fumiyas/bash-4.1-dont-import-func.patch

## bash-4.1-dont-import-func.patch
Disable function import to avoid "ShellShock" vulnerability
(CVE-2014-6271 CVE-2014-7169)

diff -upr bash-4.1/variables.c bash-4.1-dont-import-func/variables.c
--- bash-4.1/variables.c	2009-11-04 04:13:58.000000000 +0900
+++ bash-4.1-dont-import-func/variables.c	2014-09-26 19:17:28.494577523 +0900
@@ -336,55 +336,6 @@ initialize_shell_variables (env, privmod

       temp_var = (SHELL_VAR *)NULL;

-      /* If exported function, define it now.  Don't import functions from
-	 the environment in privileged mode. */
-      if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
-	{
-	  string_length = strlen (string);
-	  temp_string = (char *)xmalloc (3 + string_length + char_index);
-
-	  strcpy (temp_string, name);
-	  temp_string[char_index] = ' ';
-	  strcpy (temp_string + char_index + 1, string);
-
-	  parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST);
-
-	  /* Ancient backwards compatibility.  Old versions of bash exported
-	     functions like name()=() {...} */
-	  if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
-	    name[char_index - 2] = '\0';
-
-	  if (temp_var = find_function (name))
-	    {
-	      VSETATTR (temp_var, (att_exported|att_imported));
-	      array_needs_making = 1;
-	    }
-	  else
-	    report_error (_("error importing function definition for `%s'"), name);
-
-	  /* ( */
-	  if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
-	    name[char_index - 2] = '(';		/* ) */
-	}
-#if defined (ARRAY_VARS)
-#  if 0
-      /* Array variables may not yet be exported. */
-      else if (*string == '(' && string[1] == '[' && string[strlen (string) - 1] == ')')
-	{
-	  string_length = 1;
-	  temp_string = extract_array_assignment_list (string, &string_length);
-	  temp_var = assign_array_from_string (name, temp_string);
-	  FREE (temp_string);
-	  VSETATTR (temp_var, (att_exported | att_imported));
-	  array_needs_making = 1;
-	}
-#  endif
-#endif
-#if 0
-      else if (legal_identifier (name))
-#else
-      else
-#endif
 	{
 	  temp_var = bind_variable (name, string, 0);
 	  if (legal_identifier (name))
	Disable function import to avoid "ShellShock" vulnerability
	(CVE-2014-6271 CVE-2014-7169)

	diff -upr bash-4.1/variables.c bash-4.1-dont-import-func/variables.c
	--- bash-4.1/variables.c 2009-11-04 04:13:58.000000000 +0900
	+++ bash-4.1-dont-import-func/variables.c 2014-09-26 19:17:28.494577523 +0900
	@@ -336,55 +336,6 @@ initialize_shell_variables (env, privmod

	temp_var = (SHELL_VAR *)NULL;

	- /* If exported function, define it now. Don't import functions from
	- the environment in privileged mode. */
	- if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
	- {
	- string_length = strlen (string);
	- temp_string = (char *)xmalloc (3 + string_length + char_index);
	-
	- strcpy (temp_string, name);
	- temp_string[char_index] = ' ';
	- strcpy (temp_string + char_index + 1, string);
	-
	- parse_and_execute (temp_string, name, SEVAL_NONINT\|SEVAL_NOHIST);
	-
	- /* Ancient backwards compatibility. Old versions of bash exported
	- functions like name()=() {...} */
	- if (name[char_index - 1] == ')' && name[char_index - 2] == '(')
	- name[char_index - 2] = '\0';
	-
	- if (temp_var = find_function (name))
	- {
	- VSETATTR (temp_var, (att_exported\|att_imported));
	- array_needs_making = 1;
	- }
	- else
	- report_error (_("error importing function definition for `%s'"), name);
	-
	- /* ( */
	- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0')
	- name[char_index - 2] = '('; /* ) */
	- }
	-#if defined (ARRAY_VARS)
	-# if 0
	- /* Array variables may not yet be exported. */
	- else if (*string == '(' && string[1] == '[' && string[strlen (string) - 1] == ')')
	- {
	- string_length = 1;
	- temp_string = extract_array_assignment_list (string, &string_length);
	- temp_var = assign_array_from_string (name, temp_string);
	- FREE (temp_string);
	- VSETATTR (temp_var, (att_exported \| att_imported));
	- array_needs_making = 1;
	- }
	-# endif
	-#endif
	-#if 0
	- else if (legal_identifier (name))
	-#else
	- else
	-#endif
	{
	temp_var = bind_variable (name, string, 0);
	if (legal_identifier (name))