sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-06-21 12:40:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ports/shells/bash/files/extrapatch-import-functions
Bryan Drewery 62f9f87a4d - Update to patchlevel 27 which changes how functions are exported. 
This should eliminate the recent vulnerabilities, but keep the
  requirement for --import-functions/IMPORTFUNCTIONS option for now.
- Loosen the --import-functions requirement so it is not needed when running
  an interactive shell. It is already disallowed for privileged/setuid mode.
- Show an error on stderr when an imported function is ignored.
2014-09-28 16:47:00 +00:00

66 lines
2.4 KiB
Text
Raw Blame History

Based on christos@NetBSD's patch
--- shell.c.christos 2014-01-14 08:04:32.000000000 -0500
+++ shell.c 2014-09-25 16:11:51.000000000 -0400
@@ -229,6 +229,7 @@
#else
int posixly_correct = 0; /* Non-zero means posix.2 superset. */
#endif
+int import_functions = IMPORT_FUNCTIONS_DEF; /* Import functions from environment */
/* Some long-winded argument names. These are obviously new. */
#define Int 1
@@ -248,6 +249,7 @@
{ "help", Int, &want_initial_help, (char **)0x0 },
{ "init-file", Charp, (int *)0x0, &bashrc_file },
{ "login", Int, &make_login_shell, (char **)0x0 },
+ { "import-functions", Int, &import_functions, (char **)0x0 },
{ "noediting", Int, &no_line_editing, (char **)0x0 },
{ "noprofile", Int, &no_profile, (char **)0x0 },
{ "norc", Int, &no_rc, (char **)0x0 },
--- variables.c.orig 2014-09-28 11:15:53.189768951 -0500
+++ variables.c 2014-09-28 11:27:07.250722694 -0500
@@ -110,6 +110,7 @@ extern time_t shell_start_time;
extern int assigning_in_environment;
extern int executing_builtin;
extern int funcnest_max;
+extern int import_functions;
#if defined (READLINE)
extern int no_line_editing;
@@ -328,6 +329,7 @@ initialize_shell_variables (env, privmod
char *name, *string, *temp_string;
int c, char_index, string_index, string_length, ro;
SHELL_VAR *temp_var;
+ int skipped_import;
create_variable_tables ();
@@ -352,9 +354,12 @@ initialize_shell_variables (env, privmod
temp_var = (SHELL_VAR *)NULL;
+ skipped_import = 0;
+reval:
+
/* If exported function, define it now. Don't import functions from
the environment in privileged mode. */
- if (privmode == 0 && read_but_dont_execute == 0 &&
+ if (skipped_import == 0 && privmode == 0 && read_but_dont_execute == 0 &&
STREQN (BASHFUNC_PREFIX, name, BASHFUNC_PREFLEN) &&
STREQ (BASHFUNC_SUFFIX, name + char_index - BASHFUNC_SUFFLEN) &&
STREQN ("() {", string, 4))
@@ -367,6 +372,12 @@ initialize_shell_variables (env, privmod
tname = name + BASHFUNC_PREFLEN; /* start of func name */
tname[namelen] = '\0'; /* now tname == func name */
+ if (!import_functions && !interactive_shell) {
+ skipped_import = 1;
+ report_error (_("Skipping importing function definition for `%s': --import-functions required."), tname);
+ goto reval;
+ }
+
string_length = strlen (string);
temp_string = (char *)xmalloc (namelen + string_length + 2);
Reference in a new issue View git blame Copy permalink