BASH PATCH REPORT ================= Bash-Release: 5.1 Patch-ID: bash51-014 Bug-Reported-by: platon7pronko@gmail.com Bug-Reference-ID: Bug-Reference-URL: https://savannah.gnu.org/patch/?10035 Bug-Description: Bash may produce corrupted input if a multibyte character spans a 512-byte boundary while reading the output of a command substitution. Patch (apply with `patch -p0'): *** ../bash-20210217/subst.c 2021-02-03 10:32:08.000000000 -0500 --- subst.c 2021-03-01 16:47:52.000000000 -0500 *************** *** 6243,6247 **** /* punt on the hard case for now */ memset (&ps, '\0', sizeof (mbstate_t)); ! mblen = mbrtowc (&wc, bufp-1, bufn+1, &ps); if (MB_INVALIDCH (mblen) || mblen == 0 || mblen == 1) istring[istring_index++] = c; --- 6243,6247 ---- /* punt on the hard case for now */ memset (&ps, '\0', sizeof (mbstate_t)); ! mblen = mbrtowc (&wc, bufp-1, bufn, &ps); if (MB_INVALIDCH (mblen) || mblen == 0 || mblen == 1) istring[istring_index++] = c; *** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** looks for to find the patch level (for the sccs version string). */ ! #define PATCHLEVEL 13 #endif /* _PATCHLEVEL_H_ */ --- 26,30 ---- looks for to find the patch level (for the sccs version string). */ ! #define PATCHLEVEL 14 #endif /* _PATCHLEVEL_H_ */