From 38f3ad640a2ce50cbf934db240afaab2eda2da27 Mon Sep 17 00:00:00 2001
From: Daniil Baturin <daniil@baturin.org>
Date: Thu, 25 Sep 2014 20:18:40 +0200
Subject: CVE-2014-6271: Import patch by Chet Ramey.

---
 variables.c | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

(limited to 'variables.c')

diff --git a/variables.c b/variables.c
index d1da8f6..e5106e0 100644
--- a/variables.c
+++ b/variables.c
@@ -347,12 +347,10 @@ initialize_shell_variables (env, privmode)
 	  temp_string[char_index] = ' ';
 	  strcpy (temp_string + char_index + 1, string);
 
-	  parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
-
-	  /* Ancient backwards compatibility.  Old versions of bash exported
-	     functions like name()=() {...} */
-	  if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
-	    name[char_index - 2] = '\0';
+	  /* Don't import function names that are invalid identifiers from the
+	     environment. */
+	  if (legal_identifier (name))
+	    parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
 
 	  if (temp_var = find_function (name))
 	    {
@@ -361,10 +359,6 @@ initialize_shell_variables (env, privmode)
 	    }
 	  else
 	    report_error (_("error importing function definition for `%s'"), name);
-
-	  /* ( */
-	  if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
-	    name[char_index - 2] = '(';		/* ) */
 	}
 #if defined (ARRAY_VARS)
 #  if 0
-- 
cgit v1.2.3