diff options
| author | Daniil Baturin <daniil@baturin.org> | 2014-09-25 20:18:40 +0200 |
|---|---|---|
| committer | Daniil Baturin <dmbaturin@squeeze32devel.multi.eu> | 2014-09-26 05:46:35 +0200 |
| commit | 3deb93020668276c731fe8cbb399460044bbed57 (patch) | |
| tree | 9e60c56020ce82b003af8d31ba87d1de08b27707 /variables.c | |
| parent | 94a7864ee926dac6e2df5ba57eb46a235a5e7db8 (diff) | |
| download | vyatta-bash-3deb93020668276c731fe8cbb399460044bbed57.tar.gz vyatta-bash-3deb93020668276c731fe8cbb399460044bbed57.zip | |
CVE-2014-6271: Import patch by Chet Ramey.
Diffstat (limited to 'variables.c')
| -rw-r--r-- | variables.c | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/variables.c b/variables.c index d1da8f6..e5106e0 100644 --- a/variables.c +++ b/variables.c @@ -347,12 +347,10 @@ initialize_shell_variables (env, privmode) temp_string[char_index] = ' '; strcpy (temp_string + char_index + 1, string); - parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); - - /* Ancient backwards compatibility. Old versions of bash exported - functions like name()=() {...} */ - if (name[char_index - 1] == ')' && name[char_index - 2] == '(') - name[char_index - 2] = '\0'; + /* Don't import function names that are invalid identifiers from the + environment. */ + if (legal_identifier (name)) + parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); if (temp_var = find_function (name)) { @@ -361,10 +359,6 @@ initialize_shell_variables (env, privmode) } else report_error (_("error importing function definition for `%s'"), name); - - /* ( */ - if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') - name[char_index - 2] = '('; /* ) */ } #if defined (ARRAY_VARS) # if 0 |