On Thu, May 19, 2016 at 11:05 AM, Chet Ramey <chet.ramey@case.edu> wrote:
> * The %s_PID variable is unbound unconditionally
>
> BTW, this is exploitable for unsetting read-only variables.
Same change as for getopts.
This should probably instead be the same change as was previously done for unsetting the FD array variable, i.e.:
diff --git a/execute_cmd.c b/execute_cmd.c
index 09f4772..e9a0b9d 100644
@@ -2239,7 +2239,7 @@ coproc_unsetvars (cp)
namevar = xmalloc (l + 16);
sprintf (namevar, "%s_PID", cp->c_name);
- unbind_variable_noref (namevar);
+ check_unbind_variable (namevar);
#if defined (ARRAY_VARS)
check_unbind_variable (cp->c_name);
Otherwise the wrong thing gets unset:
$ declare -n ref_PID=var; coproc ref { :; }; wait; declare -p ref_PID var
[1] 50943
[1]+ Done coproc ref { :; }
bash: declare: ref_PID: not found
declare -- var="50943"