> I was brainstorming to think of possible exploits. It looks like this is > valid syntax: > > echo normal stuff > exit 0 > any funky stuff I want > pkgver=#$#%$%%^&^...@#$$@^ } more funky stuff { > > Running bash -n on that gives 0. Now there's not necessarily anything > wrong here---unless your parser doesn't stop parsing at the exit command. > If it goes past that, then maybe exploits could be introduced, because > we wouldn't be entitled to the assumption that the rest of the code is > valid syntax. > > -- > Jim Pryor
I haven't tested that but I don't think it would be an issue. As long as it doesn't break out of the function declaration, it shoulld work and afaik, you can include "exit" inside a function. I'm not a Bash expert though, so correct me if I'm wrong.