nalika / rpms / bash

Forked from rpms/bash 2 years ago
Clone

Blame SOURCES/bash-5.0-cve-2019-18276.patch

311a36
diff --git a/config.h.in b/config.h.in
311a36
index 1a89e85..2df4786 100644
311a36
--- a/config.h.in
311a36
+++ b/config.h.in
311a36
@@ -801,6 +801,14 @@
311a36
 #undef HAVE_SETREGID
311a36
 #undef HAVE_DECL_SETREGID
311a36
 
311a36
+/* Define if you have the setregid function.  */
311a36
+#undef HAVE_SETRESGID
311a36
+#undef HAVE_DECL_SETRESGID
311a36
+
311a36
+/* Define if you have the setresuid function.  */
311a36
+#undef HAVE_SETRESUID
311a36
+#undef HAVE_DECL_SETRESUID
311a36
+
311a36
 /* Define if you have the setvbuf function.  */
311a36
 #undef HAVE_SETVBUF
311a36
 
311a36
diff --git a/configure.ac b/configure.ac
311a36
index a3f6d8f..e5162c4 100644
311a36
--- a/configure.ac
311a36
+++ b/configure.ac
311a36
@@ -799,6 +799,7 @@ AC_CHECK_DECLS([confstr])
311a36
 AC_CHECK_DECLS([printf])
311a36
 AC_CHECK_DECLS([sbrk])
311a36
 AC_CHECK_DECLS([setregid])
311a36
+AC_CHECK_DECLS[(setresuid, setresgid])
311a36
 AC_CHECK_DECLS([strcpy])
311a36
 AC_CHECK_DECLS([strsignal])
311a36
 
311a36
diff --git a/shell.c b/shell.c
311a36
index 4aae182..484d8a9 100644
311a36
--- a/shell.c
311a36
+++ b/shell.c
311a36
@@ -1286,7 +1286,11 @@ disable_priv_mode ()
311a36
 {
311a36
   int e;
311a36
 
311a36
+#if HAVE_DECL_SETRESUID
311a36
+  if (setresuid (current_user.uid, current_user.uid, current_user.uid) < 0)
311a36
+#else
311a36
   if (setuid (current_user.uid) < 0)
311a36
+#endif
311a36
     {
311a36
       e = errno;
311a36
       sys_error (_("cannot set uid to %d: effective uid %d"), current_user.uid, current_user.euid);
311a36
@@ -1295,7 +1299,11 @@ disable_priv_mode ()
311a36
 	exit (e);
311a36
 #endif
311a36
     }
311a36
+#if HAVE_DECL_SETRESGID
311a36
+  if (setresgid (current_user.gid, current_user.gid, current_user.gid) < 0)
311a36
+#else
311a36
   if (setgid (current_user.gid) < 0)
311a36
+#endif
311a36
     sys_error (_("cannot set gid to %d: effective gid %d"), current_user.gid, current_user.egid);
311a36
 
311a36
   current_user.euid = current_user.uid;
311a36
-- 
311a36
2.25.4