From 64368c6fd95e4f749e6133398ad4d5fce3c9b940 Mon Sep 17 00:00:00 2001
From: Chet Ramey <chet.ramey@case.edu>
Date: Thu, 25 Sep 2014 23:31:51 -0600
Subject: Patch CVE-2014-7169

Patch-ID: bash41-013
Under certain circumstances, bash can incorrectly save a lookahead character and
return it on a subsequent call, even when reading a new line.

Change-Id: I29dcf444011f77e104b6a82e8cada731e3917646
ref: http://seclists.org/oss-sec/2014/q3/734
ref: http://seclists.org/oss-sec/2014/q3/685
---
 parse.y | 2 ++
 y.tab.c | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/parse.y b/parse.y
index b5c94e7..6f964ef 100644
--- a/parse.y
+++ b/parse.y
@@ -2848,6 +2848,8 @@ reset_parser ()
   FREE (word_desc_to_read);
   word_desc_to_read = (WORD_DESC *)NULL;
 
+  eol_ungetc_lookahead = 0;
+
   current_token = '\n';		/* XXX */
   last_read_token = '\n';
   token_to_read = '\n';
diff --git a/y.tab.c b/y.tab.c
index d8280fc..125d1a7 100644
--- a/y.tab.c
+++ b/y.tab.c
@@ -5160,6 +5160,8 @@ reset_parser ()
   FREE (word_desc_to_read);
   word_desc_to_read = (WORD_DESC *)NULL;
 
+  eol_ungetc_lookahead = 0;
+
   current_token = '\n';		/* XXX */
   last_read_token = '\n';
   token_to_read = '\n';
-- 
cgit v1.1