BASH PATCH REPORT ================= Bash-Release: 5.2 Patch-ID: bash52-010 Bug-Reported-by: larsh@apache.org Bug-Reference-ID: Bug-Reference-URL: https://savannah.gnu.org/support/?110744 Bug-Description: Bash-5.2 checks the first 128 characters of an executable file that execve() refuses to execute to see whether it's a binary file before trying to execute it as a shell script. This defeats some previously-supported use cases like "self-executing" jar files or "self-uncompressing" scripts. Patch (apply with `patch -p0'): *** ../bash-5.2-patched/general.c 2022-11-07 10:31:42.000000000 -0500 --- general.c 2022-11-18 14:48:45.000000000 -0500 *************** *** 684,687 **** --- 684,688 ---- { register int i; + int nline; unsigned char c; *************** *** 690,702 **** /* Generally we check the first line for NULs. If the first line looks like ! a `#!' interpreter specifier, we just look for NULs anywhere in the ! buffer. */ ! if (sample[0] == '#' && sample[1] == '!') ! return (memchr (sample, '\0', sample_len) != NULL); for (i = 0; i < sample_len; i++) { c = sample[i]; ! if (c == '\n') return (0); if (c == '\0') --- 691,701 ---- /* Generally we check the first line for NULs. If the first line looks like ! a `#!' interpreter specifier, we look for NULs in the first two lines. */ ! nline = (sample[0] == '#' && sample[1] == '!') ? 2 : 1; for (i = 0; i < sample_len; i++) { c = sample[i]; ! if (c == '\n' && --nline == 0) return (0); if (c == '\0') *** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** looks for to find the patch level (for the sccs version string). */ ! #define PATCHLEVEL 9 #endif /* _PATCHLEVEL_H_ */ --- 26,30 ---- looks for to find the patch level (for the sccs version string). */ ! #define PATCHLEVEL 10 #endif /* _PATCHLEVEL_H_ */