[thirdparty/bash.git] / tests / exportfunc.tests

#   This program is free software: you can redistribute it and/or modify
#   it under the terms of the GNU General Public License as published by
#   the Free Software Foundation, either version 3 of the License, or
#   (at your option) any later version.
#
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public License
#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
# normal operation
foo()
{
	echo exportfunc ok 1
}
export -f foo
${THIS_SH} -c foo
unset -f foo
foo-a ()
{
	echo exportfunc ok 2
}
export -f foo-a
${THIS_SH} -c 'foo-a'

# CVE-2014-6271

env -i BASH_FUNC_foo%%='() { echo cve6271 ok; } ; echo BAD' ${THIS_SH} -c foo 2>/dev/null

# CVE-2014-7169

rm -f cve7169-bad
env -i BASH_FUNC_X%%='() { (a)=>\' ${THIS_SH} -c cve7169-bad 2>/dev/null
: < cve7169-bad
rm -f cve7169-bad

echo cve7169-bad2 > $TMPDIR/bar
rm -f cve7169-bad2
eval  'X() { (a)>\' ; . ./bar 2>/dev/null
: < cve7169-bad2
rm -f cve7169-bad2 $TMPDIR/bar

# CVE-2014-7186
${THIS_SH} ./exportfunc1.sub

# CVE-2014-7187
${THIS_SH} ./exportfunc2.sub

# CVE-2014-6277

env BASH_FUNC_foo%%="() { 000(){>0;}&000(){ 0;}<<0 0" ${THIS_SH} -c foo 2>/dev/null
env BASH_FUNC_foo%%="() { 000(){>0;}&000(){ 0;}<<`perl -e '{print "A"x100000}'` 0" ${THIS_SH} -c foo 2>/dev/null
${THIS_SH} -c "f(){ x(){ _;}; x(){ _;}<<a;}" 2>/dev/null

# CVE-2014-6278

env 'BASH_FUNC_FOO%%=() { 0;}>r[0${$(}0 {>"$(id >/dev/tty)"; }' ${THIS_SH} -c : 2>/dev/null

rm -f HELLO_WORLD
env BASH_FUNC_FOO%%='() { 0;}>r[0${$(}0 {>HELLO_WORLD; }' ${THIS_SH} -c : 2>/dev/null
: < HELLO_WORLD

env BASH_FUNC_x%%='() { _;}>_[$($())] { echo vuln;}' ${THIS_SH} -c : 2>/dev/null

env -i BASH_FUNC_x%%='() { _; } >_[${ $() }] { id; }' ${THIS_SH} -c : 2>/dev/null

env BASH_FUNC_x%%=$'() { _;}>_[$($())]\n{ echo vuln;}' ${THIS_SH} -c : 2>/dev/null
eval 'x() { _;}>_[$($())] { echo vuln;}' 2>/dev/null

eval 'foo() { _; } >_[${ $() }] ;{ echo eval ok; }'

# other tests fixed in bash43-030 concerning function name transformation
env $'BASH_FUNC_\nfoo%%=() { echo transform-1; }' ${THIS_SH} -c foo 2>/dev/null
env $'BASH_FUNC_foo\n%%=() { echo transform-2; }' ${THIS_SH} -c foo 2>/dev/null
env $'BASH_FUNC_  foo  %%=() { echo transform-3; }' ${THIS_SH} -c foo 2>/dev/null

unset -f foo
env $'BASH_FUNC_#badname%%'=$'() { :; }\nfoo () { echo transform-4; }  ' ${THIS_SH} -c 'foo' 2>/dev/null

# tests of exported names
${THIS_SH} ./exportfunc3.sub
Commit	Line	Data
8868edaf CR	1	# This program is free software: you can redistribute it and/or modify
	2	# it under the terms of the GNU General Public License as published by
	3	# the Free Software Foundation, either version 3 of the License, or
	4	# (at your option) any later version.
	5	#
	6	# This program is distributed in the hope that it will be useful,
	7	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	8	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	9	# GNU General Public License for more details.
	10	#
	11	# You should have received a copy of the GNU General Public License
	12	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	13	#
a0c0a00f CR	14	# normal operation
	15	foo()
	16	{
	17	echo exportfunc ok 1
	18	}
	19	export -f foo
	20	${THIS_SH} -c foo
	21	unset -f foo
	22	foo-a ()
	23	{
	24	echo exportfunc ok 2
	25	}
	26	export -f foo-a
	27	${THIS_SH} -c 'foo-a'
	28
	29	# CVE-2014-6271
	30
	31	env -i BASH_FUNC_foo%%='() { echo cve6271 ok; } ; echo BAD' ${THIS_SH} -c foo 2>/dev/null
	32
	33	# CVE-2014-7169
	34
	35	rm -f cve7169-bad
	36	env -i BASH_FUNC_X%%='() { (a)=>\' ${THIS_SH} -c cve7169-bad 2>/dev/null
	37	: < cve7169-bad
	38	rm -f cve7169-bad
	39
	40	echo cve7169-bad2 > $TMPDIR/bar
	41	rm -f cve7169-bad2
	42	eval 'X() { (a)>\' ; . ./bar 2>/dev/null
	43	: < cve7169-bad2
	44	rm -f cve7169-bad2 $TMPDIR/bar
	45
	46	# CVE-2014-7186
	47	${THIS_SH} ./exportfunc1.sub
	48
	49	# CVE-2014-7187
	50	${THIS_SH} ./exportfunc2.sub
	51
	52	# CVE-2014-6277
	53
	54	env BASH_FUNC_foo%%="() { 000(){>0;}&000(){ 0;}<<0 0" ${THIS_SH} -c foo 2>/dev/null
	55	env BASH_FUNC_foo%%="() { 000(){>0;}&000(){ 0;}<<`perl -e '{print "A"x100000}'` 0" ${THIS_SH} -c foo 2>/dev/null
	56	${THIS_SH} -c "f(){ x(){ _;}; x(){ _;}<<a;}" 2>/dev/null
	57
	58	# CVE-2014-6278
	59
	60	env 'BASH_FUNC_FOO%%=() { 0;}>r[0${$(}0 {>"$(id >/dev/tty)"; }' ${THIS_SH} -c : 2>/dev/null
	61
	62	rm -f HELLO_WORLD
	63	env BASH_FUNC_FOO%%='() { 0;}>r[0${$(}0 {>HELLO_WORLD; }' ${THIS_SH} -c : 2>/dev/null
	64	: < HELLO_WORLD
	65
	66	env BASH_FUNC_x%%='() { _;}>_[$($())] { echo vuln;}' ${THIS_SH} -c : 2>/dev/null
	67
	68	env -i BASH_FUNC_x%%='() { _; } >_[${ $() }] { id; }' ${THIS_SH} -c : 2>/dev/null
	69
	70	env BASH_FUNC_x%%=$'() { _;}>_[$($())]\n{ echo vuln;}' ${THIS_SH} -c : 2>/dev/null
	71	eval 'x() { _;}>_[$($())] { echo vuln;}' 2>/dev/null
	72
	73	eval 'foo() { _; } >_[${ $() }] ;{ echo eval ok; }'
	74
	75	# other tests fixed in bash43-030 concerning function name transformation
	76	env $'BASH_FUNC_\nfoo%%=() { echo transform-1; }' ${THIS_SH} -c foo 2>/dev/null
	77	env $'BASH_FUNC_foo\n%%=() { echo transform-2; }' ${THIS_SH} -c foo 2>/dev/null
78	env $'BASH_FUNC_ foo %%=() { echo transform-3; }' ${THIS_SH} -c foo 2>/dev/null
79
80	unset -f foo
81	env $'BASH_FUNC_#badname%%'=$'() { :; }\nfoo () { echo transform-4; } ' ${THIS_SH} -c 'foo' 2>/dev/null
82
83	# tests of exported names
84	${THIS_SH} ./exportfunc3.sub