From cb3a675077f06290e9431275e51a15de3849b499 Mon Sep 17 00:00:00 2001
From: Bryan Drewery <bdrewery@FreeBSD.org>
Date: Thu, 25 Sep 2014 15:39:28 +0000
Subject: MFH: r369261

Fix CVE-2014-3659. The original fix in 25 was not enough.

Obtained from:	http://seclists.org/oss-sec/2014/q3/690 (bash developer)
Security:	CVE-2014-3659
---
 shells/bash/Makefile            |  5 ++++-
 shells/bash/files/patch-parse.y | 13 +++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 shells/bash/files/patch-parse.y

diff --git a/shells/bash/Makefile b/shells/bash/Makefile
index e1e0b10c9575..e34efe29d637 100644
--- a/shells/bash/Makefile
+++ b/shells/bash/Makefile
@@ -4,7 +4,7 @@
 PORTNAME=		bash
 PATCHLEVEL=		25
 PORTVERSION=		4.3.${PATCHLEVEL:S/^0//g}
-PORTREVISION?=		0
+PORTREVISION?=		1
 CATEGORIES=		shells
 MASTER_SITES=		GNU
 MASTER_SITE_SUBDIR=	${PORTNAME}
@@ -64,6 +64,9 @@ CONFLICTS+=		bash-static-[0-9]*
 .endif
 
 post-patch:
+# Ensure y.tab.c is regenerated
+	${TOUCH} ${WRKSRC}/parse.y
+	${RM} ${WRKSRC}/y.tab.c
 	@${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|g" ${WRKSRC}/doc/bash.1
 .if ${PORT_OPTIONS:MSYSLOG}
 	@${REINPLACE_CMD} \
diff --git a/shells/bash/files/patch-parse.y b/shells/bash/files/patch-parse.y
new file mode 100644
index 000000000000..9ff2a82b19e0
--- /dev/null
+++ b/shells/bash/files/patch-parse.y
@@ -0,0 +1,13 @@
+http://seclists.org/oss-sec/2014/q3/690
+
+*** ../bash-20140912/parse.y	2014-08-26 15:09:42.000000000 -0400
+--- parse.y	2014-09-24 22:47:28.000000000 -0400
+***************
+*** 2959,2962 ****
+--- 2959,2964 ----
+    word_desc_to_read = (WORD_DESC *)NULL;
+  
++   eol_ungetc_lookahead = 0;
++ 
+    current_token = '\n';		/* XXX */
+    last_read_token = '\n';
-- 
cgit v1.2.3