BASH PATCH REPORT ================= Bash-Release: 5.2 Patch-ID: bash52-001 Bug-Reported-by: Emanuele Torre Bug-Reference-ID: Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2022-09/msg00060.html Bug-Description: Expanding unset arrays in an arithmetic context can cause a segmentation fault. Patch (apply with `patch -p0'): *** ../bash-5.2/subst.c 2022-08-31 17:36:46.000000000 -0400 --- subst.c 2022-09-30 09:12:05.000000000 -0400 *************** *** 10858,10862 **** t = expand_subscript_string (exp, quoted & ~(Q_ARITH|Q_DOUBLE_QUOTES)); free (exp); ! exp = sh_backslash_quote (t, abstab, 0); free (t); --- 10858,10862 ---- t = expand_subscript_string (exp, quoted & ~(Q_ARITH|Q_DOUBLE_QUOTES)); free (exp); ! exp = t ? sh_backslash_quote (t, abstab, 0) : savestring (""); free (t); *** ../bash-5.2/patchlevel.h 2020-06-22 14:51:03.000000000 -0400 --- patchlevel.h 2020-10-01 11:01:28.000000000 -0400 *************** *** 26,30 **** looks for to find the patch level (for the sccs version string). */ ! #define PATCHLEVEL 0 #endif /* _PATCHLEVEL_H_ */ --- 26,30 ---- looks for to find the patch level (for the sccs version string). */ ! #define PATCHLEVEL 1 #endif /* _PATCHLEVEL_H_ */