Sample reproducer:

#!/bin/ksh
trap exit INT
while :
do
value=`echo a`
done

The suggested workaround at https://bugzilla.redhat.com/show_bug.cgi?id=1460940#c26 most likely would still fail for the reproducer above, or, still crash for the original crash with reproducer:

#!/bin/ksh
f()
{(
trap "" HUP
)}
trap "" HUP
while [ 1 ] ; do
f
done

from https://bugzilla.redhat.com/show_bug.cgi?id=1117404

There is no easy approach as strings can come from anywhere, and a blind removal of the if(mode) line in the chunk below

void sh_sigreset(register int mode)
{
register char *trap;
register int flag, sig=sh.st.trapmax;
while(sig-- > 0)
{
if(trap=sh.st.trapcom[sig])
{
flag = sh.sigflag[sig]&~(SH_SIGTRAP|SH_SIGSET);
if(*trap)
{
if(mode)
free(trap);
sh.st.trapcom[sig] = 0;

would cause segfaults as frequently the strings are shared or from static data, the most common case is src/cmd/ksh93/sh/name.c:

#define Empty ((char*)(e_sptbnl+3))

 
There might different alternatives. A possible solution is a hack, specific to this condition would be to have a hash table that would never release string points, and in the ksh-20120801-trapcom.patch patch use this hash table, so, unless one creates a very specific reproducer to eval different strings, any leak would be minimal, and only the hash table and the trap string.