From f56e2f2ef9d131b1f62dad4427da1113f9b417c5 Mon Sep 17 00:00:00 2001
From: jikui <jikui2@huawei.com>
Date: Mon, 22 Nov 2021 16:45:39 +0800
Subject: [PATCH] busybox: fix CVE-2021-42377

backport from upstream:
https://git.busybox.net/busybox/commit/?h=1_34_stable&id=83a4967e50422867f340328d404994553e56b839

Signed-off-by: jikui <jikui2@huawei.com>
---
 shell/hush.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/shell/hush.c b/shell/hush.c
index 9fead37..48856f2 100644
--- a/shell/hush.c
+++ b/shell/hush.c
@@ -3694,9 +3694,10 @@ static void debug_print_tree(struct pipe *pi, int lvl)
 
 	pin = 0;
 	while (pi) {
-		fdprintf(2, "%*spipe %d %sres_word=%s followup=%d %s\n",
+		fdprintf(2, "%*spipe %d #cmds:%d %sres_word=%s followup=%d %s\n",
 				lvl*2, "",
 				pin,
+				pi->num_cmds,
 				(IF_HAS_KEYWORDS(pi->pi_inverted ? "! " :) ""),
 				RES[pi->res_word],
 				pi->followup, PIPE[pi->followup]
@@ -3839,6 +3840,9 @@ static void done_pipe(struct parse_context *ctx, pipe_style type)
 #endif
 		/* Replace all pipes in ctx with one newly created */
 		ctx->list_head = ctx->pipe = pi;
+		/* for case like "cmd && &", do not be tricked by last command
+		 * being null - the entire {...} & is NOT null! */
+		not_null = 1;
 	} else {
  no_conv:
 		ctx->pipe->followup = type;
-- 
2.25.1