From 7cca93e61ab919e2126eab2bc5cf5554b491475e Mon Sep 17 00:00:00 2001
From: Jilles Tjoelker <jilles@FreeBSD.org>
Date: Sat, 8 Oct 2016 13:40:12 +0000
Subject: [PATCH] sh: Do not import IFS's value from the environment.

Per Austin group issue #884, always set IFS to $' \t\n'. As before, IFS will
be exported iff it was in the environment.

Most shells (e.g. bash, ksh93 and mksh) already did this. This change
improves predictability, in that scripts can simply rely on the default
value.

However, the effect on security is little, since applications should not be
calling the shell with attacker-controlled environment variable names in the
first place and other security-sensitive variables such as PATH should be
and are imported by the shell.

When using a new sh with an old (before 10.2) libc wordexp(), IFS is no
longer passed on. Otherwise, wordexp() continues to pass along IFS from the
environment per its documentation.

Discussed with:	pfg
Relnotes:	yes
---
 bin/sh/sh.1                      |  6 +++---
 bin/sh/tests/parameters/Makefile |  1 +
 bin/sh/tests/parameters/ifs1.0   | 10 ++++++++++
 bin/sh/var.c                     |  1 +
 4 files changed, 15 insertions(+), 3 deletions(-)
 create mode 100644 bin/sh/tests/parameters/ifs1.0

diff --git a/bin/sh/sh.1 b/bin/sh/sh.1
index 20a9dbf99521..de5481c5c0d0 100644
--- a/bin/sh/sh.1
+++ b/bin/sh/sh.1
@@ -32,7 +32,7 @@
 .\"	from: @(#)sh.1	8.6 (Berkeley) 5/4/95
 .\" $FreeBSD$
 .\"
-.Dd May 30, 2016
+.Dd October 8, 2016
 .Dt SH 1
 .Os
 .Sh NAME
@@ -1349,13 +1349,13 @@ used in tilde expansion and as a default directory for the
 built-in.
 .It Va IFS
 Input Field Separators.
-The default value is
+This is initialized at startup to
 .Aq space ,
 .Aq tab ,
 and
 .Aq newline
 in that order.
-This default also applies if
+This value also applies if
 .Va IFS
 is unset, but not if it is set to the empty string.
 See the
diff --git a/bin/sh/tests/parameters/Makefile b/bin/sh/tests/parameters/Makefile
index 28c503a1b1e7..939bd199a72b 100644
--- a/bin/sh/tests/parameters/Makefile
+++ b/bin/sh/tests/parameters/Makefile
@@ -9,6 +9,7 @@ ATF_TESTS_SH=	functional_test
 
 ${PACKAGE}FILES+=	env1.0
 ${PACKAGE}FILES+=	exitstatus1.0
+${PACKAGE}FILES+=	ifs1.0
 ${PACKAGE}FILES+=	mail1.0
 ${PACKAGE}FILES+=	mail2.0
 ${PACKAGE}FILES+=	optind1.0
diff --git a/bin/sh/tests/parameters/ifs1.0 b/bin/sh/tests/parameters/ifs1.0
new file mode 100644
index 000000000000..b93d99a8a8c7
--- /dev/null
+++ b/bin/sh/tests/parameters/ifs1.0
@@ -0,0 +1,10 @@
+# $FreeBSD$
+
+env IFS=_ ${SH} -c '
+rc=2
+nosuchtool_function() {
+	rc=0
+}
+v=nosuchtool_function
+$v && exit "$rc"
+'
diff --git a/bin/sh/var.c b/bin/sh/var.c
index 03d529b86fbc..c7834cd9d2c4 100644
--- a/bin/sh/var.c
+++ b/bin/sh/var.c
@@ -186,6 +186,7 @@ initvar(void)
 		}
 	}
 	setvareq_const("OPTIND=1", 0);
+	setvareq_const("IFS= \t\n", 0);
 }
 
 /*