1107430 – bash wrong 'search and replace' parameter expansion with pattern matching *

Bug 1107430 - bash wrong 'search and replace' parameter expansion with pattern matching *

Summary: bash wrong 'search and replace' parameter expansion with pattern matching *

Status:	RESOLVED WONTFIX

Alias:	None

Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Basesystem (show other bugs)
Version:	Leap 42.3
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Dr. Werner Fink
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2018-09-06 08:33 UTC by Mario Goppold
Modified:	2019-07-11 11:34 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mario Goppold 2018-09-06 08:33:30 UTC

User-Agent:       Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.75 Safari/537.36
Build Identifier: 

bash-4.3-83.6.1.x86_64 process the * pattern matching wrong.

man bash: * Matches any string, including the null string but the null string is not handled correctly







Reproducible: Always

Actual Results:  
T="";echo ">${T//*/ }<"
><

Expected Results:  
T="";echo ">${T//*/ }<"
> <

bash-4.4-lp150.7.8.x86_64 worked as expected

Comment 2 Swamp Workflow Management 2018-10-12 16:09:49 UTC

SUSE-RU-2018:3125-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1094121,1107430
CVE References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    bash-4.3-83.15.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    bash-4.3-83.15.1
SUSE Linux Enterprise Server 12-SP3 (src):    bash-4.3-83.15.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    bash-4.3-83.15.1
SUSE CaaS Platform ALL (src):    bash-4.3-83.15.1
SUSE CaaS Platform 3.0 (src):    bash-4.3-83.15.1
OpenStack Cloud Magnum Orchestration 7 (src):    bash-4.3-83.15.1

Comment 3 Swamp Workflow Management 2018-10-17 04:14:43 UTC

openSUSE-RU-2018:3184-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1094121,1107430
CVE References: 
Sources used:
openSUSE Leap 42.3 (src):    bash-4.3-83.9.1

Comment 4 Tomáš Chvátal 2019-07-11 11:34:14 UTC

This is automated batch bugzilla cleanup.

The openSUSE 42.3 changed to end-of-life (EOL [1]) status. As such
it is no longer maintained, which means that it will not receive any
further security or bug fix updates.
As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
openSUSE (At this moment openSUSE Leap 15.1, 15.0 and Tumbleweed) please
feel free to reopen this bug against that version (!you must update the
"Version" component in the bug fields, do not just reopen please), or
alternatively create a new ticket.

Thank you for reporting this bug and we are sorry it could not be fixed
during the lifetime of the release.

[1] https://en.opensuse.org/Lifetime