Blame SOURCES/bash-4.4-cve-2019-9924.patch
|
|
a57616 |
diff --git a/variables.c b/variables.c
|
|
|
a57616 |
--- a/variables.c
|
|
|
a57616 |
+++ b/variables.c
|
|
|
a57616 |
@@ -1578,6 +1578,28 @@ assign_hashcmd (self, value, ind, key)
|
|
|
a57616 |
arrayind_t ind;
|
|
|
a57616 |
char *key;
|
|
|
a57616 |
{
|
|
|
a57616 |
+#if defined (RESTRICTED_SHELL)
|
|
|
a57616 |
+ char *full_path;
|
|
|
a57616 |
+
|
|
|
a57616 |
+ if (restricted)
|
|
|
a57616 |
+ {
|
|
|
a57616 |
+ if (strchr (value, '/'))
|
|
|
a57616 |
+ {
|
|
|
a57616 |
+ sh_restricted (value);
|
|
|
a57616 |
+ return (SHELL_VAR *)NULL;
|
|
|
a57616 |
+ }
|
|
|
a57616 |
+ /* If we are changing the hash table in a restricted shell, make sure the
|
|
|
a57616 |
+ target pathname can be found using a $PATH search. */
|
|
|
a57616 |
+ full_path = find_user_command (value);
|
|
|
a57616 |
+ if (full_path == 0 || *full_path == 0 || executable_file (full_path) == 0)
|
|
|
a57616 |
+ {
|
|
|
a57616 |
+ sh_notfound (value);
|
|
|
a57616 |
+ free (full_path);
|
|
|
a57616 |
+ return ((SHELL_VAR *)NULL);
|
|
|
a57616 |
+ }
|
|
|
a57616 |
+ free (full_path);
|
|
|
a57616 |
+ }
|
|
|
a57616 |
+#endif
|
|
|
a57616 |
phash_insert (key, value, 0, 0);
|
|
|
a57616 |
return (build_hashcmd (self));
|
|
|
a57616 |
}
|