From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 25 Sep 2014 12:24:50 +0000 (+0100)
Subject: Disable all exported shell functions
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=85bdfba1dfe1b57c56d00bb09ee8b99067e72cf7;p=bash.git

Disable all exported shell functions

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---

diff --git a/debian/patches/0001-Disable-all-exported-shell-functions.diff b/debian/patches/0001-Disable-all-exported-shell-functions.diff
new file mode 100644
index 0000000..07e9ef8
--- /dev/null
+++ b/debian/patches/0001-Disable-all-exported-shell-functions.diff
@@ -0,0 +1,27 @@
+# DP: [PATCH] Disable all exported shell functions.
+
+diff --git a/bash/variables.c b/bash/variables.c
+index 92a5a10..fe0832e 100644
+--- a/bash/variables.c
++++ b/bash/variables.c
+@@ -347,6 +347,7 @@ initialize_shell_variables (env, privmode)
+ 
+       temp_var = (SHELL_VAR *)NULL;
+ 
++#if 0 /* Disable exporting shell functions because they are mad. */
+       /* If exported function, define it now.  Don't import functions from
+ 	 the environment in privileged mode. */
+       if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
+@@ -380,6 +381,9 @@ initialize_shell_variables (env, privmode)
+ 	      report_error (_("error importing function definition for `%s'"), name);
+ 	    }
+ 	}
++#else
++      if (0) ; /* needed for syntax */
++#endif
+ #if defined (ARRAY_VARS)
+ #  if ARRAY_EXPORT
+       /* Array variables may not yet be exported. */
+-- 
+1.7.10.4
+
diff --git a/debian/patches/series.in b/debian/patches/series.in
index 0cee65c..05e18bc 100644
--- a/debian/patches/series.in
+++ b/debian/patches/series.in
@@ -62,3 +62,4 @@ exec-redirections-texi.diff
 #endif
 hardening-formatstring.diff
 unicode-escape-bug.diff
+0001-Disable-all-exported-shell-functions.diff