From 8f93c11473636f9f7408e3b40c17fcf83bac66d9 Mon Sep 17 00:00:00 2001
From: Bryan Drewery <bdrewery@FreeBSD.org>
Date: Fri, 26 Sep 2014 20:33:23 +0000
Subject: Disable function importing from the environment by default.  This can
 be enabled by using --import-functions or enabling the IMPORTFUNCTIONS
 option.

This removes the risk of further parser bugs leading to code execution, as
well as the risk to setuid scripts and poorly written applications that
do not cleanse their environment [1][2].

Also note that there is an unofficial 4.3.26 floating around that has not yet
been officially released.  r369261 covers the change in 4.3.26.

See also:
  http://seclists.org/oss-sec/2014/q3/747 [1]
  http://seclists.org/oss-sec/2014/q3/746 [2]
  http://seclists.org/oss-sec/2014/q3/755 [3]

Obtained from:	NetBSD (based on) [3]
PR:		193932
Reviewed by:	Eric Vangyzen
With hat:	portmgr
---
 shells/bash/files/extrapatch-import-functions | 43 +++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 shells/bash/files/extrapatch-import-functions

(limited to 'shells/bash/files/extrapatch-import-functions')

diff --git a/shells/bash/files/extrapatch-import-functions b/shells/bash/files/extrapatch-import-functions
new file mode 100644
index 000000000000..ad052c7ad7fa
--- /dev/null
+++ b/shells/bash/files/extrapatch-import-functions
@@ -0,0 +1,43 @@
+Based on christos@NetBSD's patch
+
+--- shell.c.christos    2014-01-14 08:04:32.000000000 -0500
++++ shell.c     2014-09-25 16:11:51.000000000 -0400
+@@ -229,6 +229,7 @@
+ #else
+ int posixly_correct = 0;       /* Non-zero means posix.2 superset. */
+ #endif
++int import_functions = IMPORT_FUNCTIONS_DEF;      /* Import functions from environment */
+ 
+ /* Some long-winded argument names.  These are obviously new. */
+ #define Int 1
+@@ -248,6 +249,7 @@
+   { "help", Int, &want_initial_help, (char **)0x0 },
+   { "init-file", Charp, (int *)0x0, &bashrc_file },
+   { "login", Int, &make_login_shell, (char **)0x0 },
++  { "import-functions", Int, &import_functions, (char **)0x0 },
+   { "noediting", Int, &no_line_editing, (char **)0x0 },
+   { "noprofile", Int, &no_profile, (char **)0x0 },
+   { "norc", Int, &no_rc, (char **)0x0 },
+
+$NetBSD: patch-variables.c,v 1.1 2014/09/25 20:28:32 christos Exp $
+
+Only read functions from environment if flag is set.
+--- variables.c.christos        2014-09-25 16:09:41.000000000 -0400
++++ variables.c 2014-09-25 16:12:10.000000000 -0400
+@@ -105,6 +105,7 @@
+ extern int assigning_in_environment;
+ extern int executing_builtin;
+ extern int funcnest_max;
++extern int import_functions;
+ 
+ #if defined (READLINE)
+ extern int no_line_editing;
+@@ -349,7 +350,7 @@ initialize_shell_variables (env, privmod
+ 
+       /* If exported function, define it now.  Don't import functions from
+ 	 the environment in privileged mode. */
+-      if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
++      if (import_functions && privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
+ 	{
+ 	  string_length = strlen (string);
+ 	  temp_string = (char *)xmalloc (3 + string_length + char_index);
-- 
cgit v1.2.3