Upstream commit:
Date: Sat, 25 Feb 2012 15:35:18 +0800
[VAR] Sanitise environment variable names on entry
On Tue, Feb 14, 2012 at 10:48:48AM +0000, harald@redhat.com wrote:
> "export -p" prints all environment variables, without checking if the
> environment variable is a valid dash variable name.
>
> IMHO, the only valid usecase for "export -p" is to eval the output.
>
> $ eval $(export -p); echo OK
> OK
>
> Without this patch the following test does error out with:
>
> test.py:
> import os
> os.environ["test-test"]="test"
> os.environ["test_test"]="test"
> os.execv("./dash", [ './dash', '-c', 'eval $(export -p); echo OK' ])
>
> $ python test.py
> ./dash: 1: export: test-test: bad variable name
>
> Of course the results can be more evil, if the environment variable
> name is crafted, that it injects valid shell code.
This patch fixes the issue by sanitising all environment variable names
upon entry into the shell.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
Date: Fri, 8 Jul 2011 16:41:24 +0800
[EVAL] Avoid using undefined handler
* src/eval.c (evalbltin, evalfun): Set savehandler before calling
setjmp with the possible "goto *done", where savehandler is used.
Otherwise, clang warns that "Assigned value is garbage or undefined"
at the point where "savehandler" is used on the RHS.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit 1:
Date: Fri, 8 Jul 2011 16:12:20 +0800
[MEMALLOC] Avoid gcc warning: variable 'oldstackp' set but not used
* src/memalloc.c (growstackblock): Remove declaration and set of
set-but-not-used variable. Also remove a stray space-before-TAB.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Upstream commit 2:
Date: Fri, 8 Jul 2011 16:16:11 +0800
[MEMALLOC] Avoid clang warning about dead store to "size"
* src/memalloc.c (makestrspace): Remove dead store.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
Author: Herbert Xu <herbert@gondor.apana.org.au>
Date: Sat Oct 6 00:45:52 2007 +0800
[MEMALLOC] Add pushstackmark
This patch gets rid of the stack mark tracking hack by allocating a little
bit of stack memory if we're at risk of planting a stack mark which may be
grown later. To do this a new function pushstackmark is added which lets
the user pick a bigger amount to allocate since some users do that anyway
after setting a stack mark.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Make o_addchr() faster: do not call o_grow_by() each time.
Create i_getch_and_eat_bkslash_nl(), use it instead of peek+getch pair.
function old new delta
o_addchr 42 54 +12
parse_dollar 761 771 +10
o_grow_by 48 37 -11
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/1 up/down: 24/-11) Total: 11 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Fixes var_unbackslash1.tests failure.
Upstream commit:
[PARSER] Handle backslash newlines properly after dollar sign
On Tue, Aug 26, 2014 at 12:34:42PM +0000, Eric Blake wrote:
> On 08/26/2014 06:15 AM, Oleg Bulatov wrote:
> > While playing with sh generators I found that dash and bash have different
> > interpretations for <slash><newline> sequence.
> >
> > $ dash -c 'EDIT=xxx; echo $EDIT\
> >> OR'
> > xxxOR
>
> Buggy.
> >
> > $ dash -c 'echo "$\
> > (pwd)"'
> > $(pwd)
> >
> > Is it undefined behaviour in POSIX?
>
> No, it's well-defined, and dash is buggy.
...
I agree. This patch should resolve this problem and similar ones
affecting blackslash newlines after we encounter a dollar sign.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
input: Allow two consecutive calls to pungetc
The commit ef91d3d6a4c39421fd3a391e02cd82f9f3aee4a8 ([PARSER]
Handle backslash newlines properly after dollar sign) created
cases where we make two consecutive calls to pungetc. As we
don't explicitly support that there are corner cases where you
end up with garbage input leading to undefined behaviour.
This patch adds explicit support for two consecutive calls to
pungetc.
Reported-by: Jilles Tjoelker <jilles@stack.nl>
Reported-by: Juergen Daubert <jue@jue.li>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
In bbox case, bashism >& may need two pungetc() too.
function old new delta
pgetc 514 555 +41
pushstring 114 144 +30
basepf 52 76 +24
popstring 134 151 +17
parse_command 1584 1585 +1
pungetc 12 9 -3
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 5/1 up/down: 113/-3) Total: 110 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
jobs: Don't attempt to access job table for job %0
If job %0 is (mistakenly) specified, an out-of-bounds access to the
jobtab occurs in function getjob() if num = 0:
jp = jobtab + 0 - 1
Fix this by checking that the job number is larger than 0 before
accessing the jobtab.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
From upstream:
[EVAL] Fix use-after-free in dotrap/evalstring
The function dotrap calls evalstring using the stored trap string.
If evalstring then unsets that exact trap string then we will end
up using freed memory.
This patch fixes it by making evalstring always duplicate the string
before using it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The original ash defered forking commands in backquotes so builtins
could be run in the same context as the shell. This behavior was
controlled using the EV_BACKCMD to evaltree.
Unfortunately, as Matthias Scheler noticed in 1999 (NetBSD PR/7814),
the result was counterintuitive; for example, echo "`cd /`" would
change the cwd. So ash 0.3.5 left out that optimization.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Backported from dash:
eval: Return status in eval functions
The exit status is currently clobbered too early for case statements
and loops. This patch fixes it by making the eval functions return
the current exit status and setting them in one place -- evaltree.
Harald van Dijk pointed out a number of bugs in the original patch.
function old new delta
evalcommand 1226 1242 +16
cmdloop 383 398 +15
evalfor 223 227 +4
evalcase 271 275 +4
localcmd 348 350 +2
evaltreenr 927 928 +1
evaltree 927 928 +1
evalsubshell 150 151 +1
evalpipe 356 357 +1
parse_command 1585 1584 -1
evalloop 177 164 -13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 9/2 up/down: 45/-14) Total: 31 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Adapted from dash.
The "homegrown" glob code is retained (ifdef'ed out).
This changes was inspired by bug 9261, which detected out-of bounds use of heap
for 2098 byte long name in the "homegrown" code. This is still not fixed...
function old new delta
expandarg 960 982 +22
static.syntax_index_table 26 25 -1
static.spec_symbls 27 26 -1
static.metachars 4 - -4
addfname 42 - -42
msort 126 - -126
expmeta 528 - -528
------------------------------------------------------------------------------
(add/remove: 0/4 grow/shrink: 1/2 up/down: 22/-702) Total: -680 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When "set -e" option is on, shell must exit when any command fails,
including compound commands of the form (compound-list) executed in a
subshell. Bash and dash shells have this behaviour.
Also add a corresponding testcase.
Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
We set all opened script fds to CLOEXEC, thus making then go away
after fork+exec.
Unfortunately, CLOFORK does not exist. NOEXEC children will still see those fds open.
For one, "ls" applet is NOEXEC. Therefore running "ls -l /proc/self/fd"
in a script from standalone shell shows this:
lrwx------ 1 root root 64 Aug 20 15:17 0 -> /dev/pts/3
lrwx------ 1 root root 64 Aug 20 15:17 1 -> /dev/pts/3
lrwx------ 1 root root 64 Aug 20 15:17 2 -> /dev/pts/3
lr-x------ 1 root root 64 Aug 20 15:17 3 -> /path/to/top/level/script
lr-x------ 1 root root 64 Aug 20 15:17 4 -> /path/to/sourced/SCRIPT1
...
with as many open fds as there are ". SCRIPTn" nest levels.
Fix it by closing these fds after fork (only for NOEXEC children).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Run this in a "sh SCRIPT":
sha256sum /dev/null
echo END
sha256sum is a NOEXEC applet. It runs in a forked child. Then child exit()s.
By this time, entire script is read, and buffered in a FILE object
from fopen("SCRIPT"). But fgetc() did not consume entire input.
exit() lseeks back by -9 bytes, from <eof> to 'e' in 'echo'.
(this may be libc-specific).
This change of fd position *is shared with the parent*!
Now parent can read more, and it thinks there is another "echo END".
End result: two "echo END"s are run.
Fix this by _exit()ing instead.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
On user request.
I thought enabling/disabling them all together is more consistent.
Evidently, some people do want them to be separately selectable.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"
text data bss dec hex filename
829901 4086 1904 835891 cc133 busybox_before
829665 4086 1904 835655 cc047 busybox
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Bash doesn't expand its $'...' construct in double quotes:
$ echo "$'a\tb'"
$'a\tb'
Change BusyBox ash to do the same. This also fixes a problem with
here documents where BusyBox ash gave an incorrect result for:
$ cat <<EOF
> '$'
> EOF
'$'
Reported-by: Timo Teras <timo.teras@iki.fi>
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
As reported in bug 8506:
$ X=abcdÉfghÍjklmnÓpqrstÚvwcyz
$ echo ${#X}
abcd26
The result should be 26.
This regression was introduced by:
<d68d1fb> 2015-05-18 [Ron Yorston] ash: code shrink around varvalue
The length in characters was being used to discard the contents of
the variable instead of the length in bytes.
URL: https://bugs.busybox.net/8506
Reported-by: Martijn Dekker <martijn@inlv.org>
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
This patch fixes compiling busybox with FEATURE_UTMP and _WTMP enabled.
musl, while not really support utmp/wtmp, provides stub functions, as well
as variables such as _PATH_UTMP, so that programs using utmp or wtmp can
still compile fine.
My reasoning for this patch is that on Exherbo, I'm currently trying to get
us to be able to use the same busybox config file for both glibc and musl
systems, using utmp/wtmp on systems that support it, and using the stubs
on musl without needing two different configs.
As of latest musl git, it provides all utmp functions needed; 1.1.12 doesn't,
but I sent a patch to Rich to add the utmp{,x}name functions expected to
exist, which was merged into musl upstream.
Signed-off-by: Kylie McClain <somasissounds@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Reported by gcc (Debian 5.3.1-4) 5.3.1 20151219
shell/ash.c: In function 'evaltree':
shell/ash.c:8432:19: warning: logical not is only applied to the left hand side of comparison
Signed-off-by: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Where the POSIX shell allows functions to be defined as:
name () compound-command [ redirections ]
bash adds the alternative syntax:
function name [()] compound-command [ redirections ]
Implement this in ash's bash compatibility mode. Most compound
commands work (for/while/until/if/case/[[]]/{}); one exception is:
function f (echo "no way!")
The other two variants work:
f() (echo "ok")
function f() (echo "also ok")
function old new delta
parse_command 1555 1744 +189
tokname_array 232 240 +8
.rodata 155612 155566 -46
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 197/-46) Total: 151 bytes
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>