Disable shell() inside an eval("...") for safety.

Based on email from Tim Chase.

man/remind.1.in

@@ -3539,6 +3539,10 @@ The result will be "F is 12" because the reference to \fIx\fR inside the
 \fBeval()\fR argument refers to the \fIglobal\fR variable \fIx\fR and
 not the function argument.
 .PP
+Note that for safety, \fBRUN\fR is disabled during the evaluation of
+\fBeval()\fR, which means you can't use the \fBshell()\fR function from
+within an \fBeval()\fR.
+.PP
 .RE
 .TP
 .B evaltrig(s_trigger [,dq_start])

src/funcs.c

@@ -4003,7 +4003,10 @@ FEval(func_info *info)
         return r;
     }
 
+    /* Disable shell() command in eval */
+    RunDisabled |= RUN_IN_EVAL;
     r = evaluate_expr_node(n, NULL, &(info->retval), &(info->nonconst));
+    RunDisabled &= ~RUN_IN_EVAL;
     free_expr_tree(n);
     return r;
 }

src/types.h

@@ -252,6 +252,7 @@ typedef struct {
 #define RUN_CMDLINE  0x01
 #define RUN_SCRIPT   0x02
 #define RUN_NOTOWNER 0x04
+#define RUN_IN_EVAL  0x08
 
 /* Flags for the SimpleCalendar format */
 #define SC_AMPM   0   /* Time shown as 3:00am, etc. */

tests/test.cmp

@@ -16514,10 +16514,39 @@ catch(*Division by zero*, 34) => 34
 set a catch(eval("1 / / 2"), 35)
 eval("1 / / 2") => Illegal character
 catch(*Illegal character*, 35) => 35
+
+# Ensure RUN is disabled in eval
+set a shell("echo foo")
+shell("echo foo") => "foo"
+set a eval("shell(\"echo foo\")")
+eval("shell(\"echo foo\")") => shell("echo foo") => RUN disabled
+../tests/test.rem(1578): shell(): RUN disabled
+RUN disabled
+set a shell("echo foo")
+shell("echo foo") => "foo"
+
+FSET i() shell("echo foo")
+set a i()
+Entering UserFN i()
+shell("echo foo") => "foo"
+Leaving UserFN i() => "foo"
+set a eval("i()")
+eval("i()") => Entering UserFN i()
+shell("echo foo") => RUN disabled
+../tests/test.rem(1583): shell(): RUN disabled
+    ../tests/test.rem(1581): [#0] In function `i'
+Leaving UserFN i() => RUN disabled
+RUN disabled
+set a i()
+Entering UserFN i()
+shell("echo foo") => "foo"
+Leaving UserFN i() => "foo"
+FUNSET i
+
 DEBUG -x
 
 DEBUG -e
-../tests/test.rem(1581): eval(): Too many recursive function calls
+../tests/test.rem(1593): eval(): Too many recursive function calls
 Base: 1991-02-09
 Base: 1991-02-09
 Variable hash table statistics:

tests/test.rem

@@ -1572,6 +1572,18 @@ set a eval("1 / / 2")
 set a catch(eval("1 +"), 33)
 set a catch(eval("1/0"), 34)
 set a catch(eval("1 / / 2"), 35)
+
+# Ensure RUN is disabled in eval
+set a shell("echo foo")
+set a eval("shell(\"echo foo\")")
+set a shell("echo foo")
+
+FSET i() shell("echo foo")
+set a i()
+set a eval("i()")
+set a i()
+FUNSET i
+
 DEBUG -x
 
 DEBUG -e