bugfix: invalid memory access

This is an upstream bugfix:
 Patch-ID:       bash42-052

When bash is parsing a function definition that contains a here-document
delimited by end-of-file (or end-of-string), it leaves the closing delimiter
uninitialized.  This can result in an invalid memory access when the parsed
function is later copied.

Change-Id: I033a2062a3e8265ceda3ed4a61d2afb53581f71f

2 files changed, 2 insertions, 1 deletions

diff --git a/copy_cmd.c b/copy_cmd.c
index 911d34f..826e0c3 100644
--- a/copy_cmd.c
+++ b/copy_cmd.c
@@ -126,7 +126,7 @@ copy_redirect (redirect)
     {
     case r_reading_until:
     case r_deblank_reading_until:
-      new_redirect->here_doc_eof = savestring (redirect->here_doc_eof);
+      new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0;
       /*FALLTHROUGH*/
     case r_reading_string:
     case r_appending_to:
diff --git a/make_cmd.c b/make_cmd.c
index 2eb4fda..4fcfc2e 100644
--- a/make_cmd.c
+++ b/make_cmd.c
@@ -689,6 +689,7 @@ make_redirection (source, instruction, dest_and_filename, flags)
   /* First do the common cases. */
   temp->redirector = source;
   temp->redirectee = dest_and_filename;
+  temp->here_doc_eof = 0;
   temp->instruction = instruction;
   temp->flags = 0;
   temp->rflags = flags;