On Mon, 2020-12-28 at 21:04 +0100, Alexander Kanavin wrote:Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> --- meta/recipes-extended/bash/bash.inc | 1 + .../bash/bash/CVE-2019-18276.patch | 386 ------------------ .../bash/bash/build-tests.patch | 16 +- meta/recipes-extended/bash/bash_5.0.bb | 80 ---- meta/recipes-extended/bash/bash_5.1.bb | 30 ++ 5 files changed, 40 insertions(+), 473 deletions(-) delete mode 100644 meta/recipes-extended/bash/bash/CVE-2019-18276.patch delete mode 100644 meta/recipes-extended/bash/bash_5.0.bb create mode 100644 meta/recipes-extended/bash/bash_5.1.bbThere is a reproducibility issue in bash 5.1: https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20210107-8jzr3hc5/packages/diff-html/ looks like the issue in in redir.c and I think at a really quick glance, the computation of PIPESIZE. Seems to tbe 0x1000 on some systems and 0x10000 on others. bash 5.1 hasn't merged yet and is in master-next. If nobody else gets to it I will dig further when I have time but wanted to mention it.
I looked at this. It appears that bash runs a host program to
determine the pipe size by writing to a pipe until it gets SIGPIPE
(builtin/psize.c). I'm not sure why this would result in a
different size on different hosts... perhaps the pipe size is
configurable in the kernel? Anyway, I suspect that the fix is to
add -DHEREDOC_PIPESIZE=4096 to CFLAGS in the recipe.... it's not
my favorite fix, but the bash configure script does the same thing
to set the pipe size for FreeBSD.
Cheers, Richard