43 lines
1.3 KiB
Diff
43 lines
1.3 KiB
Diff
From f56e2f2ef9d131b1f62dad4427da1113f9b417c5 Mon Sep 17 00:00:00 2001
|
|
From: jikui <jikui2@huawei.com>
|
|
Date: Mon, 22 Nov 2021 16:45:39 +0800
|
|
Subject: [PATCH] busybox: fix CVE-2021-42377
|
|
|
|
backport from upstream:
|
|
https://git.busybox.net/busybox/commit/?h=1_34_stable&id=83a4967e50422867f340328d404994553e56b839
|
|
|
|
Signed-off-by: jikui <jikui2@huawei.com>
|
|
---
|
|
shell/hush.c | 6 +++++-
|
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/shell/hush.c b/shell/hush.c
|
|
index 9fead37..48856f2 100644
|
|
--- a/shell/hush.c
|
|
+++ b/shell/hush.c
|
|
@@ -3694,9 +3694,10 @@ static void debug_print_tree(struct pipe *pi, int lvl)
|
|
|
|
pin = 0;
|
|
while (pi) {
|
|
- fdprintf(2, "%*spipe %d %sres_word=%s followup=%d %s\n",
|
|
+ fdprintf(2, "%*spipe %d #cmds:%d %sres_word=%s followup=%d %s\n",
|
|
lvl*2, "",
|
|
pin,
|
|
+ pi->num_cmds,
|
|
(IF_HAS_KEYWORDS(pi->pi_inverted ? "! " :) ""),
|
|
RES[pi->res_word],
|
|
pi->followup, PIPE[pi->followup]
|
|
@@ -3839,6 +3840,9 @@ static void done_pipe(struct parse_context *ctx, pipe_style type)
|
|
#endif
|
|
/* Replace all pipes in ctx with one newly created */
|
|
ctx->list_head = ctx->pipe = pi;
|
|
+ /* for case like "cmd && &", do not be tricked by last command
|
|
+ * being null - the entire {...} & is NOT null! */
|
|
+ not_null = 1;
|
|
} else {
|
|
no_conv:
|
|
ctx->pipe->followup = type;
|
|
--
|
|
2.25.1
|
|
|