BASH PATCH REPORT
			     =================

Bash-Release: 3.0
Patch-ID: bash30-017

Bug-Reported-by:	Stephane Chazelas <stephane.chazelas@gmail.com>
Bug-Reference-ID:
Bug-Reference-URL:

Bug-Description:

Under certain circumstances, bash will execute user code while processing the
environment for exported function definitions.

Patch:

*** ../bash-3.0.16/builtins/common.h	2004-04-23 16:51:00.000000000 -0400
--- builtins/common.h	2014-09-16 21:57:03.000000000 -0400
***************
*** 34,37 ****
--- 34,39 ----
  
  /* Flags for describe_command, shared between type.def and command.def */
+ #define SEVAL_FUNCDEF	0x080		/* only allow function definitions */
+ #define SEVAL_ONECMD	0x100		/* only allow a single command */
  #define CDESC_ALL		0x001	/* type -a */
  #define CDESC_SHORTDESC		0x002	/* command -V */
*** ../bash-3.0.16/builtins/evalstring.c	2003-06-03 13:53:12.000000000 -0400
--- builtins/evalstring.c	2014-09-16 21:57:03.000000000 -0400
***************
*** 220,223 ****
--- 220,231 ----
  	      struct fd_bitmap *bitmap;
  
+ 	      if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def)
+ 		{
+ 		  internal_warning ("%s: ignoring function definition attempt", from_file);
+ 		  should_jump_to_top_level = 0;
+ 		  last_result = last_command_exit_value = EX_BADUSAGE;
+ 		  break;
+ 		}
+ 
  	      bitmap = new_fd_bitmap (FD_BITMAP_SIZE);
  	      begin_unwind_frame ("pe_dispose");
***************
*** 271,274 ****
--- 279,285 ----
  	      dispose_fd_bitmap (bitmap);
  	      discard_unwind_frame ("pe_dispose");
+ 
+ 	      if (flags & SEVAL_ONECMD)
+ 		break;
  	    }
  	}
*** ../bash-3.0.16/variables.c	2004-09-08 11:07:44.000000000 -0400
--- variables.c	2014-09-16 21:57:03.000000000 -0400
***************
*** 299,308 ****
  	  strcpy (temp_string + char_index + 1, string);
  
! 	  parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
! 
! 	  /* Ancient backwards compatibility.  Old versions of bash exported
! 	     functions like name()=() {...} */
! 	  if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
! 	    name[char_index - 2] = '\0';
  
  	  if (temp_var = find_function (name))
--- 299,306 ----
  	  strcpy (temp_string + char_index + 1, string);
  
! 	  /* Don't import function names that are invalid identifiers from the
! 	     environment. */
! 	  if (legal_identifier (name))
! 	    parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
  
  	  if (temp_var = find_function (name))
***************
*** 313,320 ****
  	  else
  	    report_error (_("error importing function definition for `%s'"), name);
- 
- 	  /* ( */
- 	  if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
- 	    name[char_index - 2] = '(';		/* ) */
  	}
  #if defined (ARRAY_VARS)
--- 311,314 ----

*** ../bash-3.0/patchlevel.h	Wed Aug 22 08:05:39 2001
--- patchlevel.h	Thu Sep  2 15:04:32 2004
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 16
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 17
  
  #endif /* _PATCHLEVEL_H_ */