Upstream commit:
Date: Sat, 25 Feb 2012 15:35:18 +0800
[VAR] Sanitise environment variable names on entry
On Tue, Feb 14, 2012 at 10:48:48AM +0000, harald@redhat.com wrote:
> "export -p" prints all environment variables, without checking if the
> environment variable is a valid dash variable name.
>
> IMHO, the only valid usecase for "export -p" is to eval the output.
>
> $ eval $(export -p); echo OK
> OK
>
> Without this patch the following test does error out with:
>
> test.py:
> import os
> os.environ["test-test"]="test"
> os.environ["test_test"]="test"
> os.execv("./dash", [ './dash', '-c', 'eval $(export -p); echo OK' ])
>
> $ python test.py
> ./dash: 1: export: test-test: bad variable name
>
> Of course the results can be more evil, if the environment variable
> name is crafted, that it injects valid shell code.
This patch fixes the issue by sanitising all environment variable names
upon entry into the shell.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
Date: Fri, 8 Jul 2011 16:41:24 +0800
[EVAL] Avoid using undefined handler
* src/eval.c (evalbltin, evalfun): Set savehandler before calling
setjmp with the possible "goto *done", where savehandler is used.
Otherwise, clang warns that "Assigned value is garbage or undefined"
at the point where "savehandler" is used on the RHS.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit 1:
Date: Fri, 8 Jul 2011 16:12:20 +0800
[MEMALLOC] Avoid gcc warning: variable 'oldstackp' set but not used
* src/memalloc.c (growstackblock): Remove declaration and set of
set-but-not-used variable. Also remove a stray space-before-TAB.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Upstream commit 2:
Date: Fri, 8 Jul 2011 16:16:11 +0800
[MEMALLOC] Avoid clang warning about dead store to "size"
* src/memalloc.c (makestrspace): Remove dead store.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
Author: Herbert Xu <herbert@gondor.apana.org.au>
Date: Sat Oct 6 00:45:52 2007 +0800
[MEMALLOC] Add pushstackmark
This patch gets rid of the stack mark tracking hack by allocating a little
bit of stack memory if we're at risk of planting a stack mark which may be
grown later. To do this a new function pushstackmark is added which lets
the user pick a bigger amount to allocate since some users do that anyway
after setting a stack mark.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Make o_addchr() faster: do not call o_grow_by() each time.
Create i_getch_and_eat_bkslash_nl(), use it instead of peek+getch pair.
function old new delta
o_addchr 42 54 +12
parse_dollar 761 771 +10
o_grow_by 48 37 -11
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/1 up/down: 24/-11) Total: 11 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Fixes var_unbackslash1.tests failure.
Upstream commit:
[PARSER] Handle backslash newlines properly after dollar sign
On Tue, Aug 26, 2014 at 12:34:42PM +0000, Eric Blake wrote:
> On 08/26/2014 06:15 AM, Oleg Bulatov wrote:
> > While playing with sh generators I found that dash and bash have different
> > interpretations for <slash><newline> sequence.
> >
> > $ dash -c 'EDIT=xxx; echo $EDIT\
> >> OR'
> > xxxOR
>
> Buggy.
> >
> > $ dash -c 'echo "$\
> > (pwd)"'
> > $(pwd)
> >
> > Is it undefined behaviour in POSIX?
>
> No, it's well-defined, and dash is buggy.
...
I agree. This patch should resolve this problem and similar ones
affecting blackslash newlines after we encounter a dollar sign.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
input: Allow two consecutive calls to pungetc
The commit ef91d3d6a4c39421fd3a391e02cd82f9f3aee4a8 ([PARSER]
Handle backslash newlines properly after dollar sign) created
cases where we make two consecutive calls to pungetc. As we
don't explicitly support that there are corner cases where you
end up with garbage input leading to undefined behaviour.
This patch adds explicit support for two consecutive calls to
pungetc.
Reported-by: Jilles Tjoelker <jilles@stack.nl>
Reported-by: Juergen Daubert <jue@jue.li>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
In bbox case, bashism >& may need two pungetc() too.
function old new delta
pgetc 514 555 +41
pushstring 114 144 +30
basepf 52 76 +24
popstring 134 151 +17
parse_command 1584 1585 +1
pungetc 12 9 -3
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 5/1 up/down: 113/-3) Total: 110 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
jobs: Don't attempt to access job table for job %0
If job %0 is (mistakenly) specified, an out-of-bounds access to the
jobtab occurs in function getjob() if num = 0:
jp = jobtab + 0 - 1
Fix this by checking that the job number is larger than 0 before
accessing the jobtab.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
From upstream:
[EVAL] Fix use-after-free in dotrap/evalstring
The function dotrap calls evalstring using the stored trap string.
If evalstring then unsets that exact trap string then we will end
up using freed memory.
This patch fixes it by making evalstring always duplicate the string
before using it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The original ash defered forking commands in backquotes so builtins
could be run in the same context as the shell. This behavior was
controlled using the EV_BACKCMD to evaltree.
Unfortunately, as Matthias Scheler noticed in 1999 (NetBSD PR/7814),
the result was counterintuitive; for example, echo "`cd /`" would
change the cwd. So ash 0.3.5 left out that optimization.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Backported from dash:
eval: Return status in eval functions
The exit status is currently clobbered too early for case statements
and loops. This patch fixes it by making the eval functions return
the current exit status and setting them in one place -- evaltree.
Harald van Dijk pointed out a number of bugs in the original patch.
function old new delta
evalcommand 1226 1242 +16
cmdloop 383 398 +15
evalfor 223 227 +4
evalcase 271 275 +4
localcmd 348 350 +2
evaltreenr 927 928 +1
evaltree 927 928 +1
evalsubshell 150 151 +1
evalpipe 356 357 +1
parse_command 1585 1584 -1
evalloop 177 164 -13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 9/2 up/down: 45/-14) Total: 31 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Remove FEATURE_TRACEROUTE_SOURCE_ROUTE: it's off by default, and
source routing is not used in real world.
Tested that "traceroute -n ::1 100" and "traceroute -n 127.0.0.1 100"
both send 100 byte IP packets (this matches what traceroute on Fedora
Rawhide is doing).
function old new delta
common_traceroute_main 3731 3738 +7
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The '' command in vi doesn't currently work because after the first
apostrophe is read, the next character is converted to an integer
between 0 and 25 inclusive (for indexing the array of marks). The
comparison of the converted character with an apostrophe therefore never
succeeds, meaning that '' doesn't do anything.
Based on the patch by Francis Rounds <francis.rounds@4bridgeworks.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This makes it possible to use scoped IPv6 addresses:
mount -t cifs -o ip=<ADDR>%<iface_id> //<ADDR>/test test
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Gives "mount -t cifs //fe80::6a05:caff:fe3e:dbf5%eth0/test test"
a chance to work: mount must pass "ip=numeric_IPv6%numeric_iface_id"
in the omunt option string. Currently, it does not.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Instead of complaining that my authorship of the rewrite of
the mdev to use /sys/dev is totally gone from the git history
I bravely take credit by adding myself to the AUTHORS file
instead, he he.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Adapted from dash.
The "homegrown" glob code is retained (ifdef'ed out).
This changes was inspired by bug 9261, which detected out-of bounds use of heap
for 2098 byte long name in the "homegrown" code. This is still not fixed...
function old new delta
expandarg 960 982 +22
static.syntax_index_table 26 25 -1
static.spec_symbls 27 26 -1
static.metachars 4 - -4
addfname 42 - -42
msort 126 - -126
expmeta 528 - -528
------------------------------------------------------------------------------
(add/remove: 0/4 grow/shrink: 1/2 up/down: 22/-702) Total: -680 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
User report:
or our board we setup eth0:0 on a 10.10.10.x/29 netwrok.
The problem is ip addr flush dev eth0:0 removes all ip addresses from
eth0. You can see this if you run
ip -stat -stat addr flush dev eth0:0
2: eth0 inet 172.27.105.10/22 brd 172.27.107.255 scope global eth0
valid_lft forever preferred_lft forever
2: eth0 inet 10.10.10.9/29 scope global eth0:0
valid_lft forever preferred_lft forever
2: eth0 inet6 fe80::a2f6:fdff:fe18:2b13/64 scope link
valid_lft forever preferred_lft forever
*** Round 1, deleting 3 addresses ***
*** Flush is complete after 1 round ***
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
A padding to align a message should not only be added between
different attributes of a netlink message, but also at the end of the
message to pad it to the correct size.
Without this patch the following command does not work and returns an
error code:
ip link add type nlmon
Without this ip from busybox sends this:
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
msg_namelen=12, msg_iov=[{iov_base={{len=45, ...},
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon"}, iov_len=45}],
msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 45
return value: 2
The normal ip utile from iproute2 sends this:
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0
With this patch ip from busybox sends this:
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When "set -e" option is on, shell must exit when any command fails,
including compound commands of the form (compound-list) executed in a
subshell. Bash and dash shells have this behaviour.
Also add a corresponding testcase.
Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When using svlogd's processor functionality to run arbitrary commands
on log rotation, the line in the config is executed verbatim, i.e. the
exclamation mark is included.
For example, if the config file contains:
s100
!cat
then when it's time to rotate the log files after each 100 bytes, sh -c
"!cat" will be run, instead of sh -c "cat" as intended. The result is
svlogd logging
/bin/bash: !cat: command not found
svlogd: warning: processor failed, restart: /tmp/svlogd/
over and over again as it keeps attempting to execute the processor and
failing (unless you happen to have a "!cat" binary around :)).
Skipping the exclamation mark when performing the wstrdup() fixes the
issue.
Signed-off-by: Francis Rounds <francis.rounds@4bridgeworks.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
On some systems like Chromium OS, loading modules from non-verified
filesystems is denied. Only finit_module is allowed because an open
fd is passed which can be checked against a verified location.
Change the module loading code to first attempt finit_module and if
that fails for whatever reason, fall back to the existing logic.
On x86_64, this adds ~80 bytes to modutils/modutils.o and ~68 bytes
to modutils/modprobe-small.o.
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>