doc/bashref.texi - --enable-dev-fd-stat-broken: document new command-line option for configure arrayfunc.c - assoc_expand_once: new variable, declared here just because arrayfunc.h - assoc_expand_once: extern declaration - AV_NOEXPAND: new flag value for the array_value family of functions: means to not run associative array subscripts through word expansion builtins/set.def - unset_builtin: call unbind_array_element with assoc_expand_once as third arg, controls whether we expand associative array subscripts (if 1, we suppress the usual expansion). With accompanying shopt, provides backwards compatible option to solve problem with quotes and other characters in associative array subscripts pointed out most recently by Mingye Wang (Arthur2e5) builtins/shopt.def - assoc_expand_once: new option, controls value of internal variable with the same name. Currently undocumented because I'm not completely sold on the name expr.c - evalexp: now takes a second argument, flags. Changed all callers in multiple other files (builtins/let.def,execute_cmd.c,arrayfunc.c, subst.c,test.c,variables.c) externs.h - EXP_EXPANDED, new flag for second argument to evalexp builtins/let.def - let_builtin: add EXP_EXPANDED to flags passed to evalexp execute_cmd.c - execute_arith_command: add EXP_EXPANDED to flags passed to evalexp, since the command string is run through expand_words_no_vars before being evaluated expr.c - set expression-global variable already_expanded if flags arg to evalexp contains EXP_EXPANDED - if assoc_expand_once option set and already_expanded flag set, pass 1 in flags to array_variable_part to skip over quotes and expansions in the subscript - if those two variables set, pass AV_NOEXPAND as flag to get_array_value to prevent word expansions on the subscript arrayfunc.c - if flags passed to unbind_array_element includes 1, pass flag on to skipsubscript so we don't expect matched quotes or process expansions in the subscript - if flags to array_value_internal include AV_NOEXPAND, pass 1 as flag to array_variable_part to pass along to skipsubscript - if flags to array_value_internal include AV_NOEXPAND, don't call expand_assignment_string_to_string; just use the unexpanded subscript to produce the key [THIS IS A WORK IN PROGRESS] 12/14 ----- subst.h - ASS_NOEXPAND: assignment flag that inhibits expansion of associative array subscripts variables.c - bind_int_variable: takes new flags arg; flags are taken from the ASS_ set of assignment flags, changed callers (bashline.c, expr.c, pcomplete.c) - bind_int_variable: if flags includes ASS_NOEXPAND, pass 1 as flag to valid_array_reference and array_variable_part to pass along to skipsubscript, so we don't try to skip over quoted strings in the subscript - bind_int_variable: pass flags along to assign_array_element variables.h - bind_int_variable: updated extern declaration with new flags arg expr.c - expr_bind_variable: if the assoc_expand_once option is enabled, and the flags to evalexp indicate that we have already run the expression through word expansion, pass ASS_NOEXPAND as flag to bind_int_variable arrayfunc.c - assign_array_element: if flags includes ASS_NOEXPAND, pass 1 as flag to array_variable_name to pass along to skipsubscript - assign_array_element: if flags includes ASS_NOEXPAND, don't run an associative array subscript through word expansion, just use as-is subst.c - param_expand: call evalexp with EXP_EXPANDED flag for arithmetic substitution because the string has already been expanded with expand_arith_string 12/15 ----- builtins/read.def - read_builtin: use value of assoc_expand_once for valid_array_reference as with other uses - bind_read_variable: if assoc_expand_once is set, pass ASS_NOEXPAND to assign_array_element general.c - assignment: instead of checking whether flags == 0 to allow a `[', explicitly check for (flags&1) to disallow it. This leaves the door open for additional flag values builtins/printf.def - printf_builtin: use value of assoc_expand_once for valid_array_reference as with other uses - bind_printf_variable: if assoc_expand_once is set, pass ASS_NOEXPAND to assign_array_element 12/16 ----- builtins/history.def - change history -d option to handle negative arguments; negative arguments offset from the end of the history list (last_position + 1 so history -d -1 deletes the history -d command that just got added). Original patch from Piotr Grzybowski doc/bash.1,lib/readline/doc/hsuser.texi - documented new behavior of negative offsets for `history -d' 12/17 ----- lib/readline/history.c - remove_history: use memmove to move the history list around instead of a loop that copies pointers one at a time, similar to add_history 12/19 ----- configure.ac - linux: make sure PGRP_PIPE is defined unconditionally for all kernel versions greater than 2.3.* lib/readline/history.c - clear_history: when clearing the history, reset history_base to 1 (its default) - remove_history_range: new function, removes a set of history entries and returns them all for deallocation lib/readline/history.h - remove_history_range: extern declaration 12/20 ----- execute_cmd.c - eval_arith_for_expr: pass EXP_EXPANDED to evalexp, since we run the expression through expand_words_no_vars 12/21 ----- input.c - b_fill_buffer: when read returns EOF or error, and we reset the buffer and pointers, reset the input pointer to 0. Fixes issue reported by Stephane Chazelas 12/22 ----- arrayfunc.[ch],subst.c - array_expand_index: added new FLAGS argument, reserved for future use, changed callers 12/24 ----- variables.c - can_optimize_assignment,optimized_assignment: see if we can detect whether or not we're trying to append a string to a string variable, and optimize that using realloc/strcpy. Based on a log-ago suggestion from Aharon Robbins 12/27 ----- builtins/help.def - help_builtin: don't pass return value from ngettext() directly to printf 12/28 ----- sig.c - set_signal_handler: set SA_RESTART for SIGWINCH, so window size changes don't interrupt open/read/write. Suggested by Andriy Prystupa back in 10/2016 12/30 ----- execute_cmd.c - coproc_pidchk: if MULTIPLE_COPROCS, call cpl_search to find coproc associated with pid, don't remove it from the list with cpl_delete. Just mark as dead and wait for coproc_reap/cpl_reap to take care of disposing it - execute_coproc: NEW FEATURE: run the coproc name through word expansion before creating the coproc; this allows unique coprocs to be created in loops. Originally requested way back in 2012 by Erik Brandsberg command.h - subshell_com: now has a line number member: line make_cmd.c - make_subshell_command: assign current line number (line number of the ending right paren) to `line' member copy_cmd.c - copy_subshell_command: copy the `line' member execute_command.c - execute_command_internal: when executing a user subshell (`(command)'), set the line number and line number for the ERR trap from the line number saved in the subshell command struct. Fix from Eduardo A. Bustamante López - execute_arith_command: set line number for ERR trap from line number saved in the arith command struct. Fix from Eduardo A. Bustamante López - execute_cond_command: set line number for ERR trap from line number saved in the cond command struct. Fix from Eduardo A. Bustamante López variables.c - bind_variable_internal: move can_optimize_assignment call to the right place 12/31 ----- variables.c - find_variable_nameref: treat a circular variable reference as referring to a variable of that name in the global scope (for now), if one exists. PROVISIONAL change: inspired by suggestion back in 6/2016 by Grisha Levit 1/2/2017 -------- {expr,general,hashcmd}.c - include flags.h for flag values make_cmd.c - include shell.h instead of the files it includes flags.h - new extern declarations for want_pending_command, read_from_stdin subst.h - add extern declaration for expanding_redir, assigning_in_environment trap.h - add extern declaration for running_trap execute_cmd.h - added extern declarations for variables declared in execute_cmd.c, changed files that declare lots of extern variables shell.h - added extern declarations for variables declared in shell.c, changed files that declare lots of extern variables parser.h - added extern declarations for variables declared in parse.y, changed files that declare lots of extern variables [lots of changes to reduce the number of extern declarations in C and DEF files] parse.y - xparse_dolparen: need ALIAS or DPAREN_ARITHMETIC to be defined to use STRING_SAVER 1/3 --- sig.c - termsig_handler: don't call end_job_control if subshell_environment indicates that we're in a command or process substitution. Provisional fix for bug reported by Russell King jobs.c - end_job_control: only attempt to give the terminal back to original_pgrp if job_control != 0; don't test interactive_shell execute_cmd.c - execute_disk_command: call QUIT after search_for_command, since the only time QUIT gets called is when the path is actually searched. It doesn't happen for an absolute pathname. Fix for bug reported by Russell King 1/16 ---- lib/glob/glob.c - extglob_skipname,wextglob_skipname: if we don't find a reason to not skip the name in any subpattern (r returns 0 for any subpattern), return 1 because we should skip the name - extglob_skipname,wextglob_skipname: if we don't find a reason to not skip the name in any subpattern, but the first part of the extglob pattern is a wildcard (`*(pat)'), check the rest of the pattern, if any, to decide whether or not to skip the name. Fixes bug reported by Grisha Levit lib/glob/glob_loop.c - CHAR -> GCHAR (unsigned char); change uses of CHAR to GCHAR lib/glob/glob.c - wchkname -> wskipname - wskipname: now takes a third `flags' argument, like the other variants of skipname 1/17 ---- redir.c - here_document_to_fd: set the file descriptor open for writing to the here document to be close-on-exec. Fixes bug reported by Siteshwar Vashisht 1/18 ---- {gmisc,gm_loop}.c - match_pattern_char,match_pattern_wchar: moved to gm_loop.c (new file), compile twice for single and wide characters as with the rest of the functions - umatchlen,wmatchlen: ditto - extglob_pattern_p: move to gm_loop.c, generalize for regular and wide-char versions 1/19 ---- lib/readline/complete.c - stat_char: fix small memory leak if stat/lstat returns -1 bashline.c - bash_filename_stat_hook,bash_directory_completion_hook: make sure expand_prompt_string is caled wth W_NOPROCSUB flag - directory_exists: don't dequote the filename passed as an argument; this function should never get quoted pathnames subst.c - expand_word_internal: when calling expand_word_internal recursively after reading a double-quoted string, make sure the W_NOCOMSUB and W_NOPROCSUB flags make it to the recursive invocation. Fixes bug reported by Jens Heyens 1/23 ---- lib/readline/signals.c - _rl_orig_sigset: original signal mask, set and restored by rl_set_signals (rl_clear_signals doesn't block signals). If we are not installing signal handlers, just save signal mask each time rl_set_signals is called lib/readline/input.c - rl_getc: use _rl_orig_sigmask in the call to pselect(), so we block the set of signals originally blocked by the calling application. Fixes bug reported by Frédéric Brière parse.y - yy_readline_get: try to unset NONBLOCK mode on readline's input file descriptor before calling readline(). Inspired by report from Siteshwar Vashisht 1/30 ---- parse.y - parse_comsub: don't unconditionally set the LEX_WASDOL flag when we see a `$'; we should toggle it to accommodate things like $$. Fixes bug reported by Christian Weisgerber - parse_matched_pair: do the same thing with LEX_WASDOL 2/1 --- jobs.h - JWAIT_PERROR,JWAIT_FORCE: new defines for the wait_for_ family of functions jobs.c - wait_for_job, wait_for_any_job: take new flags argument for use by the wait builtin - wait_for_job: if JWAIT_FORCE flag supplied, loop waiting for job to terminate instead of change state - wait_for_single_pid: if JWAIT_FORCE flag supplied, loop waiting for child process to terminate instead of change state builtins/wait.def - takes a new `-f' option, signifying to wait until the specified job or process terminates, instead of changes state doc/{bash.1,bashref.texi} - wait: document the new -f option and its behavior when job control is enabled - job control: add a paragraph describing how the wait builtin changes behavior when job control is enabled: it returns when a job changes state 2/2 --- examples/loadables/fdflags.c - fdflags: new loadable builtin to set and unset file descriptor flags (such as non-blocking, though bash undoes that) for descriptors bash has open. Developed in consultation with Christos Zoulas 2/3 --- lib/readline/text.c - rl_previous_screen_line: attempt to move to the same column on the previous screen line of the current readline buffer by moving back a number of characters equal to the screen width - rl_next_screen_line: attempt to move to the same column on the next screen line of the current readline buffer by moving forward a number of characters equal to the screen width. Both originally suggested by Hans Ginzel lib/readline/readline.h - rl_{next,previous}_screen_line: extern declarations lib/readline/funmap.c - {next,previous}-screen-line: new bindable command names lib/readline/doc/{rluser.texi,readline.3} - {next,previous}-screen-line: document behavior, including limitations 2/5 --- lib/readline/input.c - rl_read_key: when reading input from a macro, make sure to return the next character as an unsigned char, so we handle multibyte character sequences correctly. Report and fix from Grisha Levit 2/6 --- shell.c - --pretty-print: new invocation option, currently undocumented, dumps a pretty-printed version of a shell script given as an argument to stdout - main: call pretty_print_loop() if we're in pretty-printing mode in a non-interactive shell eval.c - pretty_print_loop: new function, similar to reader_loop, reads commands and prints them by displaying the result from make_command_string() externs.h - pretty_print_loop: new extern declaration 2/9 --- doc/{bash.1,bashref.texi} - here strings: correct documentation to note they do not undergo brace expansion. Report from Conor McCarthy 2/9 --- lib/readline/display.c - expand_prompt: instead of recomputing the line break offsets for prompts that span multiple screen lines on every call to rl_redisplay, do it here. Manage a local array local_prompt_newlines; set an offset every time `physchars' hits a multiple of the screen width. Inspired by https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843819 - rl_redisplay: don't calculate multi-line prompt line break indices here; use the values calculated by expand_prompt - rl_{save,restore}_prompt: save and restore local_prompt_newlines 2/11 ---- lib/readline/mbutil.c - _rl_find_prev_mbchar_internal: since we're traversing the string from the beginning, shortcut non-multibyte characters in a UTF-8 locale parse.y - parse_comsub: if we are parsing a here document with a quoted delimiter (LEX_QUOTEDDOC), we should not remove pairs from the body of the here document. Need to add LEX_QUOTEDDOC to the values in tflags when calling shell_getc. Fixes bug reported by Michael Homer , patch was originally contributed by Geir Hauge 2/15 ---- jobs.c - bgp_add: if hashed pid collides with bgpids.head index, print a warning and move to the next index. Attempt to avoid collision problem reported by Graham Northup 2/17 ---- subst.c - process_substitute: call remove_quoted_escapes on the command string like command substitution does, since the string will be run through the parser again. Fixes bug reported by David Simmons config-top.h - STATIC_PATH_VALUE: new config variable, undefined by default variables.c - shell_initialize: if STATIC_PATH_VALUE is defined, use it to set the PATH variable at shell startup, overriding the environment and any value for DEFAULT_PATH_VALUE. Based on a suggestion from Lonnie Abelbeck 2/18 ---- shell.c - maybe_make_restricted: clear the hash table before making the PATH variable read-only by calling stupidly_hack_special_variables. Suggestion from Lonnie Abelbeck subst.c - expand_string_for_pat: change expansion of WORD in ${param[%[%]][#[#]]word} to use this new function, initially identical to expand_string_for_rhs - getpattern: use expand_string_for_pat to expand the pattern 2/19 ---- subst.c - expand_string_for_rhs: now that this is only used to expand the RHS of the various non-pattern ${paramOPword} expansions, set expand_no_split_dollar_star depending on whether or not the entire brace expansion is going to be subjected to word splitting: if it's quoted or if IFS is set but null, we will not be splitting so we set this to 1 and let $* expand to separate fields separated by a space. This was heavily debated back in October 2014 and resulted in Posix interp 888. Reported by Martijn Dekker 2/20 ---- subst.c - expand_string_for_rhs: now takes `op' (brace expansion operator) as an additional argument; changed call in parameter_brace_expand_rhs - expand_string_for_rhs: make sure to set expand_no_split_dollar_star if `op' is `=', since we are supposed to preserve the assignment statement expansion semantics on the RHS of ${param=word} jobs.c - bgp_delindex: make sure to set ps->pid to NO_PID so we more effectively remove it from the hash table. It shouldn't matter as long as nothing in pidstat_table points to it, but better to be safe - bgp_delete,bgp_search: generalize previous collision detection to loop detection: abort search if we are going to go back to the first index we tried 2/21 ---- lib/readline/vi_mode.c - rl_vi_bword: if we're trying to move backward to non-whitespace in a line that begins with whitespace, make sure we don't move point to 0 and test memory locations before the start of the buffer. Report and fix from Jason Hood lib/readline/display.c - expand_prompt: if _rl_screenwith == 0, call rl_reset_screen_size to initialize it. If it's still 0 after that, guess that the screen width is 80 and use that to guess how many screen lines the prompt consumes lib/readline/readline.c - readline_internal_setup: if in emacs editing mode, and we are showing the editing mode in the prompt, call _rl_reset_prompt() to make sure that the updated setting of _rl_show_mode_in_prompt (presumably set in an inputrc file) is reflected in the redisplay performed by rl_callback_newline via readline_internal_setup. Fix from Jason Hood 2/22 ---- builtins/complete.def - print_one_completion,print_compopts: make sure to display the `nosort' and `noquote' options if they've been set for a particular compspec. Fix from Grisha Levit builtins/read.def - read_builtin: if -e is supplied, read needs to free rlbuf before returning, since it uses discard_unwind_frame at that point. Bug and fix from ZhangXiao execute_cmd.c - execute_for_command: when using a nameref as the for loop control variable, make sure we check for readonly namerefs and make sure that we force bind_variable to enforce restrictions on nameref assignments. Fix from Grisha Levit 2/23 ---- general.c - make_absolute: convert deprecated cygwin_conv_to_full_posix_path to cygwin_conv_path (CCP_WIN_A_TO_POSIX, ...) {shell,variables}.c,config-top.h - modify change from 2/17: rename STATIC_PATH_VALUE to RBASH_STATIC_PATH_VALUE; don't use it in shell_initialize; set PATH to it just before imposing restricted shell restrictions 2/24 ---- subst.c - expand_string_for_rhs: revert change from 2/19 concerning setting expand_no_split_dollar_star so we are consistent with the Posix examples. This anticipates Martijn Dekker initiating an austin group discussion about this case 2/25 ---- pcomplete.c - gen_shell_function_matches: if COMPREPLY is an associative array, don't coerce it to an indexed array, which will fail to produce any matches anyway. Report from Grisha Levit - bind_comp_words: if COMP_WORDS exists as a nameref variable, ignore the nameref attribute. Report from Grisha Levit subst.c - parameter_brace_expand: if expand_no_split_dollar_star is set, make sure chk_atstar treats ${var[*]} as quoted by passing Q_DOUBLE_QUOTES as the second argument. Fixes differing treatment of $* and ${v[*]} reported by Grisha Levit , because otherwise *contains_dollar_at gets set to 1 and the word is inappropriately split 3/1 --- subst.c - expand_word_list_internal: if a variable assignment fails (e.g., due to a readonly variable) in a non-interactive posix mode shell, don't abort the shell if the assignment is being performed by the command builtin, even if it's something like `command eval v=1'. Fixes RedHat bug https://bugzilla.redhat.com/show_bug.cgi?id=1389838 (reported by Denys Vlasenko) 3/3 --- builtins/shopt.def - set_compatibility_level: make sure that changing the compatibility level sets or modifies BASH_COMPAT. Fixes bug reported by Stephane Chazelas lib/glob/smatch.c - is_cclass: broke into two functions: is_valid_cclass and cclass_test, for future expansion. No functionality change lib/glob/sm_loop.c - BRACKMATCH: when testing a character against a character class name, use the unfolded (original) character, since we're not performing a comparison. This is what glibc does. Fixes bug reported by Lukáš BaÅinka 3/4 --- doc/{bash.1,bashref.texi} - note that the arguments to -eq and the rest of the arithmetic operators are evaluated as expressions when using [[. Report from Rob la Lau 3/7 --- lib/readline/display.c - update_line: completely rewrote the code that handles line wrapping in the presence of multibyte/double-width characters; punts to a dumb update in cases where the number of screen positions doesn't match - update_line: in one case, where we are deleting characters from the line, if we are writing a non-space into the last screen character position, note that we are no longer using a space as a placeholder for a line wrap where there is a multi-width character that won't fit on the screen line (wrapped_line[current_line+1] = 0) 3/10 ---- lib/readline/readline.c - bind_arrow_keys_internal: add default key bindings for control- arrow keys, suggested by Per Bothner 3/13 ---- doc/{bash.1,bashref.texi} - clarify the prompt strings the undergo expansion (PS0, PS1, PS2, and PS4) before being displayed. Based on a report from Grisha Levit 3/14 ---- input.c - bufstream_ungetc: return EOF if being asked to unget a character to a NULL buffer - buffered_getchar: check buffered_fd is valid and buffers[buffered_fd] is non-NULL before trying to dereference. Fixes bug reported by floyd execute_cmd.c - execute_null_command: if we fork to execute the command, the subshell is not interactive - execute_null_command: for safety's sake, if a redirection attached to a null command affects fd 0 or the fd the shell is reading for input, and the redirection can potentially change or close that file descriptor, force a fork so the redirection is done in a subshell 3/15 ---- lib/readline/display.c - update_line: if we have to output some bytes, and we are outputting the prompt string, make sure we correct _rl_last_c_pos if we are at the wrap offset -- what if all of the characters in the prompt are invisible, so the visible length is 0? Fixes display bug reported by Grisha Levit execute_cmd.c - undo_partial_redirects: new function, performs redirections specified in redirection_undo_list and disposes of them. Intended to be used to unwind redirections performed before a redirection error - dispose_partial_redirects: new function, disposes of redirection_undo_list and nulls the list - execute_command_internal: use undo_partial_redirects execute_cmd.h - undo_partial_redirects: extern declaration - dispose_partial_redirects: extern declaration subst.c - exp_jump_to_top_level: if we are throwing an expansion error while expanding a redirection (expanding_redir != 0), undo any undoable redirections by calling undo_partial_redirects() so we don't leave any in place variables.c - initialize_shell_variables: if SHELLOPTS is in the environment, unset the readonly attribute on any existing variable with that name. It may have been created by processing a -o option on the command line. Fixes issue reported by Stephane Chazelas 3/16 ---- lib/readline/histfile.c - read_history_range: short-circuit and do nothing if the history file is of 0 size - read_history_range: make sure the buffer is zero-terminated so the timestamp tests work right for history files of 1 character. Report and recommended fix from Denis Martinez lib/readline/complete.c - compute_lcd_of_matches: when trying to compute the common prefix of a set of matches while performing case-insensitive completion matching, don't sort the match list unless rl_sort_completion_matches is non-zero. Fixes problem reported by Roee Bar 3/18 ---- subst.c - extract_dollar_brace_string: handle process substitution embedded in a ${...} expansion in the same way as command substitution. Reported by D630 parse.y - LEX_GTLT: new flag, set by parse_matched_pair when a `<' or '>' is read - parse_matched_pair: handle an embedded process substitution like an embedded command substitution if we are parsing an array index or a dollar-brace expansion. Reported by D630 3/21 ---- subst.h - ASS_NOEVAL, ASS_NOLONGJMP: new values for assignments, used by make_variable_value variables.c - make_variable_value: ASS_NOEVAL: if this is set, don't attempt arithmetic evaluation or case modification, just produce the value (still honor ASS_APPEND) - make_variable_value: ASS_NOLONGJMP: don't longjmp back to top_level if arithmetic evaluation fails due to a syntax error - bind_variable_internal: make sure aflags is passed to all calls to make_variable_value - push_temp_var: add ASS_NOLONGJMP to the flags passed to bind_variable_internal. Fixes bug reported by D630 bashline.c - bash_execute_unix_command: don't bother to attempt optimization by checking whether the call to parse_and_execute changes $READLINE_LINE; it can be defeated by the new code that optimizes appends to string variables. Bug reported by Grisha Levit 3/22 ---- subst.c - expand_string_for_rhs: re-apply change from 2/19 based on discussion on the austin-group mailing list about how unquoted ${var-$*} expands when IFS is null. Originally reported by Martijn Dekker 3/25 ---- parse.y - read_token_word: if we read a WORD immediately after a CASE, FOR, or SELECT, increment `expecting_in_token' to note that we're going to be reading IN as the next non-newline token - special_case_tokens: if we're expecting an IN (expecting_in_token > 0) and we have an "in", return IN and decrement expecting_in_token. This is a better implementation of Posix grammar rule 6 than the previous code in that function (which is still there for posterity, but should eventually be removed). Fixes bug reported by Torka Noda subst.c - string_list_pos_params: if the expansion is not quoted, and IFS is null, return a string containing the quoted positional parameters separated by spaces. Callers know what to do with the string - parameter_brace_substring,parameter_brace_remove_pattern, parameter_brace_transform,parameter_brace_patsub,parameter_brace_casemod: for the VT_POSPARMS case, after calling the operator-specific expansion function, which eventually calls string_list_pos_params, leave the returned string alone, since it's already quoted properly - parameter_brace_expand: after calling the above functions to perform expansions, if the expansion is being performed on an unquoted $* when IFS is null, set the W_SPLITSPACE flag in the return WORD_DESC so that splitting on spaces is performed on the already-quoted word. Fixes bug reported by Grisha Levit 3/28 ---- subst.c - process_substitute: change so the subshell doesn't inherit the 'v' option, like command substitution now does (as of bash-4.4). Suggested by Grisha Levit 3/30 ---- subst.c - parameter_brace_casemod: now takes a pflags parameter, like parameter_brace_patsub; changed callers - parameter_brace_transform: now takes a pflags parameter, like parameter_brace_patsub; changed callers - pos_params_pat_subst,pos_params_modcase: if mflags indicates we're on the rhs of an assignment statement and not going to perform word splitting, we're expanding $*, and $IFS is null, make sure string_list_pos_params treats the expansion as double-quoted, so the positional parameters will be concatenated. Fixes bug reported by Grisha Levit 3/31 ---- doc/{bash.1,bashref.texi} - add notes to the description of pipelines emphasizing that each element of a pipeline is executed in a subshell, referring to the description of a command execution environment, and that the lastpipe option can modify that behavior. From a discussion with Jean Delvare 4/1 --- subst.c - expand_word_internal: set had_quoted_null to note for later if we expand '', "", or "$x" when x is unset - expand_word_internal: if we expand "$param" (or "${param}") and we come back with a single word with the W_HAVEQUOTEDNULL flag set, make sure we set had_quoted_null to remember it for later. In this case, if we already have seen a quoted null and we expanded $@ in this (sub)string expansion, we don't want to do any of the special $@ handling. In particular, we don't want to set *expanded_something, because that will result in word splitting and quoted null removal. Fixes bug reported by Grisha Levit - parameter_brace_patsub: when expanding ${*/pat/sub} in the case where ifs_is_null != 0 and (pflags & PF_NOSPLIT2) (meaning we aren't going to be doing word splitting), pass MATCH_ASSIGNRHS so we do the right thing in this case. Part of a set of cases inspired by Grisha Levit - param_expand: case '*': if we are on the rhs of an assignment (PF_ASSIGNRHS) and ifs is unset, and $1 == " ", we need to make sure string_list_dollar_at gets called with Q_DOUBLE_QUOTES so it quotes the positional parameters before joining them into a string with string_list_internal. Otherwise, that first space gets removed by the implicit word splitting that gets performed. Reported by Grisha Levit array.c - array_patsub,array_modcase: handle ${A[*]} identically to $* when not quoted and IFS is null (separate with spaces). Makes things like ${A[*]/x/y} behave the same as ${*/x/y} when IFS is null subst.c - parameter_brace_patsub,parameter_brace_casemod: if expanding ${A[*]} when the match is on the rhs of an assignment statement (PF_ASSIGNRHS) and ifs is null, make sure the match is performed as if it were quoted - parameter_brace_substring: now takes a PFLAGS argument - parameter_brace_substring: if expanding $* in a context where we don't want to do word splitting (expand_no_split_dollar_star && PF_NOSPLIT2), make sure we expand $* as if it were quoted - parameter_brace_substring: if expanding an unquoted $* on the rhs of an assignment statement when IFS is null, make sure we expand the $* as if it were quoted 4/4 --- doc/{bash.1,bashref.texi} - read: document that a delim argument of '' terminates each line when a NUL character appears 4/5 --- subst.c - parameter_brace_expand_word: handle case where unquoted $@ is expanded in a context where word splitting is not performed (PF_NOSPLIT2) and IFS is not equal to the standard value - param_expand: handle case where unquoted $@ is expanded in a context where word splitting is not performed (PF_NOSPLIT2) and IFS is not equal to the standard value. Fixes bug with IFS == $1 when expanding unquoted $@ reported by Grisha Levit 4/7 --- subst.c - pos_params_pat_subst: if MATCH_ASSIGNRHS is set, don't expand $* as quoted unless expand_no_split_dollar_star is also set. Fixes expansion bug reported on 4/4 by Grisha Levit - parameter_brace_transform: if we transform unquoted A[@] or A[*] when IFS is null, don't quote the result of array_transform in the same way we don't quote the result of parameter_list_transform, since it will come back quoted. Fixes bug reported by Grisha Levit - list_transform: if we transform unquoted $* or ${a[*]} when IFS is null and expand_no_split_dollar_star is non-zero, call string_list_pos_params with Q_DOUBLE_QUOTES to inhibit splitting. We do this in all cases except @Q, which is inconsistent but more intuitive. Fixes bug reported by Grisha Levit 4/8 --- builtins/read.def - read_mbchar: if unbuffered == 2, we are running read -N and need to use zreadn to read the rest of the multibyte char, since the previous call to zreadn may have buffered characters. Fixes bug reported by Stephane Chazelas pathexp.h - QGLOB_CTLESC: new flag for quote_string_for_globbing: means to turn CTLESC CTLESC (quoted CTLESC that's usually removed as part of word splitting or quote removal) into CTLESC pathexp.c - quote_string_for_globbing: if QGLOB_CTLESC is present in flags, turn CTLESC CTLESC into CTLESC, even if the first CTLESC is preceded by a backslash. Callers can't do this because the remaining CTLESC will be treated as a quoting character and turned into a backslash execute_cmd.c - execute_case_command: if the pattern is not quoted, make sure to tell quote_string_for_globbing to turn CTLESC CTLESC into CTLESC by passing QGLOB_CTLESC. Fixes bug reported 4/2 by Martijn Dekker 4/9 --- subst.c - string_transform: after calling ansiexpand for the `E' transformation, need to call dequote_escapes because ansiexpand assumes it is being called by the parser and arranges for ansicstr to quote CTLESC and CTLNUL with CTLESC. Reported by Grisha Levit variables.c - mk_env_string: when exporting functions, run them through dequote_escapes because any strings containing CTLESC or CTLNUL are still quoted with CTLESC. Reported by Grisha Levit subst.[ch] - quote_escapes,dequote_escapes: now take const char * argument execute_cmd.c - execute_intern_function: if the function name contains CTLESC, run it through dequote_escapes just in case it got CTLESC quoting CTLESC or CTLNUL from the parser 4/11 ---- eval.c - reader_loop: make sure PS0 is expanded and displayed before incrementing the command number parse.y - prompt_history_number: function to make history number as reported by \!, or posix mode !!, be the same index that the (possibly multi- line) command will be stored with. The history library increments history_offset as soon as a new line is entered, and it's up to the history code to store the second and subsequent lines of a command in the same history entry. If we are expanding PS0 or PS4, or a ${var@P} expansion, we're already past the history entry no matter what. Inspired by patch from Grisha Levit - decode_prompt_string: call prompt_history_number - decode_prompt_string: if expanding PS4 or ${var@P}, make the command number the same as reported by PS0/PS1/PS2 4/12 ---- support/Makefile.in - clean: remove man2html.o as part of this production instead of waiting until `distclean'. Reported by chrlis subst.c - string_list_pos_params: if we are expanding $* in a context where IFS is null and expand_no_split_dollar_star is set (no word splitting), use string_list_dollar_star to force the positional parameters to be joined without first separating them into a list and attempting to join them later. Fixes problem with constructs like ${var=${*:1}}, pointed out by Grisha Levit . This undoes change to @Q from 4/7, so list_transform change reverted 4/19 ---- builtins.h - added BUILTINS_H include guard examples/loadables/Makefile.in - install loadables.h as sample include file, along with Makefile.inc 4/23 ---- bashline.c - maybe_make_readline_line: don't try to do anything if the passed NEW_LINE is NULL. Report from Jaren Stangret , fix from Eduardo Bustamante 4/24 ---- parse.y - xparse_dolparen: if the current token (the last thing read_token returned to yylex) is shell_eof_token, assume that it is the new bison lookahead token and clear it. Fixes bug reported by Werner Fink 4/25 ---- doc/{bash.1,bashref.texi} - cmdhist: clarify that this option only has an effect if history is enabled. Suggested by Matthew Braun 4/26 ---- jobs.c - wait_for: if a non-interactive shell with job control enabled (set -m) detects that a foreground job died due to SIGINT, act as if the shell also received the SIGINT. Prompted by an austin-group-l discussion - waitchld: run SIGCHLD trap for each child exited even if job control is not enabled when in Posix mode. Prompted by an austin-group-l discussion 4/27 ---- lib/readline/histfile.c - read_history_range: if the history file is empty, free the history filename before returning. Report and fix from Eduardo Bustamante lib/readline/bind.c - rl_parse_and_bind: make sure there is something, even if it's a quoted empty string, before the `:' in a key binding. Report from Eduardo Bustamante - rl_parse_and_bind: if the right side of a key binding starts with a quote, make sure there's a matching close quote before treating it as a macro definition - rl_translate_keyseq: if a key sequence ends with \C- or \M- (or \C-\M-) make sure we break out of the loop if moving to the character to be translated is a NUL. Old code did this only in the \C-\M- case. Report from Eduardo Bustamante 4/28 ---- lib/glob/sm_loop.c - GMATCH: implement a clever technique from glibc that avoids backtracking past a `*' if we've already chosen to use it and need matches beyond it. Look at https://research.swtch.com/glob for a longer explanation. This results in a significant speedup for globs with multiple instances of `*', especially with more than 4. 5/2 --- lib/readline/bind.c - rl_translate_keyseq: make sure a trailing backslash in the key sequence is preserved. Report from Eduardo Bustamante 5/3 --- builtins/builtin.def - builtin_builtin: make sure to set this_shell_builtin to the builtin command being executed, overwriting `builtin'. Leave last_shell_builtin alone. Fixes bug reported by Luiz Angelo Daros de Luca jobs.c - waitchld: modify change of 4/26 to run SIGCHLD traps even if job control is not enabled lib/readline/misc.c - rl_get_previous_history: if we didn't find a previous history entry to use, call rl_maybe_unsave_line before returning because we aren't going to use the saved line, and it has the same undo list as rl_undo_list. Fixes fuzzing bug reported by Eduardo Bustamante - rl_get_{next,previous}_history: if there is no history list, don't bother doing anything 5/4 --- expr.c - popexp: if we error out due to stack underflow, make sure to zero out expression and lasttp; they may contain undefined values we don't want evalerror to print - expr_unwind: handle expr_depth decrementing below zero - evalexp: restore the old value of evalbuf even if we error and longjmp; we may have called evalexp recursively - evalerror: make sure expression is non-NULL before trying to print it. These fix fuzzing bug reported by Eduardo Bustamante , happens only in cases where we don't longjmp on a fatal expansion error 5/5 --- parse.y - read_token_word: when checking for a word that's a target of a redirection, we can potentially call valid_array_reference, which can end up calling the parser recursively. If it does that, we need to make sure that yylval.word doesn't change, so we set it back to the_word. Fixes another fuzzing bug parse.y - arith_for_command: make syntax errors in the arithmetic for command (signaled by make_arith_for_command returning NULL) more like language syntax errors by calling YYERROR. Avoids complicated attempts at error recovery and dealing with NULL returns from command productions. Pointed out by Eduardo Bustamante lib/readline/kill.c - _rl_copy_to_kill_ring: make sure the current slot in the kill ring has something in it, even if the last command was a kill, before trying to modify it. Another fuzzing bug 5/6 --- builtins/read.def - read_builtin: if we see a backslash when not in raw mode (not -r), only back up `i' when we read the next character if we know we added a CTLESC the last time through the loop (skip_ctlesc == 0), especially if i == 0. Another fuzzing bug from Eduardo Bustamante 5/8 --- builtins/read.def - read_mbchar: handle zreadn/zreadc/zread returning EOF in the middle of an incomplete multibyte sequence. Fixes another fuzzing bug - read_builtin: use mb_cur_max instead of constant 4 when deciding whether the next character can exceed the number of bytes available in input_string lib/readline/input.c - MinGW: include before . Fix from Eli Zaretskii builtins/read.def - read_builtin: if we get input from readline, we need to get the remainder of a multibyte character from rlbuf instead of calling read_mbchar. Bug reported by Eduardo Bustamante 5/9 --- parse.y - token_is_assignment: use the allocated buffer approach in all cases, not just if we're not using bash malloc. This avoids the assignment to t[i+1] writing beyond the end of the allocated token if i == token_buffer_size - 1. Another fuzzing bug - xparse_dolparen: if parse_string returns < 0, we clear out the current shell_input_line before performing a longjmp, since we're abandoning parsing of this command. This is consistent with how the parser resynchronizes after other syntax errors - GRAMMAR: add 'error yacc_EOF' production to handle a syntax error that's immediately followed by an EOF after resynchronization. Fixes another fuzzing bug 5/10 ---- lib/readline/text.c - _rl_set_mark_at_pos: don't let the mark be set to a position < 0. Fixes a fuzzing bug - rl_exchange_point_and_mark: don't do anything if the mark is already less than 0 5/12 ---- lib/readline/rlmbutil.h - wchar_t: make sure this is defined as int if multibyte characters aren't supported lib/readline/text.c - _rl_change_case: don't force use of ascii toupper and tolower if isascii returns true; it's not defined to work on characters outside the 0..255 (really 0..127) range. Bug reported by Eduardo Bustamante 5/14 ---- lib/readline/text.c - rl_change_case: handle case where the old and new characters (after the case change) are not the same number of bytes. Pointed out in http://lists.gnu.org/archive/html/bug-bash/2015-01/msg00091.html lib/readline/display.c - expand_prompt: use `ret' as first parameter to _rl_find_prev_mbchar since that needs the base of the array. Bug from fuzzing reported by Eduardo Bustamante 5/15 ---- execute_cmd.c - execute_simple_command, execute_arith_command, execute_cond_command, execute_arith_for_command: adjust the line number when executing a function interactively so that the first command in the function is line 1, not line 0, as Posix requires. Reported by Robert Elz - execute_simple_command, execute_arith_command, execute_cond_command, execute_arith_for_command: ony adjust the line number when executing a function interactively if we are not sourcing a file (sourcelevel == 0), so this is consistent everywhere we adjust the line number 5/16 ---- bashline.c - bash_directory_completion_hook: when calling split_at_delims to see whether a ${ or $( is closed, use the right value for `start' relative to the substring beginning at `$'. Bug from fuzzing reported by Eduardo Bustamante expr.c - expassign: if the call to expcond generates a syntax error in a context when the shell won't longjmp (like when evaluating $PS1), it will end up NULL and we need to catch it before calling strlen. Bug from fuzzing reported by Eduardo Bustamante examples/bash-completion/ - new place to include a current or recent version of the bash-completion package 5/19 ---- lib/readline/display.c - CHECK_INV_LBREAKS: new versions for multibyte and single-byte chars, so the multibyte version can check and increase the size of line_state_invisible->wbsize and line_state_invisible->wrapped_line, callers who call CHECK_INV_LBREAKS must update wrapped_line[newlines] when in HANDLE_MULTIBYTE mode. Fuzzing bug reported by Eduardo Bustamante 5/24 ---- lib/readline/search.c - _rl_nsearch_callback,noninc_search: handle _rl_search_getchar returning -1 (EOF or read error) by aborting the search. Fuzzing bug reported by Eduardo Bustamante 5/25 ---- variables.c - localvar_inherit: new variable, controlled by shopt localvar_inherit option - make_local_variable: if localvar_inherit is set, the new local variable inherits a previous scope's variable's value, attributes (except nameref), and dynamic variable information. If a local variable inherits a value, the local is not invisible builtins/shopt.def - localvar_inherit: new option doc/{bash.1,bashref.texi} - localvar_inherit: document new shopt option 5/29 ---- lib/readline/readline.c - _rl_subseq_result: only return -1 and back up the chain if we are dealing with a result (r) that's already < 0 and we are at the end of a multi-key sequence. Otherwise, a failing readline command (e.g., delete-char at the end of a line) could cause this code to be executed. Report from Nuzhna Pomoshch lib/readline/histfile.c - read_history_range: if the file isn't a regular file, return an error. Bug report from Eduardo Bustamante , relaying from IRC 5/30 ---- variables.c - set_pwd: if in Posix mode, and PWD appears in initial environment as an absolute pathname to the current directory, set PWD to the result of canonicalizing the environment value, or to the physical path if canonicalization fails. From a suggestion by Eduardo Bustamante 5/31 ---- builtins/read.def - read_builtin: if -n or -N option is supplied with a 0 argument, don't attempt to read any characters; bail out right away. Reported by Eduardo Bustamante , relaying from IRC 6/3 --- config.h.in - HAVE_STRUCT_STAT_ST_ATIM_TV_NSEC: add define, used by stat-time.h to construct a timespec from struct stat. Report and fix from Siteshwar Vashisht variables.h - att_regenerate: new internal variable attribute: if set, regenerate dynamic variable's value when it's exported and we are creating the export environment variables.c - init_dynamic_variables: LINENO, EPOCHSECONDS, EPOCHREALTIME: set internal regenerate attribute for these dynamic variables - make_env_array_from_var_list: if a dynamic variable has the regenerate attribute set, call the dynamic value function to generate an updated value before placing it in the environment. From a report about exporting LINENO from Robert Elz 6/4 --- lib/glob/sm_loop.c - BRACKMATCH: at the matched: label, make sure we get the bracket character we're looking for (char class, collating symbol. etc.) before we decrement the count of braces we're looking for. Eventually we could do something about badly-formed bracket expressions 6/7 --- lib/readline/histlib.h - strchr: only declare if __STDC__ is not defined, since we already include . Report from Chi-Hsuan Yen 6/9 --- lib/readline/display.c - update_line: when wrapping lines with multibyte chars at the end of the new line being wrapped, make sure we copy the NULL byte in old when moving the contents of old around. Fuzzing bug reported by Eduardo Bustamante lib/readline/mbutil.c - _rl_get_char_len: use MB_CUR_MAX in the call to mbrlen; there's no need to look at the rest of the string when we're just interested in the length of a single character 6/12 ---- jobs.c - wait_for: when waiting for the next child to exit (ANY_PID), make sure to restore the old SIGINT handler before returning. Fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864649 6/14 ---- lib/readline/display.c - expand_prompt: make sure `ret' is NULL-terminated before calling _rl_prev_mbchar_internal, since that calls strlen, which requires the passed string to be NULL-terminated. Another fuzzing bug. 6/15 ---- lib/readline/isearch.c - _rl_isearch_fini: use rl_replace_line instead of strcpy so rl_end gets set right - _rl_isearch_fini: after restoring rl_point, call _rl_fix_point so we don't set rl_point > rl_end. Fixes a fuzzing bug lib/readline/mbutil.c - _rl_find_next_mbchar_internal: if _rl_adjust_point returns < 0, just punt, treat the value as a byte, and advance point by 1 lib/readline/util.c - rl_tilde_expand: rearrange code in the whitespace loop so that `start' gets tested first and we don't try to dereference rl_line_buffer[-1]. Another fuzzing bug from dualbus@gmail.com bashline.c - bash_dequote_filename: make sure that pointers that are used as indices into sh_syntaxtab are cast to unsigned char first, to avoid problems with signed chars > 128. Fixes a fuzzing bug. lib/readline/kill.c - _rl_copy_to_kill_ring: when reallocating the kill ring, make sure to allocate one more than the max number of kills so the loop that copies the kill ring entries down runs right (and to mirror the initial allocation). Fixes a fuzzing bug. lib/readline/isearch.c - _rl_isearch_dispatch: make sure that cxt->sline_index never goes < 0 even when searching a line in reverse. Fixes a fuzzing bug 6/16 ---- parse.y - xparse_dolparen: short-circuit immediately if passed a empty string lib/readline/display.c - update_line: when wrapping multibyte characters, make sure we deal with WCWIDTH returning -1. Fixes a fuzzing bug 6/17 ---- execute_cmd.c - execute_coproc: make sure `invert' is set before trying to use it when returning failure on invalid coproc name. Report and fix from Eduardo Bustamante - execute_command_internal: make sure execute_coproc sets last_command_exit_value if it returns failure, so an invalid name can set $? = 1. Report and fix from Eduardo Bustamante lib/readline/display.c - update_line: make sure all references to `wrapped_line' are wrapped with #ifdef HANDLE_MULTIBYTE. Report and fix from Eduardo Bustamante lib/readline/vi_mode.c - _rl_vi_change_char: don't use rl_point++ when you mean to move forward a character; use _rl_vi_append_forward to account for multibyte characters and take vi end of line handling into account - _rl_vi_last_replacement: now an array of chars whether we are using multibyte chars or not. If we're not, the character we read to use as the replacement is saved as the first element of the array - rl_vi_change_char,_rl_vi_callback_change_char: changes to deal with _rl_vi_last_replacement being an array. Fixes bug reported by Eduardo Bustamante lib/readline/mbutil.c - _rl_get_char_len: look at at most MB_CUR_MAX characters, but maybe fewer if the length of the string is less builtins/bind.def - unbind_keyseq: new function for the -r option; checks whether the key sequence is actually bound before trying to bind it to NULL. Partial fix for https://savannah.gnu.org/support/?109329 parse.y - augment `error yacc_EOF' production to call YYABORT in non-interactive shells or calls to parse_and_execute (eval, command substitution, etc.) Fixes bug reported by Martijn Dekker 6/19 ---- bashline.c - edit_and_execute_command: don't add rl_line_buffer to the history list if it's empty; consistent with how other code treats an empty line execute_cmd.c - execute_builtin: make sure to preserve the temporary env across the execution of the `read' builtin or `fc' builtin if HISTORY is defined, in case `read -e' calls edit-and-execute-command. Should have no side effects. Reported by Eduardo Bustamante general.c - line_isblank: new function: returns true if passed string is composed entirely of blanks general.h - line_isblank: new extern declaration parse.y - history_delimiting_chars: return "" for a blank line, since there's nothing to delimit with `;' 6/21 ---- jobs.c - wait_for: make sure to call restore_sigint_handler before returning if we return out of the loop due to no children. Report from Eduardo Bustamante subst.c - expand_word_internal: if split_on_spaces is set, and the word is unquoted, and IFS is null, split the results of the previous steps on $' \t\n' instead of just ' '. This relies on the previous steps quoting the portions of the word that should not be split. Fixes bug reported by Kevin Brodsky expr.c - evalexp: after running expr_unwind, make sure we reset expr_depth to 0 for the next call - expr_streval: if after a call to get_array_value (which can call the expression evaluator recursively) we discover that expr_depth is less than it was before we called it, we assume there has been some kind of error and an expr_unwind, so we treat it as an error and either longjmp back to the expression top level or return 0 immediately. Fixes bug reported by Eduardo Bustamante 6/23 ---- doc/{bash.1,bashref.texi} - add text noting that $* and ${array[*]} (unquoted) can also expand to multiple words 6/29 ---- general.[ch] - default_columns: new function, returns the value of COLUMNS, or refreshes it if check_window_size is set and COLUMNS is unset. By default, it returns 80 execute_cmd.c - select_query: use default_columns() instead of fetching value of COLUMNS directly builtins/help.def - show_builtin_command_help: use default_columns() instead of fetching value of COLUMNS directly 6/30 ---- builtins/read.def - read_builtin: call QUIT during the read loop, just in case we get a signal we should act on that didn't cause read to be interrupted. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1466737 - read_builtin: if -n or -N is supplied with a 0 argument, try a zero- length read to detect errors and return failure if that read returns a value < 0. Suggested by dualbus@gmail.com 7/4 --- bashhist.c - maybe_add_history: keep track of whether the current line is a shell comment, even if we're not adding it because it's in a multi-line command, so we use appropriate delimiters between it and any subsequent lines. Fixes bug reported by Grisha Levit back on 2/28/2017 bashline.c - operate_and_get_next: if given an explicit argument, use that to choose which line in the history to use. lib/readline/doc/rluser.texi,doc/bash.1 - operate-and-get-next: document new effect of explicit numeric arg lib/readline/complete.c - fnprint: make sure print_len is initialized before using it on systems without multibyte character support. Report and fix from Juan Manuel Guerrero 7/6 --- builtins/printf.def - PRETURN,printf_builtin: check variable returned by bind_printf_variable, return failure if that indicates we can't perform an assignment because the variable is marked readonly or noassign. Fixes bug reported by Arnaud Gaillard 7/7 --- lib/readline/text.c - rl_quoted_insert: new feature: a negative argument means to insert the next -COUNT characters using quoted-insert. Original feature from Jason Hood . Still needs work on redisplay - _rl_insert_next_callback: implement support for negative arguments similar to rl_quoted_insert: we just insert one at a time and keep increasing the count until it hits 0 lib/readline/misc.c - _rl_arg_callback: if the return value from _rl_arg_dispatch indicates we should keep reading a numeric argument, update the message with the new arg value 7/8 --- lib/readline/signals.c - _rl_handle_signal: make sure all uses of any of the job control signals are protected by a check for SIGTSTP being defined. Report from Juan Manuel Guerrero 7/11 ---- lib/readline/vi_mode.c - rl_vi_replace: when making the new keymap for vi replacement mode, make sure that ANYOTHERKEY is set correctly, otherwise some input will cause _rl_dispatch to return -2 to the top level. Fixes fuzzing bug reported by Ben Wong 7/19 ---- builtins/read.def - struct ttsave: make the attrs member a struct, not a pointer, to force a structure copy that will survive a longjmp to another context. Leaving it as a pointer to a local struct is not portable 9/10 ---- execute_cmd.c - execute_builtin: make sure that we set up the unwind-protect for pop_scope (temporary_env is non-zero) so that the temporary env is propagated to the current environment only for special builtins (source/eval/unset) not run by the command builtin (flags & CMD_COMMAND_BUILTIN == 0). Fixes bug reported by Martijn Dekker 9/17 ---- builtins/printf.def - asciicode: don't use mblen to check whether or not a character is a valid multibyte character; use mbtowc right away and then inspect the return value. Fixes bug reported by Stephane Chazelas 9/27 ---- {jobs,subst}.h - move declaration of last_command_subst_pid to subst.h, since it's declared in subst.c and doesn't depend on job control. Reported by Martijn Dekker builtins/read.def,variables.c - fixed a couple of problems (READLINE, ARRAY_VARS) that prevented the minimal config from building 10/1 ---- parse.y - special_case_tokens: if we are returning DO in a case where the last two tokens read are `FOR' and `WORD' make sure we decrement expecting_in_token. Fixes bug reported by Martijn Dekker 10/4 ---- subst.c - expand_string_for_rhs: now takes an additional PFLAGS argument from its caller (one so far); passes that through to call_expand_word_internal as W_ASSIGNRHS. Fixes bug reported by Martijn Dekker - expand_string_for_rhs: expanding b in ${a[:]=b} is now done as if b were the rhs of an assignment statement. This means that splitting isn't done, but tilde expansion is performed as if the statement were `a=b'. Fixes splitting bug with $* reported by Martijn Dekker command.h - W_NOASSNTILDE: new word flag, means to not perform tilde expansion following a `:' even if the word has the W_ASSIGNRHS flag enabled subst.c - expand_word_internal: if we see a `:' with the W_NOASSNTILDE flag set, just add the character and inhibit any subsequent tilde expansion. Currently not set anywhere, but it could be set in expand_string_for_rhs to satisfy its peculiar semantics 10/6 ---- lib/sh/casemod.c - sh_modcase: convert even single-byte wide characters to wide upper or lowercase equivalents to accommodate locales where single-byte characters have multibyte upper and lower case conversions. Bug reported by Stephane Chazelas 10/7 ---- doc/{bash.1,bashref.texi} - slight changes to the description of command_not_found_handle to clarify that it's executed in a separate execution environment, just like if the command was found. Reported by Martijn Dekker 10/8 ---- lib/readline/doc/{history.3,hstech.texi} - history_get: clarify the range of valid values for the OFFSET argument. From a report by Kevin Ryde 10/21 ----- subst.c - expand_string_for_rhs: set W_NOASSNTILDE if the operator is `=' for backwards compatibility with bash-4.4 shell.c - main: set positional parameters before running the startup files, so the startup files can inspect $@. Often-requested feature, most recently from Stephane Chazelas 10/27 ----- doc/{bash.1,bashref.texi} - Arrays: add some clarifying language to make it clear that array references that don't use the ${a[s]} syntax are subject to globbing when passed as arguments to commands such as unset, and should be quoted for safety. Change prompted by a report from Eli Barzilay parse.y - parse_comsub: make sure we don't run off the end of the `ret' buffer when checking for the here doc delimiter. Report from Jakub Wilk , the result of a fuzzing test. Pointer to place for the fix from Eduardo Bustamante 10/30 ----- builtins/pushd.def - get_directory_stack: make sure the current directory (element 0 of the stack) is passed to polite_directory_format under the same conditions as the rest of the stack entries (flags & 1). Otherwise something like `cd ${DIRSTACK[0]}' will fail. Fixes bug reported by Steve Jones builtins/declare.def - declare_internal: when checking for a `[' to see whether or not this is an array variable declaration (declare -a foo[12]), make sure we don't do the check if we're just dealing with shell functions. Bug and pointer to fix from PJ Eby 11/1 ---- parse.y - parse_comsub: if we read a four-character word followed by a break character, and that word is not one of the reserved words, set lex_rwlen to 0 since we are no longer in a reserved word. It only hurts if another break character immediately follows, so that test succeeds again. Turn off the RESWDOK flag only if it's not a shell metacharacter, too. Fixes bug reported by Kjetil Torgrim Homme 11/3 ---- lib/readline/isearch.c - _rl_isearch_dispatch: if we are searching in reverse order, let sline_index go to -1 to avoid searching the same line twice. It gets reset right after that, so there's no danger of indexing into the history line with a negative index. 11/7 ---- execute_cmd.c - time_command: only restore command->flags if CODE indicates we didn't perform a longjmp back to top_level. If we did, `command' has already been freed. Fixes bug reported on savannah by ukuvbu oibws https://savannah.gnu.org/support/?109403 11/10 ----- lib/sh/unicode.c - u32cconv: make sure to initialize localconv to -1 (error) in case we switch from a utf-8 locale to something else and call iconv_close. Report from Egmont Koblinger ; fix from Eduardo Bustamante 11/16 ----- subst.c - parse_comsub: istring_index should be a size_t to avoid integer overflow when allocating large pieces of memory. Report and fix from Siteshwar Vashisht , originally based on http://lists.gnu.org/archive/html/bug-bash/2017-11/msg00047.html 11/24 ----- lib/readline/bind.c - rl_empty_keymap: new public function, returns non-zero if there are no keys bound in the keymap passed as an argument lib/readline/readline.h - rl_empty_keymap: new public extern declaration lib/readline/doc/rltech.texi - rl_empty_keymap: document new function lib/readline/bind.c - rl_generic_bind: keep track of the previous keymap and previous index in a multi-key key sequence so we can remove an empty terminal keymap and remove a previous override to ANYOTHERKEY. Right now, this only works for one previous keymap level. Inspired by a report from Clark Wang 11/25 ----- lib/readline/display.c - _rl_update_final: make sure that computing the length of the visible bottom line (botline_length) takes any invisible characters in the prompt into account (woff). This value is used as part of the check whether or not we want to remove the line-wrapping indicator on terminals like xterm - _rl_update_final: when removing the line-wrapping indicator on xterm, make sure we take invisible characters in the prompt (woff) into account when computing the character in the rightmost physical screen position. Fixes cosmetic line-wrapping issue reported by Egmont Koblinger 11/27 ----- lib/sh/ufuncs.c - fsleep: if using select to implement sleep, use restart after a signal interrupts the select and handle pending signals. If pselect is available, use that instead and block SIGCHLD while pselect is executing. Fixes report from Thiruvadi Rajaraman 11/28 ----- lib/readline/signals.c - rl_check_signals: new public function: a wrapper for RL_CHECK_SIGNALS that can be used by applications that install a wrapper for rl_getc (rl_getc_function) so they can respond to signals that arrive while waiting for input in the same way as rl_getc. The app can use rl_pending_signal() to get the most recently-received signal. From a discussion about Gnuplot initiated by Rin Okuyama lib/readline/readline.h - rl_check_signals: new extern declaration lib/readline/doc/rltech.texi - rl_check_signals: document new public function variables.c - set_pwd: test for and force an inherited OLDPWD to be a directory if OLDPWD_CHECK_DIRECTORY is defined in config-top.h (it is by default). Issue raised by Mikulas Patocka config-top.h - OLDPWD_CHECK_DIRECTORY: new define, defined to 1 by default 11/29 ----- Makefile.in - pathexp.o: add dependencies on libintl.h. Reported by Ross Burton 12/1 ---- lib/sh/ufuncs.c - fsleep: add blocking and releasing SIGCHLD using sigprocmask around call to select(2) even if pselect(2) is not available 12/3 ---- execute_cmd.c - coproc_setstatus: new utility function, take a pointer to a coproc and a status and mark the coproc as dead and having been reaped with that status. Used by child processes who want to invalidate the coproc's pid 12/5 ---- subst.c - process_substitute: instead of just having a flag to denote that a file descriptor is connected to a process substitution, store the pid of the child process (still needs work) - find_procsub_child,set_procsub_status,reap_procsubs: utility functions to allow the job control code to detect that a process substitution child has died and deallocate the file descriptors or pathname subst.h - find_procsub_child,set_procsub_status,reap_procsubs: extern declarations nojobs.c - set_pid_status: if we are reaping a process substitution, call set_procsub_status to record the fact jobs.c - waitchld: if we are reaping a process substitution, call set_procsub_status to record the fact. Doesn't really do anything yet 12/6 ---- execute_cmd.c - execute_command: don't call unlink_fifo_list if we're in the middle of executing a list of commands (executing_list != 0). Partial fix for bug reported by Stephane Chazelas - execute_simple_command: don't close process substitution file descriptors in the parent after forking children in a pipeline; defer until pipeline completes, since parent may have inherited fds from a calling scope (e.g., via `.'). EXPERIMENTAL - execute_disk_command: don't close process substitution file descriptors in the parent after forking the child. EXPERIMENTAL 12/7 ---- doc/bash.1,lib/readline/doc/{readline.3,rluser.texi} - show-mode-in-prompt: clarify that this must be enabled before the vi and emacs mode strings are prefixed to the prompt. Report from Rob Foehl 12/8 ---- execute_cmd.c - execute_coproc: don't warn about an existing coproc if the write and read file descriptors are unusable (-1), as they will be after a call to coproc_closeall in a subshell. Fixes spurious warning reported by Tobias Hoffmann jobs.c - bgp_resize: avoid overflow when calculating the new size if the child process limit is something ridiculously large. Report and fix from Natanael Copa execute_cmd.c - execute_builtin_or_function: if we return via the return builtin, we don't get a chance to free the saved fifo list, so add an unwind- protect to make sure it happens. Part of fix for leak reported by Oyvind Hvidsten - execute_command_internal: if we unwind via the return builtin (e.g., we execute a function which then returns via the return builtin to a previous function), we don't free the saved fifo list, so add an unwind-protect to make sure the free happens. Rest of fix for leak reported by Oyvind Hvidsten subst.c - add_fifo_list: for the FIFO case (no /dev/fd), make sure we initialize the new members of the fifo list after xrealloc 12/9 ---- subst.c - dev_fd_list: now a list of type `pid_t' so we can store process associated with the pipe fd into the right element; change all necessary functions (copy_fifo_list, add_fifo_list) - process_substitute: store pid of child process into the right index in dev_fd_list after opening the pipe. Process ID of -1 means process has been reaped and fd needs to be closed (or FIFO needs to be unlinked); value of 0 means slot is unused jobs.c - wait_for_background_pids: call reap_procsubs to make sure we clean up all reaped process substitutions before trying to wait for everything (still needs work) tests/{run-procsub,procsub.{tests,right}} - new file, tests of process substitution that have failed in the past 12/10 ----- jobs.c - wait_for_background_pids: warn if one of the jobs is stopped subst.c - wait_procsubs: new function, call wait_for for every "live" process substitution jobs.c - wait_for_background_pids: call wait_procsubs to reap any living process subsitutions 12/13 ----- lib/readline/bind.c - parser_if: add support for testing the readline version, using the full set of arithmetic comparison operators (and supporting both = and ==), using version numbers of the form major[.[minor]] 12/14 ----- subst.[ch] - string_list_dollar_star: now takes QUOTED and PFLAGS arguments like string_list_dollar_at, changed all callers. Not used yet. 12/16 ----- subst.c - param_expand: broke out cases of expanding unquoted (quoted == 0) $* on the rhs of an assignment statement (pflags & PF_ASSIGNRHS) with various values of IFS (unset, null, set to non-null value) to capture the expansion subtleties. From a report back on 11/24 by Martijn Dekker 12/17 ----- array.h - set_element_value: new define, sets array element AE to VALUE variables.c - set_pipestatus_array: use set_element_value where appropriate 12/18 ----- subst.c - parameter_brace_find_indir: when expanding the indirect parameter to find the eventual variable name, we don't perform word splitting. Make sure this does the right thing for * and @. Fixes bug reported by isabella parakiss 12/19 ----- doc/{bash.1,bashref.texi} - indirect expansion: make sure to note that the value of the indirect variable does not undergo word splitting as one of its expansions, as in fix from 12/18 12/22 ----- subst.c - parameter_brace_expand_rhs: make sure the value this function returns when OP is `=' is quoted appropriately, as the callers expect. More changes from Posix interp 221. Fixes report from Martijn Dekker variables.c - assign_hashcmd: if running in a restricted shell, make sure the target of the hash assignment can be found via a $PATH search, to prevent users assigning commands to the hash table they would not ordinarily have access to. Fixes issue raised by Drew Parker builtins/hash.def - hash_builtin: if running in a restricted shell, make sure the pathname target of `hash -p' can be found via a $PATH search, to prevent users assigning commands to the hash table they would not ordinarily have access to. 12/27 ----- array.c,arrayfunc.c,... - many changes to clean up unused variables and functions. From a report from Siteshwar Vashisht 12/28 ----- lib/readline/terminal.c - _rl_term_clrscroll: save the `E3' termcap capability, which clears the scrollback buffer where supported. Unused right now lib/readline/rlprivate.h - _rl_term_clrscroll: extern declaration lib/readline/bind.c - parser_if: added simple variable comparison capability. Allowable operators are `=', `==', and `!='; boolean variables must be compared to either `on' or `off'; variable names must be separated from the operator by whitespace doc/bash.1,lib/readline/doc/{rluser.texi,readline.3} - document new `if variable comparison value' construct 1/2/2018 -------- lib/glob/sm_loop.c - EXTMATCH: when matching against !(patlist), if a filename beginning with a `.' does not match any of the patterns in patlist, don't return it as a match if leading dots need to be matched explicitly (flags & FNM_PERIOD). Report from Eric Cook 1/3 --- variables.[ch] - bind_function_def: takes an additional flags argument. If FLAGS&1, overwrite any existing function_def hash table entry; if FLAGS==0, leave any existing function_def alone. make_cmd.c - make_function_def: call bind_function_def with flags == 0 execute_cmd.c - execute_intern_function: call bind_function_def with flags == 1 so we have function_def information that's correct for where the function is defined, not just where it's last parsed. Fixes report from Bruno Vasselle ; final piece of fix from 12/15/2011 1/4 --- subst.c - param_expand: deal with string_list_dollar_star returning NULL. Fixes bug reported by Martijn Dekker builtins/history.def - history_builtin: enabled code that performs range deletion 1/5 --- subst.c - do_assignment_internal: if performing a compound assignment, make sure to pass ASS_CHKLOCAL flag to do_compound_assignment if the assignment word has the W_CHKLOCAL flag set - do_compound_assignment: honor ASS_CHKLOCAL flag and check for an existing local variable before creating or modifying a global variable builtins/declare.def - declare_internal: new (undocumented so far) option: -G. Means to act on global variables (create, modify) if no local variable is found with the specified name - declare_find_variable: new declare-specific wrapper functon for declare builtin; obeys -g and -G options in one place - declare_internal: if no variable is found after following any nameref chain, look up the variable using declare_find_variable to honor the -G option. XXX - so far, this is the only place that function is used subst.c - shell_expand_word_list: before calling make_internal_declare, add 'G' to the options list if W_CHKLOCAL is set in the word's flags. This makes builtins like `readonly' that modify local variables in a function behave the same for scalar and array variables 1/11 ---- parse.y - shell_getc: move code that decides whether to append a space to an alias expansion here from mk_alexpansion, so we can inhibit adding a space if we're currently parsing a single or double quoted string 1/12 ---- parse.y - clear_string_list_expander: take a pointer to an alias that's about to be freed and make sure there aren't any pointers to it in the list of pushed strings. If there are, zero it out in the pushed string list to avoid referencing freed memory in pop_string() alias.c - free_alias_data: if an alias being freed is currently being expanded, call clear_string_list_expander to remove references to it from the list of pushed strings 1/14 ---- pcomplib.c - progcomp_search: add code to look up an alias for the CMD argument and return the completions for the first word of that alias if one is found. Just a start at completing aliases, a much-requested feature pcomplete.h - COPT_LASTUSER: last flag value used by user-settable completion options - PCOMP_RETRYFAIL, PCOMP_NOTFOUND: new #defines, possible return values from programmable_completions in FOUNDP argument. Moved RETRYFAIL define here from pcomplete.c to avoid collisions with user-settable option values (COPT_*) 1/15 ---- pcomplete.c - programmable_completions: if we don't find any completions for a command, and RETRY is 0, see if the command is a defined alias, expand it, and try to expand the first word of the value as a command, and find any programmable completions for it. Here right now, could be moved to attempt_shell_completion later if we need to do more analysis of the expanded line. We'll see how it works in practice. (Disabled for now.) 1/16 ---- parse.y - grammar: when timing the null command, make sure to turn off the flags in parser_state (PST_REDIRLIST) that make_simple_command sets when given a NULL second argument, since it assumes that it's going to turn those off when it gets the next word of the simple command (which it never gets in this case). Fixes bug reported by Anti Räis 1/19 ---- lib/readline/rltty.c - prepare_terminal_settings (termios/termio): if there is a function bound to the VDISCARD character in the current keymap, set VDISCARD to _POSIX_VDISABLE while readline is active. From a report from Rhialto 1/22 ---- builtins/history.def - histtime: check whether or not localtime() returns NULL, and make sure we only call strftime() with a valid struct tm. This can happen when the timestamps in the history file overflow a time_t. Fixes bug reported by Luke Dashjr bashline.c - edit_and_execute_command: if we're in vi editing mode, make sure we end up in insert mode after executing the commands from the edited file. This seems to be what other shells do. Report from Stan Marsh 1/26 ---- bashline.c - command_word_completion_function: match alias and shell function names case-insensitively if the readline completion-ignore-case variable is set. Inspired by report from lib/readline/display.c - update_line: when performing a dumb update after wrapping the line (usually due to printing the prompt), make sure we adjust _rl_last_c_pos if there are invisible characters in prompt lines other than the first (we assume those invisible characters are in the last line, which is nearly always the case). We adjust by the total number of invisible chars less the number of invisible chars in the first prompt line. From a report in https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1745273 execute_cmd.c - execute_command_internal: if redirections attached to a compound command fail, make sure we discard the `internal_fifos' unwind- protect frame after freeing the copied fifo_list and before returning 1/30 ---- lib/readline/rlprivate.h - BRACK_PASTE_FINI: add \r to the end of the string to avoid problems with the tty driver thinking the cursor was in the wrong position. Fixes issue reported by Egmont Koblinger 1/31 ---- lib/sh/zread.c - zread,zreadintr: call check_signals() before calling read() to minimize the race window between signal delivery, signal handling, and a blocking read(2). Partial fix for FIFO read issue reported by Oyvind Hvidsten doc/{bash.1,bashref.texi} - shopt: document `assoc_expand_once' shell option 2/1 --- config-top.h - DONT_REPORT_SIGTERM: define, so non-interactive shells will no longer print termination messages for child processes killed by SIGTERM 2/6 --- lib/readline/text.c - rl_insert: don't attempt to optimize typeahead if we are only reading a fixed number of characters (rl_num_chars_to_read > 0) redir.c - redir_special_open: if the shell is restricted, return a RESTRICTED_REDIRECT error for attempts to open /dev/tcp and /dev/udp sockets. Inspired by report from Blake Burkhart - do_redirection_internal: if redir_open returns RESTRICTED_REDIRECT, return that right away (instead of errno) so we can print a better error message 2/11 ---- jobs.c - bgp_resize: fix problems with (pid_t) overflow when calculating new size for table when js.c_childmax is near the limit of a pid_t (e.g., 2**31 - 1 on a 32-bit system, or 2**63-1 on a system with 32-bit pid_t). Fixes hang reported by Natanael Copa based on his patch from 12/8. - bgp_resize: cap max table size for bgpids at MAX_CHILD_MAX (32768) include/typemax.h - TYPE_MINIMUM, TYPE_MAXIMUM: updated definitions from coreutils-8.29, silences some compiler warnings 2/14 ---- Makefile.in - maybe-clean: use cd and pwd -P to test whether or not two directory names identical, since topdir = '.' and BUILD_DIR = full pathname when you use something like `bash ./configure'. Problem reported by Michael Felt subst.c - split_at_delims: if SD_NOQUOTEDELIM is in the flags argument, don't treat `'' and `"' as candidates for possible sequences of delimiters, even if they're part of the delimiter set (the delims argument). Fixes problem with completing lines like `foo --bar='quux baz' xx' reported by Nick Patavalis 2/15 ---- copy_cmd.c - copy_word_list: build the list in the right order, avoiding having to reverse it at the end. Helps with long argument lists shell.c - bind_args: build the argument list in the right order, avoiding having to reverse it at the end. - bind_args: only call push_args to save argc and argv as BASH_ARGC and BASH_ARGV if debugging mode is enabled (debugging_mode != 0). Inspired by report from Ambrose Feinstein - bind_args: note that we've saved BASH_ARGC and BASH_ARGV by setting bash_argv_initialized - shell_reinitialize: reset bash_argv_initialized back to 0 so BASH_ARGV and BASH_ARGC will be recreated if we're in debugging mode variables.c - save_bash_argv: new function, initializes BASH_ARGV and BASH_ARGC from the saved positional parameters - init_bash_argv: initialize BASH_ARGV and BASH_ARGC if bash_argv_initialized == 0 builtins/shopt.def - shopt_set_debug_mode: if we're turning on debug mode, initialize BASH_ARGC and BASH_ARGV if bash_argv_initialized == 0 2/16 ---- execute_cmd.c - execute_function: make sure BASH_ARGV and BASH_ARGC are initialized before calling push_args (and before calling remember_args) builtins/source.def - source_builtin: make sure BASH_ARGV and BASH_ARGC are initialized before calling push_args (and before calling remember_args) builtins/evalfile.c - _evalfile: if the shell compatibility level is 44 or lower, make sure BASH_ARGV and BASH_ARGC are initialized before calling array_push builtins/shopt.def - compat44: new shell option. This will be the last compatXX option doc/{bash.1,bashref.texi} - compat44: document new shell option 2/21 ---- builtins/common.h - ISOPTION: check s[1] before s[2] to avoid out of bound reads. Fixes bug reported by jeremy@feusi.co input.h - B_SHAREDBUF: new flag for buffered input fds, indicates that this fd shares its b_buffer with another fd input.c - duplicate_buffered_stream: when duplicating *from* the buffer corresponding to bash input, make sure the new buffer has B_SHAREDBUF in the flags, because copy_buffered_stream copies pointers - duplicate_buffered_stream: if the buffer being copied to has the B_SHAREDBUF flag set, make sure the b_buffer doesn't get freed. Fixes use-after-free bug reported by jeremy@feusi.co - save_bash_input,close_buffered_stream: make sure a buffer with B_SHAREDBUF set has its b_buffer set to NULL before calling free_buffered_stream 2/24 ---- subst.c - parameter_brace_expand_error: add parameter saying whether or not we are checking whether value is null, so we can have different error messages for ${x:?} and ${x?}. Report and fix from don fong 3/5 --- lib/readline/bind.c - _rl_read_file: instead of calling stat/open on the passed filename, use open/fstat to avoid one possible filename translation and close a small (benign) race condition. Report and fix from Roy Ivy 3/11 ---- variables.c - makunbound: if new variable localvar_unset is non-zero, mark local vars in previous scopes as invisible and unset so they will show up as unset until that previous scope returns (similar to how local variables in the current local scope are handled). localvar_unset is currently set to 0 with no way for a script to change its value. Eventually there will be an option to modify it. From a bug-bash discussion started by Nikolai Kondrashov back on 2/11/2018 3/13 ---- subst.c - expand_word_list_internal: short-circuit and exit right away if a variable assignment preceding a special builtin fails in posix mode - expand_word_list_internal: if a variable assignment precedes an empty command name (after expansion), fix to exit right away when the shell is in posix mode 3/15 ---- doc/{bash.1,bashref.texi} - Add text to Pathname Expansion clarifying that a slash must be matched by a slash in the pattern when matching pathnames, but not in other matching contexts. Suggested by builtins/common.c - read_octal: allow octal numbers greater than 777 to accommodate modes and umasks that include sticky/setuid/setgid bits. Report and fix from Martijn Dekker 3/19 ---- lib/readline/bind.c - rl_generic_bind: make sure we only assign to prevkey in the loop if the key sequence index is > 0, so ic is valid. Fixes bug reported by Koichi Murase builtins/read.def - read_builtin: be slightly less aggressive checking for timeouts and SIGALRM: if we successfully read a character, don't check for a timeout until we store or process it. Fixes timing problem reported by Rob Foehl 3/22 ---- sig.c - termsig_handler: add a call to exit(1) after the kill, just in case there are circumstances where the SIG_DFL signal handler is ignored. Report from Andrei Vagin 3/25 ---- lib/readline/bind.c - _rl_function_of_keyseq_internal: new internal function thta takes a length parameter to accommodate NUL in the key sequence. Patch from Koichi Murase - rl_function_of_keyseq_len: new application-callable function that takes a length parameter; otherwise equivalent to rl_function_of_keyseq. lib/readline/readline.h - rl_function_of_keyseq_len: add extern declaration for new function lib/readline/doc/rltech.texi - rl_function_of_keyseq_len: document new function interface bashline.c - bash_execute_unix_command: use rl_function_of_keyseq_len to handle key sequences with embedded NULs (\C-@). Fix from Koichi Murase lib/readline/bind.c - rl_bind_key_if_unbound,rl_bind_key_if_unbound_in_map: run the KEY argument through rl_untranslate_keyseq to produce a symbolic sequence that can encode \C-@. - rl_bind_keyseq_if_unbound_in_map: translate the key sequence in order to accommodate symbolic key sequences; should be a no-op for `raw' key sequences such as the arrow key seqeunces from terminfo. Change from Koichi Murase 4/2 --- jobs.c - wait_for: when setting the SIGINT signal handler to wait_sigint_handler make sure we're not setting old_sigint_handler recursively, as we can when running an external command in a trap we took after a command exited due to SIGINT. We don't want to overwrite old_sigint_handler here. Fixes bug reported by Dr. Werner Fink execute_cmd.c - execute_disk_command: when there is a command_not_found_hook, make sure the subshell turns off job control before running it, in case it runs processes. We don't want it to manipulate process groups. Fixes bug reported by ÐиÑиллов Ðима - execute_command_internal: make sure the command run by the `command' builtin doesn't cause the ERR trap to be executed; wait for the status to be returned by the command builtin. Fixes bug reported by Martijn Dekker 4/4 --- subst.c - process_substitute: handle longjmp back to top_level and function returns (return_catch) in the child process, like command substitution, so we don't longjmp back to some arbitrary spot from the `exit' or `return' builtins, or on an expansion error, like the command timing code. Fixes bug reported by Basin Ilya 4/6 --- parse.y - read_token_word: when reading a matched pair of backquotes as part of a word, treat it as quoted so the characters are read as a single word, but do not let the presence of the backquote mark the word as quoted. Fixes here-document delimiter bug reported by Denys Vlasenko 4/7 --- execute_cmd.c - execute_case_command: call quote_string_for_globbing with the QGLOB_CTLESC flag for both quoted and unquoted words, so it will remove CTLESC/CTLESC in all cases while converting other quoted characters to use a preceding backslash. Bug reported by Martijn Dekker 4/9 --- smatch.c - posix_cclass_only: helper function that checks whether a pattern has only posix single-byte character classes ([:alpha:], etc.) or has none at all - xstrmatch: if running in a multibyte locale, make sure to short- circuit to the single-byte matching code only if there are no unrecognized character class names, since the wide character ctype functions allow locales to define their own character class names (e.g., "hyphen"). Fixes issue reported by yangyajing 4/10 ---- configure.ac,cross-build/qnx.cache - qnx: add a configure cache file for cross-building, treat qnx 7 like qnx 6 in terms of cpp options. Fix from Brian Carnes aclocal.m4 - BASH_CHECK_DEV_STDIN: experimental change to test for /dev/stdin independently of /dev/fd or /proc/self/fd. Suggested for QNX by Brian Carnes 4/11 ---- lib/glob/glob.c - glob_testdir: return -2 if DIR is a symlink, to differentiate it from any other kind of non-directory file - glob_vector: if we have GX_ALLDIRS (globstar), we want to skip over symlinks to directories, since we will pick up the real directory later. Fixes incompatibility reported by Murukesh Mohanan bashline.c - bash_execute_unix_command: changes to make READLINE_POINT apply to characters instead of bytes when in a multibyte locale. Report and fix from Koichi Murase 4/12 ---- builtins/evalstring.c - parse_and_execute_cleanup: now takes an argument which is the value of running_trap at some point before parse_and_execute was called; changed callers in sig.c, builtins/evalfile.c builtins/common.h - parse_and_execute_cleanup: changed prototype 4/13 ---- builtins/evalstring.c - parse_and_execute_cleanup: if the argument holding the previous state of running_trap is the same value as the current running_trap state, don't call run_trap_cleanup: assume that there is a caller who will take care of the cleanup after this returns. Fixes recursive trap call on "eval return" reported by Martijn Dekker parse.y - read_a_line: if remove_quoted_newline is non-zero, indicating the here-document delimiter is unquoted, we will be running the contents of the here-document through word expansion and need to quote CTLESC and CTLNUL in the input. Fixes bug with ^A in here document reported by Jorge Alberto Baca Garcia 4/18 ---- pathexp.c - quote_string_for_globbing: make sure the QGLOB_CTLESC code handles both CTLESC CTLESC and CTLESC CTLNUL in the same way. Fixes bug reported by Martijn Dekker 4/19 ---- execute_cmd.c - execute_command_internal: before executing any command in the current shell, and before copying any existing FIFO list, call reap_procsubs to unlink or close any process substitution pipes associated with processes that have exited. Fixes hang in test suite when trying to open a FIFO with no process having it open for reading 4/26 ---- parse.y - read_token_word: if returning REDIR_WORD for a {id}>foo construct, for example, make sure to assign the_word to yylval.word before returning, in case a recursive call to the parser overwrites it (e.g., when evaluating array indexes). From a message to austin-group-l from Stephane Chazelas lib/glob/sm_loop.c - BRACKMATCH: if we have an invalid character class in an otherwise well-formed bracket expression, don't try to match each character of the (invalid) class individually; just skip over the class and move on. From a message on the austin-group list from Stephane Chazelas 4/27 ---- variables.c - push_exported_var,push_func_var,push_temp_var: make sure to set the context correctly in the variable we bind in the previous (non-temp) scope. Report from Martijn Dekker pathexp.c - unquoted_glob_pattern_p: a pattern that contains a backslash can have it removed by the matching engine (since backslash is special in pattern matching), so if the pattern contains a backslash, and does not end in a backslash, we need to return true. Fixes bug reported by Robert Elz lib/glob/glob_loop.c - INTERNAL_GLOB_PATTERN_P: same change to return TRUE for a backslash that doesn't end the pattern lib/sh/timeval.c - print_timeval: use locale_decpoint() instead of fixed `.' to print decimal point. Bug report in austin-group email from Joerg Schilling lib/sh/clock.c - print_clock_t: use locale_depoint() in the same way as print_timeval 4/29 ---- subst.c - expand_cond_node: if special != 0, make sure to add QGLOB_CTLESC to the flags passed to quote_string_for_globbing. Same issue as the one with `case' fixed on 4/7, report from Martijn Dekker 4/30 ---- redir.c - do_redirection_internal: r_close_this: if the file descriptor is already closed before the shell is asked to close it, make sure to add an undo list redirect to make sure it stays closed. Report from Martijn Dekker 5/2 --- variables.c - push_posix_temp_var: new function, takes the SHELL_VAR * passed as an argument and uses the name and value to create a global variable - merge_temporary_env: if posixly_correct is set, call push_posix_temp_var to create global variables, otherwise call push_temp_var to preserve the old behavior. Right now, it's only called when in posix mode, but that might change. This undoes the change from 4/27 when in posix mode 5/3 --- sig.c - struct that holds the terminating signal information has a new field: whether that signal is expected to cause a core dump - termsig_handler: if the call to kill(2) doesn't kill the process, we have a problem. If our pid is not 1, we just exit with status 128+sig (fake the sig exit status). If the pid is 1, we assume we're in a Linux pid namespace and aren't allowed to send a signal to ourselves. If we need to generate a core dump, we try to get the kernel to SIGSEGV us by dereferencing location 0. If not, we just exit with 128+sig. From a report and patch from Andrei Vagin 5/4 --- bashline.c - bash_execute_unix_command: make sure that parse_and_execute is called with newly-allocated memory to avoid prematurely freeing the command. Report and fix from Koichi Murase 5/7 --- builtins/shopt.def - syslog_history: a shell option to control whether history is logged to syslog; can be modified at runtime. Original patch from Siteshwar Vashisht config-top.h - SYSLOG_SHOPT: new configurable option, determines whether there is a shell option to control syslogging history lines at runtime and sets the default value of the option bashline.c - syslog_history: new variable to control whether history lines are sent to syslog; default value is the value of SYSLOG_SHOPT (or 1 if that's not defined) - bash_add_history: send history lines to syslog if syslog_history is non-zero 5/10 ---- variables.c - push_var_context: if we are in Posix mode and manipulating the temporary environment (temporary_env), implement behavior specified in Posix interp 1009 and make sure that temporary assignments preceding function calls modify the current environment *before* the function is executed. [bash-5.0-alpha frozen] 5/12 ---- execute_cmd.c - execute_in_subshell: subshells should set loop_level == 0, since they are no longer "enclosed" by the loop, according to posix. Report from Aeron.E. Wang 5/24 ---- Makefile.in - pkgconfigdir: don't fail installing bash.pc if this directory doesn't exist or isn't writable -- there's no error in failing to install something nothing will use - install-headers-dirs: creat $(pkgconfigdir) if it doesn't exist lib/sh/shmbchar.c - utf8_mblen: replace with version from gnulib - utf8_mbstrlen: reimplement using utf8_mblen so it handles invalid multibyte sequences in the same way as mbstrlen lib/readline/mbutil.c - _rl_utf8_mblen: utf-8 specific version of mblen from gnulib include/shmbutil.h - ADVANCE_CHAR,COPY_CHAR_P: do better job detecting end of string in UTF-8 locales (should not be called with an empty string, but to be safe) 5/25 ---- lib/sh/utf8.c - new file, utf-8-specific functions collected from other files externs.h - extern declarations moved around for utf8.c include/shmbutil.h - SADD_MBCHAR, SADD_MBQCHAR_BODY, ADVANCE_CHAR_P: if the locale is a UTF-8 locale, don't bother with a call to mbrlen if the current character cannot start a multibyte character variables.c - push_var_context: only merge the temporary environment in posix mode if we are executing a shell function (flags & VC_FUNCENV). Report from Martijn Dekker lib/readline/mbutil.c - _rl_get_char_len: don't call mbrlen if we are in a UTF-8 locale and the character cannot start a multibyte sequence builtins/read.def - read_builtin: if mb_cur_max > 1, call read_mbchar only if we're not in a utf-8 locale or, if we are, the character we just read indicates the start of a multibyte sequence subst.c - string_extract_verbatim: don't call MBRLEN if we're in a utf-8 locale and the current character can't start a multibyte sequence - setifs: don't call MBRLEN if we're in a utf-8 locale and the first character of $IFS can't start a multibyte sequence lib/readline/kill.c - rl_bracketed_paste_begin: make sure we return 0 here if rl_insert_text returns the right number of characters inserted to be consistent with other functions. Returns 1 otherwise. Report and fix from Gabe Krabbe back in March, 2018 lib/readline/readline.c - rl_subseq_result: make sure r is < 0 before checking map[ANYOTHERKEY] to see if we shadowed a key that should now be tried 5/27 ---- variables.c - assign_aliasvar: perform same validity check on subscript assignment as alias builtin performs on name argument. Bug report from Mike Jonkmans 5/29 ---- builtins/setattr.def - set_var_attribute: we should not propagate a variable assignment preceding a builtin back to the calling environment unless the shell is in posix mode. Since previous versions of the shell do this, setting the shell compatibility level to 44 or less will continue the propagation behavior 6/1 --- lib/readline/histexpand.c - history_tokenize_word: as part of teaching history tokenization more and more about shell syntax, allow command and process subsitution and extended globbing patterns to appear within a word being tokenized and not just at the beginning. Fixes bug reported back in 2/2017 by ecki@tofex.de bashhist.c - load_history: use HISTSIZE_DEFAULT (still defaults to "500") to set the initial value of $HISTSIZE. HISTSIZE_DEFAULT can be overridden in config-top.h 6/4 --- configure.ac - make sure we link against an external readline library that's at least version 8 6/8 --- pcomplete.h - INITIALWORD: internal compspec name for programmable completion on the initial (usually the command) word bashline.c - attempt_shell_completion: if we are in a command position and the user has defined a compspec for INITIALWORD, use programmable completion to complete command words. Original patch from Luca Boccassi lib/readline/doc/rluser.texi,builtins/complete.def,doc/bash.1 - make it clearer that -D takes precedence over -E when supplied as options to `complete', not when they are applied during completion builtins/complete.def - complete_builtin,compgen_builtin: add support for -I option - print_one_completion,print_compopts: display -I when appropriate lib/readline/doc/rluser.texi,doc/bash.1 - complete,compgen: document new -I option and its effect 6/10 ---- lib/readline/histfile.c - read_history_range: don't apply the heuristic and try to append a history line to an existing history entry if we don't have any history entries. Bug and fix from Edward Huff 6/12 ---- bashline.c - attempt_shell_completion: don't all the programmable completion for INITIALWORD if programmable completion is disabled - attempt_shell_completion: make sure in_command_position remains set for an empty command word on an otherwise blank line, making the presence of assignment statements optional. Report from Luca Boccassi 6/20 ---- lib/malloc/malloc.c - morecore,internal_malloc,internal_free: requests for more than 128K bytes (defined as MMAP_THRESHOLD and saved in the new malloc_mmap_threshold variable) are now satisfied via mmap and freed via munmap. We only use mmap if we have mmap and MAP_ANON (or MAP_ANONYMOUS). These blocks are not available for splitting or coalescing, so every request for 128K bytes or smaller is satisfied via sbrk(). We don't use mremap for realloc yet, but we could in the future lib/malloc/mstats.h - malloc_stats: the malloc stats now include the number of calls to mmap and the total number of bytes requested via mmap. The number of calls to munmap is captured in each bucket's lesscore count lib/malloc/stats.c - print_malloc_stats: now prints an indication of where the change from sbrk to mmap takes place, and prints number of mmap calls and total number of bytes allocated using mmap 6/22 ---- variables.c - get_bashargcv: new dynamic "fetch" variable for BASH_ARGV and BASH_ARGC, for backwards compatibility: if a script makes a reference to either variable at the top level (not in a shell function) without enabling debugging mode and not having initialized the variable previously (using a simple semaphore), create the variables 6/25 ---- configure.ac - opt_bash_malloc: bash malloc no longer disabled for systems that require eight-bit alignment; the bash malloc has had this for a long time 7/4 --- bashline.c - pre_process_line: if command-oriented history is enabled, and the line being expanded is the second or later in a multi-line command, and we know the command is being saved as the current history entry, decrease history_length before calling history_expand so references like !! refer to the previous history entry as usual lib/readline/histexpand.c - history_quoting_state: new variable, can be set by calling application before calling history_expand to note that the string being expanded is part of a quoted string. Can be set to a single quote, a double quote, or 0 (no quoting) - history_expand: look at history_quoting_state and honor the single-quote setting by not expanding any initial portion of the line before the closing single quote. This allows history expansions to be performed on a line containing a closing single quote if they appear after the single quote lib/readline/history.h - history_quoting_state: extern declaration bashhist.c - bash_history_inhibit_expansion: if history_quoting_state indicates that this string is single-quoted, skip over the single-quoted portion and determine whether or not the portion after the quoted string needs to be inhibited from history expansion parse.y - shell_getc: set history_quoting_state based on the contents of the current delimiter before calling pre_process_line 7/6 --- lib/readline/doc/hsuser.texi - describe the default behavior of backslash and single and double quotes lib/readline/doc/hstech.texi - history_quoting_state: describe effect of setting this variable - history_quotes_inihibit_expansion: expand the description to include the default quoting behavior that setting this variable enables 7/9 --- support/man2html.c - unescape: use memmove instead of strcpy to handle overlapping strings Report and fix from Bernhard M. Wiedemann lib/sh/getenv.c - getenv: check that environ is non-NULL before looking through it. Report and fix from Keeley Hoek 7/12 ---- braces.c - mkseq: use better integer overflow handling for systems with 32-bit ints and 64-bit intmax_ts. Bug reported by Simon Wörner as the result of fuzzing builtins/declare.def - declare_internal: make sure bind_variable returns non-NULL when setting attributes for a variable named as an argument to declare that also appears in the temporary environment (and is a nameref). Bug reported by Simon Wörner parse.y,externs.h - reset_readahead_token: new convenience function for the rest of the shell, resets token_to_read if it's a newline (as it will be after reset_parser is called) eval.c - reader_loop: if we're just going to execute one command, make sure the read-ahead token isn't set to something that will result in a NULL command (by calling reset_readahead_token), since the code will take that as the one command and set EOF_Reached 7/15 ---- doc/{bash.1,bashref.texi} - indirect expansion: clarify that the expansion works on parameters, not just variables (NAMEs). Suggested by konsolebox 7/16 ---- doc/{bash.1,bashref.texi} - INSIDE_EMACS: document its effect on line editing 7/17 ---- lib/readline/{readline.c,rlprivate.h} - _rl_eof_found: new variable, private to the readline library, that indicates whether the current call to readline() will return NULL because we read EOF lib/readline/rltty.c - rl_deprep_terminal: if bracketed paste mode is active, the last character of the string to disable it is \r (to avoid confusing the terminal driver about where the cursor is). In this case, output a newline before returning so subsequent text (like the `exit' bash prints) doesn't overwrite the prompt. Bug from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903936 variables.c - make_local_assoc_variable: add second argument like corresponding local array function, to allow this function to return an existing local array variable to the caller for the caller to handle variables.h - make_local_assoc_variable: change function prototype to add second arg {subst.c,variables.c} - make_local_assoc_variable: change callers builtins/declare.def - declare_internal: call make_local_assoc_variable with a non-zero second arg to have it return an existing local array variable to be flagged as an error. Fixes bug reported by Grisha Levit - declare_internal: call make_local_array_variable with unconditional second argument of 1 for the same reason as above 7/18 ---- variables.c - bind_invalid_envvar: new function, takes invalid names from the initial environment (names that are not valid shell identifiers) and stores them in a separate hash table (invalid_env) - maybe_make_export_env: make sure to add names from invalid_env to the export env - assign_in_env: for now, prevent variable names that aren't shell identifiers from being added to the temporary environment. Addresses issue raised by Grisha Levit test.c - unary_test: rearrange code slightly to avoid a wasted variable lookup if the argument to -v is a subscripted array reference 7/19 ---- variables.c - nameref_transform_name: if a name doesn't resolve to a shell variable, this function will check whether it resolves to a nameref that points to a variable that hasn't been created yet variables.h - nameref_transform_name: extern declaration subst.c - do_compound_assignment: make sure that we follow any nameref chain if the name passed resolves to a nameref that points to a variable that doesn't exist. Fixes issue raised by Grisha Levit builtins/declare.def - declare_internal: before calling any variant of make_local_variable, make sure to perform any transformation of the name indicated by an existing nameref. Fixes issue raised by Grisha Levit 7/20 ---- builtins/declare.def - declare_internal: if we are creating a global variable with -g, even if we're not giving it a value, check for namerefs at the global scope to avoid confusion with namerefs at the local (function) scope. subst.c - expand_word_internal: if a double-quoted string expands to nothing, make sure we note that for later by setting had_quoted_null, just as we do for single-quoted empty strings subst.[ch] - W_SAWQUOTEDNULL: new flag (replaces W_HASCTLESC, which is unused), means that we saw a possibly-discarded quoted null while expanding this word subst.c - expand_word_internal: if expansion results in a non-empty word but we saw a quoted null during expansion (had_quoted_null == 1), set W_SAWQUOTED_NULL in the returned word - expand_word_internal: if a recursive call to param_expand comes back with W_SAWQUOTEDNULL set in the resulting word, set had_quoted_null to note it - parameter_brace_expand_rhs: if a recursive call to expand_word_internal returns a non-quoted-null string (after an optional call to string_list) make sure we pass the W_SAWQUOTEDNULL flag back to the caller - word_list_split: if a word expands to nothing after expansion and splitting, but we saw a quoted null during the expansion (W_SAWQUOTEDNULL), return an empty word 7/25 ---- subst.c - do_compound_assignment: if creating a local variable, make sure to set `newname' to the name of the variable returned from find_variable, since that follows namerefs. Fixes issue raised by Grisha Levit 7/29 ---- subst.c - get_var_and_type: if VALUE is NULL, check before calling dequote_string. Report and fix from Grisha Levit 7/30 ---- variables.c - make_local_{array,assoc}_variable: make sure we're not trying to inherit a value from an incompatible array type. Fixes issue raised by Grisha Levit - nameref_transform_name: if we're trying to resolve a nameref that will be used to create a local variable, make sure the nameref is at the same variable scope. Report from Grisha Levit 8/2 --- array.c - array_subrange: change to use string_list_pos_params after creating a WORD_LIST from the array slice, like assoc_subrange does subst.c - parameter_brace_substring: since assoc_subrange and array_subrange both call string_list_pos_params now, treat the results the same as the VT_POSPARAMS case (pos_params also calls string_list_pos_params). Fixes behavior difference between ${a[@]:sub} and ${@:sub} reported by Ilkka Virta 8/3 --- array.c - array_patsub: rewrite to work in terms of a WORD_LIST * and call string_list_pos_params on the result to be consistent with the expansions of ${@/pat/rep} and ${*/pat/rep} assoc.c - assoc_patsub: rewrite to work in terms of a WORD_LIST * and call string_list_pos_params on the result to be consistent with the expansions of ${@/pat/rep} and ${*/pat/rep} subst.c - parameter_brace_patsub: change how return value of {array,assoc}_patsub is treated to make it identical to pos_params_pat_subst, since they all call string_list_pos_params now - expand_string_for_pat: make sure we preserve the value of expand_no_split_dollar_star instead of just unconditionally setting it back to 0 in case it was 1 before this function was called 8/6 --- array.c - array_modcase: rewrite to work in terms of a WORD_LIST * and call string_list_pos_params on the result to be consistent with the expansions of ${@,,} and ${*,,} assoc.c - assoc_modcase: rewrite to work in terms of a WORD_LIST * and call string_list_pos_params on the result to be consistent with the expansions of ${@,,} and ${*,,} subst.c - parameter_brace_casemod: change how return value of {array,assoc}_modcase is treated to make it identical to pos_params_modcase, since they all call string_list_pos_params now 8/8 --- builtins/declare.def - declare_internal: if we are making local variables, and not dealing with the nameref attribute, make sure that any nameref variable we followed when resolving the name given was at the same variable context. If not, we just want to make or use a local variable with the name passed; if so, we want to use the nameref value as the variable name. Report from Grisha Levit 8/9 --- configure.ac - globasciiranges: RRI now on by default, must be turned off explicitly at configure time or runtime with `shopt -u globasciiranges' 8/14 ---- variables.c - dispose_saved_dollar_vars: decrement stack pointer before looking for saved positional parameters to dispose; stack pointer always points to the first unused slot 8/15 ---- variables.c - dollar_arg_stack: now a stack of struct saved_dollar_vars, which has an array for the first ten (dollar_vars) and a WORD_LIST * for the remaining (rest_of_args). Fixes performance issue with function calls and large numbers of positional parameters raised by Bize Ma - {save,restore,free,free_saved}_dollar_vars: new functions to manage dollar_vars and dollar_arg_stack members. Need to keep these in sync with whatever remember_args does - push_dollar_vars: use save_dollar_vars, which just copies pointers, and directly assign rest_of_args, without copying the words, to the dollar_arg_stack entry. Have to clear dollar_vars and rest_of_args with the assumption that callers will call remember_args(args, 1) immediately following - pop_dollar_vars: free current positional parameters and restore old ones from pointers saved in dollar_arg_stack, making sure to invalidate any cached value for "$@" - dispose_saved_dollar_vars: free saved pointers from current index into dollar_arg_stack doc/{bash.1,bashref.texi} - POSIXLY_CORRECT: make sure to note that bash makes sure this variable is set when posix mode is enabled 8/17 ---- {jobs,nojobs}.c - set_jobs_list_frozen: set jobs_list_frozen to a particular value. Intended to save and restore the value around code sections instead of unconditionally unfreezing it. jobs.h - set_jobs_list_frozen: extern declaration execute_cmd.c - execute_pipeline: if lastpipe is enabled, save and restore the value of jobs_list_frozen using freeze_jobs_list/set_jobs_list_frozen to avoid problems with race conditions and nested pipelines causing jobs to be removed from the jobs table. Fixes savannah issue https://savannah.gnu.org/support/index.php?109541 reported by Björn Kautler 8/24 ---- execute_cmd.c - lastpipe_cleanup: call set_jobs_list_frozen instead of unfreeze_jobs_list - execute_pipeline: set up lastpipe_cleanup with old value of jobs_list_frozen 9/3 --- builtins/printf.def - getuintmax,getfloatmax: on a conversion error, return as much of the value as we were able to convert instead of 0. Fixes bug reported by Robert Elz 9/4 --- lib/readline/text.c,lib/readline/rlprivate.h - _rl_backward_char_internal: new function, guts of rl_backward_char and rl_backward_byte, not currently used there lib/readline/vi_mode.c - _rl_vi_advance_point: new function, move point forward by one character, handling multibyte locales and characters and the end of line semantics - _rl_vi_backup_point: new function, move point backward by one character, handling multibyte locales and characters - rl_vi_eword,rl_vi_eWord: use rl_vi_advance_point instead of a simple increment to handle multibyte characters. Fixes bug reported by Enrico Maria De Angelis 9/5 --- lib/readline/vi_mode.c - rl_vi_fword,rl_vi_fWord: use rl_vi_advance_point instead of a simple increment to handle multibyte characters - rl_vi_bword,rl_vi_bWord: use rl_vi_backup_point instead of a simple decrement (and _rl_vi_advance_point where necessary) to handle multibyte characters - rl_vi_complete,_rl_vi_change_mbchar_case,_rl_vi_domove_motion_cleanup: use _rl_vi_advance_point instead of simple rl_point increment - vi_delete_dispatch,vi_change_dispatch,vi_yank_dispatch: use INCREMENT_POS instead of a simple increment to rl_mark to handle multibyte characters - rl_vi_column: use _rl_forward_char_internal, starting with rl_point == 0, to handle multibyte characters (Posix says `character position', not index) 9/7 --- configure.ac - changed release status to `beta' 9/9 --- lib/readline/display.c - _rl_update_final: if the bottom line has zero characters and we are on that line at column 0, don't bother with an additional \r\n. Fixes redisplay nit reported by Per Bothner configure.ac - openbsd needs DEV_FD_STAT_BROKEN defined [bash-5.0-beta frozen] 9/11 ---- builtins/exec.def - exec_builtin: make sure to sync the buffered stream where bash is reading input (especially if it's fd 0) so a command exec'd by the script can read the rest of stdin after the exec 9/15 ---- lib/readline/histexpand.c - history_tokenize_internal: if the event contains embedded newlines (e.g., bash with command-oriented history and lithist), use them as word delimiters, equivalent to space and tab, so they don't end up as separate words. Fixes issue pointed out by Viktor Dukhovni - history_tokenize_word: don't break if we get a newline (though we shouldn't get one due to the loop in history_tokenize_internal - history_expand_internal: use newline as a whitespace character when expanding by words, as we do with history_tokenize_internal jobs.h - J_PIPEFAIL: new flag for `flags' element of job struct jobs.c - stop_pipeline: if pipefail_opt set, newjob gets J_PIPEFAIL in its flags word - raw_job_exit_status: use J_PIPEFAIL (setting of pipefail when job created) instead of current setting of pipefail status to determine how to compute exit status of pipeline. Tentative implementation of Posix proposal expr.c - exp0: don't call expr_bind_variable with a NULL string. Fixes fuzzing bug reported by Eduardo Bustamante - expr_bind_variable: don't try to do anything with a NULL or empty LHS 9/16 ---- lib/readline/undo.c - rl_do_undo: before we release the undo list entry we've just processed, make sure we avoid any pointer aliasing issues caused by having the entry being removed as part of the undo list in _rl_saved_line_for_history. Fixes fuzzing bug reported by Eduardo Bustamante 9/17 ---- [bash-5.0-beta released] 9/18 ---- lib/readline/bind.c - name_and_keymap: new struct for keymap names and maps - builtin_keymap_names: static array of builtin keymap names and maps; preparing for allowing applications to set the names of keymaps they create; keymap_names is initially a pointer to this array - _rl_get_keymap_by_name,_rl_get_keymap_by_map: new functions for searching the keymap_names array and returning an index - rl_get_keymap_by_name, rl_get_keymap_name: rewritten in terms of new functions above - rl_set_keymap_name (char *name, Keymap map): new function, set name of MAP to NAME. NAME must not be builtin; MAP must not be one of the builtin keymaps. Request and initial implementation from Tom Tromey lib/readline/readline.h - rl_set_keymap_name: new extern declaration for new public function lib/readline/doc/rltech.texi - rl_set_keymap_name: add documentation lib/readline/doc/rluser.texi - add text to `set keymap' description to note that applications can add keymap names that can be used there 9/20 ---- parse.y - shell_getc: don't execute the alias hack (returning a space at the end of the string) if we are parsing a command substitution that starts with a double paren (subshell inside a comsub), in which case the flags are PSH_DPAREN. Fixes fuzzing bug reported by Eduardo Bustamante lib/readline/isearch.c - _rl_isearch_dispatch: default case: make sure we check multibyte char length when deciding whether to enlarge the search string buffer, instead of using the old assumption. Fixes fuzzing bug reported by Eduardo Bustamante builtins/fc.def,execute_cmd.c - fixed some missing free()s uncovered by coverity. Report from Siteshwar Vashisht lib/glob/glob.c - glob_vector: make sure name_vector is initialized to NULL lib/sh/{pathcanon,pathphys}.c - {pathcanon,pathphys}: use memmove instead of strcpy on a possibly- overlapping region of memory subst.c - parameter_list_transform: make sure to dispose the word list in all cases before returning - parameter_brace_expand_rhs: make sure t1 is freed before returning due to an invalid name resulting from an indirect expansion support/man2html.c - fixed a couple of memory leaks 9/21 ---- subst.c - process_substitute: if we are part of a job control process chain (pipeline_pgrp != shell_pgrp), have the child shell forked to run the process substitution set pipeline_pgrp to its own PID, effectively becoming a process group leader without changing its own process group. Fixes stray SIGHUP issue reported by Jeremy Townshend 9/23 ---- arrayfunc.c - assign_array_element: if we are assigning to an existing associative array, and assoc_expand_once is set, allow `*' and `@' as subscripts. Partial fix for report from Grisha Levit variables.c - bind_int_variable: if valid_array_reference (lhs) is not true, make sure that the lhs is a valid identifier before assigning the value arrayfunc.c - valid_array_reference: allow blank subscripts. They are treated as `normal' keys for associative arrays and evaluate to 0 for indexed arrays. More of fix for report from Grisha Levit 9/24 ---- bashline.c - restore_tilde: if the expanded length (xl) is longer than vl we end up requesting a negative amount of memory (an extremely large unsigned number). Just punt and return val in this case. Fuzzing bug reported by Eduardo Bustamante - restore_tilde: make sure we return what the user typed if tilde expansion fails 9/29 ---- builtins/shopt.def - uncomment `localvar_unset' option definition doc/{bash.1,bashref.texi} - document `localvar_unset' shell option arrayfunc.c - valid_array_reference: if we are parsing a subscript for an existing associative array, the `assoc_expand_once' option is set, and the VA_ONEWORD flag is set in FLAGS (meaning there should be nothing following the closing `]'), don't call skipsubscript to find the closing `]', use one that is at the end of the word. Part of fix for issue reported by Grisha Levit builtins/{printf,set}.def - pass VA_ONEWORD as part of flags value everywhere valid_array_reference is used config-top.h - CHECKWINSIZE_DEFAULT: now 1, so check_window_size is on by default - HISTEXPAND_DEFAULT: new define, allows builder to enable or disable history expansion by default at build time doc/{bash.1,bashref.texi} - checkwinsize: document new default value bashhist.h - HISTEXPAND_DEFAULT: don't define if it's already defined. Strict POSIX mode continues to default to off 9/30 ---- lib/readline/input.c - win32_isatty: win32-specific changes from GDB. Patch submitted by Tom Tromey , originally from Eli Zaretskii 10/1 ---- lib/readline/vi_mode.c - rl_vi_start_inserting: start an undo group so we can grab the text inserted here as a single unit, avoiding any insert coalescing performed by rl_insert_text. Report and fix from Richard Todd 10/3 ---- subst.c - parameter_brace_transform: if we're asked to display the attributes of an unset variable, check that the variable exists even if get_var_and_type returns NULL (it checks invisible_p). Requested by Michal Pesa lib/readline/kill.c - _rl_bracketed_text: new function, collects the text pasted in bracketed paste mode and consumes the bracketed paste end marker; returns the pasted text and its length - rl_bracketed_paste_begin: call _rl_bracketed_text to collect the text lib/readline/isearch.c - _rl_isearch_dispatch: set cxt->lastc to -7 if the input resolves to rl_bracketed_paste_begin - _rl_isearch_dispatch: if cxt->lastc == -7, call _rl_bracketed_text to collect the pasted text and add it to the accumulating search string. Only works if ESC is not one of the isearch terminators. Fixes issue reported in Debian bug report 891780, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891780 10/5 ---- variables.c - push_posix_tempvar_internal: new function, body of push_func_var with additional argument saying whether it's being called from a function or (special) builtin code path - push_builtin_var: new function, calls push_posix_tempvar_internal with second argument indicating builtin code path - push_func_var: now a stub that calls push_posix_tempvar_internal with second argument indicating function code path - pop_scope: if called from a special builtin, call push_builtin_var instead of push_func_var to do the right variable propagation builtins/shopt.def - progcomp_alias: uncomment, make available to users doc/{bash.1,bashref.texi},lib/readline/doc/rluser.texi - progcomp_alias: document shopt option, describe its use in the section on programmable completion trap.c - decode_signal: handle SIGRTMIN+n at runtime, with the `SIG' prefix or without, case-insensitively if requested, and return SIGRTMIN+n. These values could be different than what was available at compile time. Report and patch from Rasmus Villemoes 10/8 ---- execute_cmd.c - execute_command_internal: only set line_number from command->value.Subshell if the type == cm_subshell; otherwise defer and set later 10/10 ----- examples/loadables/seq.c - seq: new loadable builtin, derived originally from coreutils:seq.c but with very little of that code remaining 10/12 ----- trap.c - run_pending_traps,_run_trap_internal: honor evalnest_max and increment/decrement evalnest accordingly, since trap actions are processed as if run by `eval'. Feature suggsted by Mike Gerwitz 10/16 ----- expr.c - expr_skipsubscript: new function, calls skipsubscript with flags similar to arrayfunc.c:valid_array_subscript if assoc_expand_once is set and it looks like we've already expanded the subscript of an associative array. Reported back on 8/27 by Grisha Levit - readtok: call expr_skipsubscript instead of skipsubscript arrayfunc.c - valid_array_reference: call skipsubscript with a third arg computed from the VA_NOEXPAND flag only if we're expanding an associative array subscript -- we already figure out whether or not we are [bumped release status to beta2] 10/20 ----- builtins/setattr.def - set_or_show_attributes: after isolating NAME, make sure to restore the "[+]=" in case we need the word later. Issue pointed out by Grisha Levit 10/21 ----- lib/readline/search.c - noninc_search_from_pos: if we are supposed to be searching for a pattern (vi mode), make sure to pass S to _hs_history_patsearch, since that has any leading `^' stripped lib/readline/histsearch.c - _hs_history_patsearch: if the search isn't anchored, put a `*' at the beginning to force fnmatch to match anywhere in the line (could look at this later to make a change to history_search_internal that would avoid the need to add the leading `*') subst.c - parameter_brace_expand_rhs: treat a failure to assign a variable with a ${param:=value} expansion as an expansion error, and, in a non- interactive posix-mode shell, exit the shell - param_expand: don't set W_SPLITSPACE for $* unless IFS is NULL; consistent with other uses of W_SPLITSPACE 10/22 ----- doc/{bash.1,bashref.texi} - tweak description of bash conditional expressions to note that the test and [ commands determine their behavior based on the number of arguments. Suggested by Ilkka Virta 10/24 ----- execute_cmd.c - execute_simple_command: don't set $_ to NULL when executing a command that forks; just leave it unchanged. Tweaked the documentation slightly as a result. Inspired by report from Ricky Tigg 10/28 ----- redir.c - here_document_to_fd: make sure the temp files used to store here documents are readable (and writable, where necessary) by the user. This can happen in the unlikely case that someone decides to shoot himself in the foot by setting the umask to 400. Issue originally raised back in March by Stephane Chazelas ; fix inspired by Martijn Dekker 10/29 ----- lib/readline/terminal.c - bind_termcap_arrow_keys: bind the "kI" capability (what the Insert keypad key outputs) to overwrite mode. Patch from Xose Vazquez Perez 10/30 ----- braces.c - mkseq: make sure to terminate result array before passing it to strvec_dispose on an interrupt. Report and fix from Corbin Souffrant 11/6 ---- trap.c - _run_trap_internal: if the signal shows up as SIG_CHANGED after running the trap handler, check for terminating signals and run any terminating signal handler indicates. Fixes issue reported by Owen Stephens 11/7 ---- execute_cmd.c - execute_builtin: don't merge the temporary environment when the `return' builtin is being executed if it's being executed by the `command' builtin, since that's supposed to inhibit the special builtin properties. Part of POSIX conformance problems reported by Martin Rehak builtins/cd.def - bindpwd: if canonicalization fails when -P is specified (e.g. if the directory name length exceeds PATH_MAX), reset dirname ($PWD value) = to the_current_working_directory (Posix cd description, step 10.) Part of POSIX conformance problems reported by Martin Rehak builtins/kill.def - kill_builtin: support -sSIG and -nSIG without requiring them to be separate arguments. POSIX says a "conforming implementation" should accept them. Part of POSIX conformance problems reported by Martin Rehak 11/8 ---- arrayfunc.c - array_value_internal: return NULL for invisible array variables. Fixes issue with FUNCNAME sometimes returning invalid value reported by Great Big Dot builtins/cd.def - change_to_directory: if we are in posix mode, and the chdir to the absolute pathname ($PWD/dirname) fails, return an error without trying to use just `dirname' (posix cd step 10). Part of POSIX conformance problems reported by Martin Rehak execute_cmd.c - execute_case_command: use expand_word_leave_quoted to expand the word, then dequote the resulting string. This performs the expansions in the order posix specifies. Part of POSIX conformance problems reported by Martin Rehak subst.c - expand_word_unsplit: rewrite in terms of expand_word_leave_quoted - ifs_whitespace: new macro, Posix ifs whitespace (ISSPACE; member of current locale's space char class) - ifs_whitesep: new macro, whitespace that is a member of $IFS; used by list_string and get_word_from_string - list_string: use ifs_whitesep instead of spctabnl in case $IFS contains whitespace characters that are not space, tab, or newline - get_word_from_string: use ifs_whitesep instead of spctabnl in case $IFS contains whitespace characters that are not space, tab, or newline. Part of POSIX conformance problems reported by Martin Rehak 11/9 ---- general.c - posix_initialize: enable the shift_verbose option when turning on posix mode, and disable it when posix mode is disabled. From a report by Eric Blake doc/bashref.texi - posix mode: note the effect of posix mode on shift_verbose 11/12 ----- subst.c - parameter_brace_expand: if parameter_brace_expand_word returns an error, make sure to set TEMP = 0 (to note that the variable is unset). From a report by Grisha Levit - param_expand: if expanding $! when set -u is enabled, honor the PF_IGNUNBOUND flag and just return NULL, relying on the caller to take care of understanding that the variable is unset From a report by Grisha Levit - parameter_brace_expand: if we are checking nullness, and we have a valid array expansion, a quoted null string resulting from the array expansion of a * or @ subscript satisfies the nullness check. From a report by Grisha Levit 11/14 ----- aclocal.m4 - BASH_CHECK_LIB_TERMCAP: add last-ditch check for libncursesw, since it's apparently the only curses library on some distributions. Report from John Frankish 11/16 ----- bashline.c - attempt_shell_completion: allow an initial word completion to complete a partial first word (point appears in the middle of the word) before resorting to command completion. Report and fix from Luca Boccassi [bash-5.0-beta2 frozen] 11/27 ----- bashline.c - attempt_shell_completion: better fix for problems with fix from 11/16. Report and fix from Tom Ryder expr.c - expr_skipsubscript: fix return type. Report and fix from Andreas Schwab 11/29 ----- subst.c - quote_escapes_internal: refactored quote_escapes into a function that takes an additional flag saying whether or not we are going to split the result. If we are not, and CTLESC is in IFS, we quote the CTLESC (ditto for CTLNUL) to prevent it being removed when the string is dequoted. - quote_escapes: call quote_escapes_internal with FLAGS == 0 - quote_rhs: new function, calls quote_escapes with FLAGS == PF_NOSPLIT2 so that a CTLESC will be quoted if CTLESC is in $IFS - parameter_brace_expand_word: call quote_rhs on the value of a variable if PFLAGS includes PF_ASSIGNRHS, indicating that we will not be splitting the word, but we will be dequoting it. Fixes bug reported by Martijn Dekker - param_expand: same change as for parameter_brace_expand_word execute_cmd.c - execute_in_subshell: if we are running a trap (running_trap > 0), turn off the SIG_INPROGRESS and SIG_CHANGED flags for that signal by calling run_trap_cleanup and reset running_trap to 0 (watch the second part!). Tagged for bash-5.1. 11/30 ----- lib/readline/doc/rltech.texi - rl_set_keymap_name: correct typo in the name; some updates to the description that clarify usage. Report from 12/4 ---- aclocal.m4 - BASH_FUNC_FNMATCH_EQUIV_FALLBACK: a test of whether fnmatch(3) understands bracket equivalence classes ([=c=]) for characters that collate with equal weights but are not identical configure.ac,config.h.in - call BASH_FUNC_FNMATCH_EQUIV_FALLBACK and define FNMATCH_EQUIV_FALLBACK to 1 if it can be used for equivalence classes 12/5 ---- execute_cmd.c - eval_arith_for_expr,execute_arith_command,execute_cond_command: make sure running_trap == 0 before we reset the_printed_command_except_trap Report from Peng Yu lib/glob/smatch.c - _fnmatch_fallback_wc: new function, takes two wide characters c1 and c2, converts them to a pattern ([[=c2=]]) and a string (c1) for fnmatch to determine whether or not they are members of the same equivalence class - collequiv_wc: call _fnmatch_fallback_wc if rangecmp_wc returns non-zero if FNMATCH_EQUIV_FALLBACK is defined, so we know that fnmatch understands equivalence classes. Another Posix test suite issue from Martin Rehak 12/6 ---- redir.c - add missing cases to switch statements to shut up gcc 12/7 ---- builtins/set.def - find_minus_o_option: new helper function, returns index into o_options given option name - minus_o_option_value,set_minus_o_option: use find_minus_o_option general.c - new table of variables (currently all shopt options) that are modified by going into and out of posix mode; num_posix_options() returns the number of variables - get_posix_options: fill in a bitmap passed as an argument (or return a new one) of values of posix-mode-modified variables in the table - set_posix_options: set values of posix-mode-modified variables from the table using the passed bitmap for values builtins/set.def - get_current_options: make the bitmap large enough to hold the options in the set table and the table of posix-mode-modified variables; call get_posix_options to fill in those values after the values from the o_options table - set_current_options: call set_posix_options to reset the values of the posix-mode-modified variables at the end of the bitmap, after the o_options values. Fixes issue reported by PJ Eby 12/9 ---- parse.y - select_command: add two additional productions to support select commands without a word_list following the `in'. Fixes omission reported by Martijn Dekker 12/11 ----- variables.c - assign_in_env: don't allow namerefs in temporary environment assignments to create variables with invalid names for export. Fixes bug reported by Grisha Levit 12/14 ----- parse.y - don't change last_command_exit_value in the 'error yacc_EOF' production if the parser sets it to something non-zero; just make sure it indicates an error. Fixes problem with unexpected EOF in eval reported by Martijn Dekker 12/17 ----- expr.c - exp2 -> expmuldiv lib/sh/smatch.c - fnmatch: add extern declaration if FNMATCH_EQUIV_FALLBACK is being used hashlib.c - hash_string: add FNV offset as initial value for hash instead of starting at 0, changes hash for associative arrays and requires a bunch of changes to the "right" test suite files variables.c - rseed: make it explicitly 32 bits; that's all we're interested in anyway 12/18 ----- variables.c - brand: add some comments, make the constants explicitly 32 bits; use signed 32-bit values for the intermediate calculations. The algorithm is still minstd [bash-5.0-rc1 frozen] 12/21 ----- doc/bash.1 - }1: remove macro definition; it's outlived its bugfix purpose. Report from Derek Schrock 12/22 ----- subst.c - expand_arith_string: set W_NOTILDE in the flags so we don't perform tilde expansion at all, even for the previously-special-case array subscript expansion. Report from Bize Ma - expand_word_internal: take out Q_ARRAYSUB check for tilde expansion 12/26 ----- builtins/evalstring.c - parse_and_execute: if the eval builtin gets a parser error while parsing a string in posix mode, don't exit the shell if the eval was run by the command builtin. report from Martijn Dekker examples/loadables/{basename,dirname}.c - dirname_builtin: skip over any `--' ending the options. Report from Peng Yu 12/27 ----- examples/loadables/mkdir.c - make_path: add argument noting whether or not the user specified -m; only attempt the chmod on an existing directory if the user did so - make_path: when creating intermediate directories, perform the mkdir (path, 0) and chmod separately as the posix text recommends 12/28 ----- parser.h - PST_COMMENT: new state, set when the shell is reading characters until newline as part of comment processing parse.y - shell_getc: don't return a space at the end of a token if the parser is consuming a comment. Fixes bug reported by Harald van Dijk 12/31 ----- lib/glob/glob_loop.c - INTERNAL_GLOB_PATTERN_P: revert change from 4/27 that makes this function return non-zero for a backslash in the string. Based on a report from Tom Ryder [bash-5.0 frozen]