Forking workaround for converting to associative array in subshell

$ arch/*/bin/ksh -xc 'typeset -a a=(1 2 3); \
  (typeset -A a; typeset -p a); typeset -p a'
typeset -A a=()
typeset -a a=(1 2 3)

The associative array in the subshell is empty, so the conversion
failed. So far, I have been unsuccessful at fixing this in the
array and/or virtual subshell code (a patch that fixes it there
would still be more than welcome).

As usual, real subshells work correctly, so this commit adds
another forking workaround. The use case is rare and specific
enough that I have no performance concerns.

src/cmd/ksh93/bltins/typeset.c: setall():
- Fork a virtual subshell if we're actually converting a variable
  to an associative array, i.e.: the NV_ARRAY (-A, associative
  array) attribute was passed, there are no assignments (sh.envlist
  is NULL), and the variable is not unset.

src/cmd/ksh93/tests/arith.sh:
- Fix the "Array subscript quoting test" tests that should not have
  been passing and that correctly failed after this fix; they used
  'typeset -A' without an assignment in a subshell, assuming it was
  unset in the parent shell, which it wasn't.

Resolves: https://github.com/ksh93/ksh/issues/409

NEWS

@@ -3,6 +3,11 @@ For full details, see the git log at: https://github.com/ksh93/ksh/tree/1.0
 
 Any uppercase BUG_* names are modernish shell bug IDs.
 
+2022-06-15:
+
+- Fixed a bug where converting an indexed array into an associative array in
+  a subshell failed, resulting in an empty associative array.
+
 2022-06-13:
 
 - Trapping a signal that is not a pseudosignal will now cause a virtual

src/cmd/ksh93/bltins/typeset.c

@@ -824,13 +824,15 @@ static int     setall(char **argv,register int flag,Dt_t *troot,struct tdata *tp
 			}
 			if(troot==sh.var_tree)
 			{
-				if(sh.subshell)
+				if(sh.subshell && !sh.subshare)
 				{
 					/*
 					 * Create local scope for virtual subshell. Variables with discipline functions
 					 * (LC_*, LINENO, etc.) need to be cloned, as moving them will remove the discipline.
 					 */
-					if(!nv_isattr(np,NV_NODISC|NV_ARRAY) && !nv_isvtree(np))
+					if((flag&NV_ARRAY) && !sh.envlist && !nv_isnull(np))
+						sh_subfork();	/* work around https://github.com/ksh93/ksh/issues/409 */
+					else if(!nv_isattr(np,NV_NODISC|NV_ARRAY) && !nv_isvtree(np))
 						np=sh_assignok(np,2);
 					else
 						np=sh_assignok(np,0);

src/cmd/ksh93/include/version.h

@@ -23,7 +23,7 @@
 
 #define SH_RELEASE_FORK	"93u+m"		/* only change if you develop a new ksh93 fork */
 #define SH_RELEASE_SVER	"1.0.0-beta.2"	/* semantic version number: https://semver.org */
-#define SH_RELEASE_DATE	"2022-06-13"	/* must be in this format for $((.sh.version)) */
+#define SH_RELEASE_DATE	"2022-06-15"	/* must be in this format for $((.sh.version)) */
 #define SH_RELEASE_CPYR	"(c) 2020-2022 Contributors to ksh " SH_RELEASE_FORK
 
 /* Scripts sometimes field-split ${.sh.version}, so don't change amount of whitespace. */

src/cmd/ksh93/tests/arith.sh

@@ -795,6 +795,7 @@ v=$(printf $'%.28a\n' 64)
 # ======
 # Arbitrary command execution vulnerability in array subscripts in arithmetic expressions
 # https://github.com/ksh93/ksh/issues/152
+unset a
 
 exp='array_test_1: 1$(echo INJECTION >&2): arithmetic syntax error'
 got=$(set +x; var='1$(echo INJECTION >&2)' "$SHELL" -c 'typeset -a a; ((a[$var]++)); typeset -p a' array_test_1 2>&1)

src/cmd/ksh93/tests/arrays.sh

@@ -823,5 +823,12 @@ got=$(typeset -p foo)
 # Regression test for 'typeset -a' from ksh93v- 2013-04-02
 "$SHELL" -c 'a=(foo bar); [[ $(typeset -a) == *"a=("*")"* ]]' || err_exit "'typeset -a' doesn't work correctly"
 
+# ======
+# https://github.com/ksh93/ksh/issues/409
+got=$(typeset -a a=(1 2 3); (typeset -A a; typeset -p a); typeset -p a)
+exp=$'typeset -A a=([0]=1 [1]=2 [2]=3)\ntypeset -a a=(1 2 3)'
+[[ $got == "$exp" ]] || err_exit 'conversion of indexed array to associative fails in subshell' \
+	"(expected $(printf %q "$exp"), got $(printf %q "$got"))"
+
 # ======
 exit $((Errors<125?Errors:125))