Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 29 Sep 2014 19:55:42 +0200
From: Florian Weimer <fweimer@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: Array importing in bash 4.3

On 09/29/2014 05:47 PM, Kobrin, Eric wrote:
> This code also reveals a difference from the function export code.
>
> The ARRAY_EXPORT code frees temp_string after using it. The function export code mallocs, but never frees it. That behavior predates the recent patches.

That's because parse_and_execute takes ownership of the string by 
default.  See the comment in builtins/evalstring.c:

/* Parse and execute the commands in STRING.  Returns whatever
    execute_command () returns.  This frees STRING.  FLAGS is a
    flags word; look in common.h for the possible values.  Actions
    are:
         (flags & SEVAL_NONINT) -> interactive = 0;
         (flags & SEVAL_INTERACT) -> interactive = 1;
         (flags & SEVAL_NOHIST) -> call bash_history_disable ()
         (flags & SEVAL_NOFREE) -> don't free STRING when finished
         (flags & SEVAL_RESETLINE) -> reset line_number to 1
*/


-- 
Florian Weimer / Red Hat Product Security

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.