Blame SOURCES/bash-4.4-cve-2019-9924.patch

462fb2
diff --git a/variables.c b/variables.c
462fb2
--- a/variables.c
462fb2
+++ b/variables.c
462fb2
@@ -1578,6 +1578,28 @@ assign_hashcmd (self, value, ind, key)
462fb2
      arrayind_t ind;
462fb2
      char *key;
462fb2
 {
462fb2
+#if defined (RESTRICTED_SHELL)
462fb2
+  char *full_path;
462fb2
+
462fb2
+  if (restricted)
462fb2
+    {
462fb2
+      if (strchr (value, '/'))
462fb2
+	{
462fb2
+	  sh_restricted (value);
462fb2
+	  return (SHELL_VAR *)NULL;
462fb2
+	}
462fb2
+      /* If we are changing the hash table in a restricted shell, make sure the
462fb2
+	 target pathname can be found using a $PATH search. */
462fb2
+      full_path = find_user_command (value);
462fb2
+      if (full_path == 0 || *full_path == 0 || executable_file (full_path) == 0)
462fb2
+	{
462fb2
+	  sh_notfound (value);
462fb2
+	  free (full_path);
462fb2
+	  return ((SHELL_VAR *)NULL);
462fb2
+	}
462fb2
+      free (full_path);
462fb2
+    }
462fb2
+#endif
462fb2
   phash_insert (key, value, 0, 0);
462fb2
   return (build_hashcmd (self));
462fb2
 }