* update bash to 5.2.026-5

bash/bash-5.2_p15-configure-clang16.patch

@@ -0,0 +1,37 @@
+https://lists.gnu.org/archive/html/bug-bash/2023-02/msg00000.html)
+
+From 2cdf8b42885189b3cf7c47096b01f104e520546a Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Thu, 2 Feb 2023 05:43:37 +0000
+Subject: [PATCH] aclocal.m4: fix -Wimplicit-function-declaration in dup2 check
+
+dup2 requires a <unistd.h> include. Fixes the following when diffing config.log
+ when testing with a stricter compiler:
+```
+-warning: call to undeclared function 'dup2'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
++error: call to undeclared function 'dup2'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
+```
+--- aclocal.m4
++++ aclocal.m4
+@@ -238,6 +238,9 @@ AC_CACHE_VAL(bash_cv_dup2_broken,
+ #include <sys/types.h>
+ #include <fcntl.h>
+ #include <stdlib.h>
++#ifdef HAVE_UNISTD_H
++#include <unistd.h>
++#endif
+ int
+ main()
+ {
+--- configure
++++ configure
+@@ -18121,6 +18121,9 @@ else $as_nop
+ #include <sys/types.h>
+ #include <fcntl.h>
+ #include <stdlib.h>
++#ifdef HAVE_UNISTD_H
++#include <unistd.h>
++#endif
+ int
+ main()
+ {

bash/bash-5.2_p15-random-ub.patch

@@ -0,0 +1,13 @@
+https://lists.gnu.org/archive/html/bug-bash/2023-01/msg00016.html
+https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=0647e53bd15c8982d89a03c2db1643aedd7cd649
+
+--- lib/sh/random.c
++++ lib/sh/random.c
+@@ -75,7 +75,7 @@ u_bits32_t last;
+   /* Can't seed with 0. */
+   ret = (last == 0) ? 123459876 : last;
+   h = ret / 127773;
+-  l = ret - (127773 * h);
++  l = ret % 127773;
+   t = 16807 * l - 2836 * h;
+   ret = (t < 0) ? t + 0x7fffffff : t;

bash/bash-5.2_p21-configure-strtold.patch

@@ -0,0 +1,32 @@
+https://src.fedoraproject.org/rpms/bash/blob/bd5ac20b134f2936c54245fc83a8e70207d3e07e/f/bash-configure-c99-2.patch
+
+Another C compatibility issue: char ** and char * are distinct types,
+and strtold expects the former for its second argument.
+
+Submitted upstream:
+
+  <https://lists.gnu.org/archive/html/bug-bash/2023-11/msg00104.html>
+
+--- configure.ac
++++ configure.ac
+@@ -885,7 +885,7 @@ AC_CHECK_DECLS([strtold], [
+ 	[AC_COMPILE_IFELSE(
+ 		[AC_LANG_PROGRAM(
+ 		[[#include <stdlib.h>]],
+-		[[long double r; char *foo, bar; r = strtold(foo, &bar);]]
++		[[long double r; char *foo, *bar; r = strtold(foo, &bar);]]
+ 	)],
+ 	[bash_cv_strtold_broken=no],[bash_cv_strtold_broken=yes])
+         ]
+
+--- configure
++++ configure
+@@ -15676,7 +15676,7 @@ else $as_nop
+ int
+ main (void)
+ {
+-long double r; char *foo, bar; r = strtold(foo, &bar);
++long double r; char *foo, *bar; r = strtold(foo, &bar);
+ 
+   ;
+   return 0;

bash/bash-5.2_p21-wpointer-to-int.patch

@@ -0,0 +1,13 @@
+https://lists.gnu.org/archive/html/bug-bash/2023-03/msg00116.html
+https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=57d4dc15ff35895a1c1248f948f59739ffb99fde
+--- lib/sh/random.c
++++ lib/sh/random.c
+@@ -90,7 +90,7 @@ genseed ()
+   u_bits32_t iv;
+ 
+   gettimeofday (&tv, NULL);
+-  iv = (u_bits32_t)seedrand;		/* let the compiler truncate */
++  iv = (uintptr_t)seedrand;		/* let the compiler truncate */
+   iv = tv.tv_sec ^ tv.tv_usec ^ getpid () ^ getppid () ^ current_user.uid ^ iv;
+   return (iv);
+ }

bash/bash-5.2_p26-memory-leaks.patch

@@ -0,0 +1,136 @@
+https://lists.gnu.org/archive/html/bug-bash/2024-01/msg00036.html
+https://lists.gnu.org/archive/html/bug-bash/2024-01/txtm8yNNPR9RQ.txt
+
+For evalstring.c:
+* https://lists.gnu.org/archive/html/bug-bash/2024-01/msg00011.html
+* https://git.savannah.gnu.org/cgit/bash.git/diff/builtins/evalstring.c?h=devel&id=81f7b44564cd1510788035cea7c59631865a7db2&dt=1#n766
+
+From 711ab85262884f2b91f09eceb9aefd0e2426ce67 Mon Sep 17 00:00:00 2001
+From: Grisha Levit <grishalevit@gmail.com>
+Date: Sat, 3 Jun 2023 16:51:26 -0400
+Subject: [PATCH] various leaks
+
+Found mostly by normal usage running a no-bash-malloc build with clang's
+LeakSanitizer enabled. So far seems to provide very accurate results.
+
+* arrayfunc.c
+- quote_compound_array_word: make sure to free VALUE
+- bind_assoc_var_internal: if assigning to a dynamic variable, make sure
+  to free the key (usually assoc_insert would do it)
+
+* bashline.c
+- bash_command_name_stat_hook: free original *NAME if we are going to
+  change what it points to (what the callers seem to expect)
+
+* builtins/evalstring.c
+- parse_and_execute: make sure to dispose of the parsed command
+  resulting from a failed function import attempt
+- open_redir_file: if we did not get a pointer to pass back the expanded
+  filename, make sure to free the name
+
+* examples/loadables/stat.c
+- loadstat: bind_assoc_variable does not free its VALUE argument so make
+  sure to do it
+
+* subst.c
+- param_expand: free temp1 value for codepaths that don't do it
+---
+ arrayfunc.c               | 6 +++++-
+ bashline.c                | 1 +
+ builtins/evalstring.c     | 4 ++++
+ examples/loadables/stat.c | 1 +
+ subst.c                   | 2 ++
+ 5 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/arrayfunc.c b/arrayfunc.c
+index 2c05d15b..8ba64084 100644
+--- arrayfunc.c
++++ arrayfunc.c
+@@ -208,7 +208,10 @@ bind_assoc_var_internal (entry, hash, key, value, flags)
+   newval = make_array_variable_value (entry, 0, key, value, flags);
+ 
+   if (entry->assign_func)
+-    (*entry->assign_func) (entry, newval, 0, key);
++    {
++      (*entry->assign_func) (entry, newval, 0, key);
++      FREE (key);
++    }
+   else
+     assoc_insert (hash, key, newval);
+ 
+@@ -985,6 +988,7 @@ quote_compound_array_word (w, type)
+   if (t != w+ind)
+    free (t);
+   strcpy (nword + i, value);
++  free (value);
+ 
+   return nword;
+ }
+diff --git a/bashline.c b/bashline.c
+index c85b05b6..bd7548cc 100644
+--- bashline.c
++++ bashline.c
+@@ -1928,6 +1928,7 @@ bash_command_name_stat_hook (name)
+   result = search_for_command (cname, 0);
+   if (result)
+     {
++      FREE (*name);
+       *name = result;
+       return 1;
+     }
+diff --git a/builtins/evalstring.c b/builtins/evalstring.c
+index df3dd68e..20c6a4a7 100644
+--- builtins/evalstring.c
++++ builtins/evalstring.c
+@@ -461,6 +461,8 @@ parse_and_execute (string, from_file, flags)
+ 		      should_jump_to_top_level = 0;
+ 		      last_result = last_command_exit_value = EX_BADUSAGE;
+ 		      set_pipestatus_from_exit (last_command_exit_value);
++		      dispose_command(command);
++		      global_command = (COMMAND *)NULL;
+ 		      reset_parser ();
+ 		      break;
+ 		    }
+@@ -762,6 +764,8 @@ open_redir_file (r, fnp)
+ 
+   if (fnp)
+     *fnp = fn;
++  else
++    free (fn);
+   return fd;
+ }
+ 
+diff --git a/examples/loadables/stat.c b/examples/loadables/stat.c
+index 1e60e7b6..ed5c9764 100644
+--- examples/loadables/stat.c
++++ examples/loadables/stat.c
+@@ -349,6 +349,7 @@ loadstat (vname, var, fname, flags, fmt, sp)
+       key = savestring (arraysubs[i]);
+       value = statval (i, fname, flags, fmt, sp);
+       v = bind_assoc_variable (var, vname, key, value, ASS_FORCE);
++      free (value);
+     }
+   return 0;
+ }
+diff --git a/subst.c b/subst.c
+index 1ac6eb2d..ff0602da 100644
+--- subst.c
++++ subst.c
+@@ -10727,6 +10727,7 @@ comsub:
+ 	    {
+ 	      chk_atstar (temp, quoted, pflags, quoted_dollar_at_p, contains_dollar_at);
+ 	      tdesc = parameter_brace_expand_word (temp, SPECIAL_VAR (temp, 0), quoted, pflags, 0);
++	      free (temp1);
+ 	      if (tdesc == &expand_wdesc_error || tdesc == &expand_wdesc_fatal)
+ 		return (tdesc);
+ 	      ret = tdesc;
+@@ -10739,6 +10740,7 @@ comsub:
+ 	    {
+ 	      set_exit_status (EXECUTION_FAILURE);
+ 	      report_error (_("%s: invalid variable name for name reference"), temp);
++	      free (temp1);
+ 	      return (&expand_wdesc_error);	/* XXX */
+ 	    }
+ 	  else
+-- 
+2.43.0