wok view bash/stuff/funcdef-import-4.2.patch @ rev 17171
bash: CVE-2014-6271 fix
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Thu Sep 25 12:57:40 2014 +0200 (2014-09-25) |
| parents | |
| children |
line source
1 *** ../bash-4.2.47/builtins/common.h 2010-05-30 18:31:51.000000000 -0400
2 --- builtins/common.h 2014-09-16 19:35:45.000000000 -0400
3 ***************
4 *** 36,39 ****
5 --- 36,41 ----
7 /* Flags for describe_command, shared between type.def and command.def */
8 + #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */
9 + #define SEVAL_ONECMD 0x100 /* only allow a single command */
10 #define CDESC_ALL 0x001 /* type -a */
11 #define CDESC_SHORTDESC 0x002 /* command -V */
12 *** ../bash-4.2.47/builtins/evalstring.c 2010-11-23 08:22:15.000000000 -0500
13 --- builtins/evalstring.c 2014-09-16 19:35:45.000000000 -0400
14 ***************
15 *** 262,265 ****
16 --- 262,273 ----
17 struct fd_bitmap *bitmap;
19 + if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
20 + {
21 + internal_warning ("%s: ignoring function definition attempt", from_file);
22 + should_jump_to_top_level = 0;
23 + last_result = last_command_exit_value = EX_BADUSAGE;
24 + break;
25 + }
26 +
27 bitmap = new_fd_bitmap (FD_BITMAP_SIZE);
28 begin_unwind_frame ("pe_dispose");
29 ***************
30 *** 322,325 ****
31 --- 330,336 ----
32 dispose_fd_bitmap (bitmap);
33 discard_unwind_frame ("pe_dispose");
34 +
35 + if (flags & SEVAL_ONECMD)
36 + break;
37 }
38 }
39 *** ../bash-4.2.47/variables.c 2011-03-01 16:15:20.000000000 -0500
40 --- variables.c 2014-09-16 19:35:45.000000000 -0400
41 ***************
42 *** 348,357 ****
43 strcpy (temp_string + char_index + 1, string);
45 ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
46 !
47 ! /* Ancient backwards compatibility. Old versions of bash exported
48 ! functions like name()=() {...} */
49 ! if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
50 ! name[char_index - 2] = '\0';
52 if (temp_var = find_function (name))
53 --- 348,355 ----
54 strcpy (temp_string + char_index + 1, string);
56 ! /* Don't import function names that are invalid identifiers from the
57 ! environment. */
58 ! if (legal_identifier (name))
59 ! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
61 if (temp_var = find_function (name))
62 ***************
63 *** 362,369 ****
64 else
65 report_error (_("error importing function definition for `%s'"), name);
66 -
67 - /* ( */
68 - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
69 - name[char_index - 2] = '('; /* ) */
70 }
71 #if defined (ARRAY_VARS)
72 --- 360,363 ----