From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 25 Sep 2014 12:24:50 +0000 (+0100)
Subject: Disable all exported shell functions
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=6e9ac6619f8a2a4a9ab279fe3df4ca2d55445ea4;p=bash.git

Disable all exported shell functions

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/debian/patches/0001-Disable-all-exported-shell-functions.dpatch b/debian/patches/0001-Disable-all-exported-shell-functions.dpatch
new file mode 100644
index 0000000..7f22ffd
--- /dev/null
+++ b/debian/patches/0001-Disable-all-exported-shell-functions.dpatch
@@ -0,0 +1,44 @@
+#! /bin/sh -e
+
+if [ $# -eq 3 -a "$2" = '-d' ]; then
+    pdir="-d $3"
+elif [ $# -ne 1 ]; then
+    echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+    exit 1
+fi
+case "$1" in
+    -patch) patch $pdir -f --no-backup-if-mismatch -p1 < $0;;
+    -unpatch) patch $pdir -f --no-backup-if-mismatch -R -p1 < $0;;
+    *)
+	echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+	exit 1
+esac
+exit 0
+
+# DP: [PATCH] Disable all exported shell functions.
+
+diff --git a/variables.c b/variables.c
+index 92a5a10..fe0832e 100644
+--- a/variables.c
++++ b/variables.c
+@@ -347,6 +347,7 @@ initialize_shell_variables (env, privmode)
+ 
+       temp_var = (SHELL_VAR *)NULL;
+ 
++#if 0 /* Disable exporting shell functions because they are mad. */
+       /* If exported function, define it now.  Don't import functions from
+ 	 the environment in privileged mode. */
+       if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
+@@ -380,6 +381,9 @@ initialize_shell_variables (env, privmode)
+ 	      report_error (_("error importing function definition for `%s'"), name);
+ 	    }
+ 	}
++#else
++      if (0) ; /* needed for syntax */
++#endif
+ #if defined (ARRAY_VARS)
+ #  if ARRAY_EXPORT
+       /* Array variables may not yet be exported. */
+-- 
+1.7.10.4
+
diff --git a/debian/rules b/debian/rules
index e599db7..83465b0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -523,6 +523,7 @@ debian_patches = \
 	exec-redirections-man \
 	bash-aliases-repeat \
 	builtins-declare-fix \
+	0001-Disable-all-exported-shell-functions \
 
 ifeq ($(with_gfdl),yes)
   debian_patches += \