1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
BASH PATCH REPORT
=================
Bash-Release: 5.2
Patch-ID: bash52-001
Bug-Reported-by: Emanuele Torre <torreemanuele6@gmail.com>
Bug-Reference-ID: <CAA7hNqeR1eSdiGK8mjQSqJPo815JYoG-Ekz-5PrAJTEYy2e6hg@mail.gmail.com>
Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-09/msg00060.html
Bug-Description:
Expanding unset arrays in an arithmetic context can cause a segmentation fault.
--- a/patchlevel.h
+++ b/patchlevel.h
@@ -25,6 +25,6 @@
regexp `^#define[ ]*PATCHLEVEL', since that's what support/mkversion.sh
looks for to find the patch level (for the sccs version string). */
-#define PATCHLEVEL 0
+#define PATCHLEVEL 1
#endif /* _PATCHLEVEL_H_ */
--- a/subst.c
+++ b/subst.c
@@ -10857,7 +10857,7 @@ expand_array_subscript (string, sindex,
exp = substring (string, si+1, ni);
t = expand_subscript_string (exp, quoted & ~(Q_ARITH|Q_DOUBLE_QUOTES));
free (exp);
- exp = sh_backslash_quote (t, abstab, 0);
+ exp = t ? sh_backslash_quote (t, abstab, 0) : savestring ("");
free (t);
slen = STRLEN (exp);
|
