Commit Graph

15000 Commits

Author SHA1 Message Date
Denys Vlasenko
caf26b36f3 sysctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 18:23:10 +02:00
Denys Vlasenko
50db1f29bf sysctl: recognize ";comment" and "<whitespace>#comment" lines
function                                             old     new   delta
config_read                                          639     699     +60

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 18:20:34 +02:00
Denys Vlasenko
20077c1429 libbb: make trim() return pointer to terminating NUL
function                                             old     new   delta
trim                                                  80      90     +10
angle_address                                         56      50      -6
sysctl_main                                          282     273      -9
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/3 up/down: +10/-15)           Total:  -5 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 17:50:35 +02:00
Denys Vlasenko
9cf89cdf84 sysctl: fix file parsing, do not require -w for VAR=VAL
function                                             old     new   delta
sysctl_act_on_setting                                  -     451    +451
sysctl_main                                          222     282     +60
packed_usage                                       31744   31793     +49
config_read                                          604     639     +35
sysctl_act_recursive                                 612     163    -449
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 3/1 up/down: 595/-449)          Total: 146 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 13:45:22 +02:00
Denys Vlasenko
feb79e8742 cryptpw, mkpasswd: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 02:08:23 +02:00
Denys Vlasenko
ff53bee723 chvt, deallocvt, dumpkmap, fgconsole, loadkmap: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 02:02:31 +02:00
Denys Vlasenko
fdb92359e4 pivot_root: make it NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:51:12 +02:00
Denys Vlasenko
9c49d6e11b partprobe: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:46:39 +02:00
Denys Vlasenko
a453ca576f sv, svc: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:42:08 +02:00
Denys Vlasenko
754e9f96de svc: fix a case where with more than option, getopt() state is not reset
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:38:55 +02:00
Denys Vlasenko
9f59849daa blockdev, fsfreeze, fstrim, mountpoint: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:29:12 +02:00
Denys Vlasenko
b182e9ad60 libbb: use _exit, not exit, in bb_daemonize_or_rexec()
By the time we reach exit in parent, child already exited or execed.
We should not re-run libc cleanup code.

While at it, introduce bb_daemon_helper() and add a few comments.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 23:04:17 +02:00
Denys Vlasenko
692eeb81a4 stty: make in NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 20:07:19 +02:00
Denys Vlasenko
5c527dc57e make 17 state-changing execing applets (ex: "nice PROG ARGS") noexec
The applets with "<applet> [opts] PROG ARGS" API very quickly exec
another program, noexec is okay for them:

 chpst/envdir/envuidgid/softlimit/setuidgid
 chroot
 chrt
 ionice
 nice
 nohup
 setarch/linux32/linux64
 taskset
 cttyhack

"reset" and "sulogin" applets don't have this form, but also exec
another program at once, thus made noexec too.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 19:55:01 +02:00
Denys Vlasenko
6514785f95 mesg: make in NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 19:16:01 +02:00
Denys Vlasenko
947b2391c0 pmap: tweak help text, show usage if no params are given
Noticed while auditing nofork/noexec status

function                                             old     new   delta
pmap_main                                             70      80     +10
packed_usage                                       31747   31744      -3

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 18:37:34 +02:00
Denys Vlasenko
83d7785e41 runlevel: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 17:59:46 +02:00
Denys Vlasenko
6bec24c4f5 mktemp: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 17:39:05 +02:00
Denys Vlasenko
74c05f5b2c chat: trim help text
Noticed while auditing nofork/noexec status

function                                             old     new   delta
packed_usage                                       31777   31747     -30

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 17:36:16 +02:00
Denys Vlasenko
dd5a40246b getopt32: move support for "always treat first arg as option" to users (tar/ar)
Now getopt() never leaks (and never performs) any xmalloc's.

function                                             old     new   delta
ar_main                                              522     556     +34
tar_main                                             986    1014     +28
getopt32                                            1458    1350    -108
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 62/-108)           Total: -46 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 16:46:17 +02:00
Denys Vlasenko
727948e585 getopt32: factor out code to treat all args as options
Working towards making getopt32() xmalloc-free

function                                             old     new   delta
make_all_argv_opts                                     -      58     +58
top_main                                             914     912      -2
getopt32                                            1517    1458     -59
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/2 up/down: 58/-61)             Total: -3 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 16:33:23 +02:00
Denys Vlasenko
7f9d62d7f5 tweak NOFORK_NOEXEC.lst
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 16:01:39 +02:00
Denys Vlasenko
f8cdc7a2bc ash: BASH_XTRACEFD bashism
Based on patch by Johannes Schindelin <johannes.schindelin@gmx.de>

function                                             old     new   delta
evalcommand                                         1447    1500     +53

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 15:24:49 +02:00
Johannes Schindelin
7344755823 ash: remove no-longer-used variable
As of 035486c75 (ash: significant overhaul of redirect saving logic,
2017-07-31), the sv_pos variable is no longer used (just assigned to,
with no further effect).

Let's just remove it.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 14:52:08 +02:00
Denys Vlasenko
d329e34c96 ash: INT_OFF/INT_ON around run_nofork_applet()
function                                             old     new   delta
evalcommand                                         1441    1447      +6

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 14:50:03 +02:00
Denys Vlasenko
49e6bf2db9 sheel: improve comments on signal handling
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 14:28:16 +02:00
Denys Vlasenko
3346b4afc5 modutils: make them NOEXEC except depmod
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 02:56:39 +02:00
Denys Vlasenko
4dc86699b5 microcom: require exactly one non-option
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 02:01:45 +02:00
Denys Vlasenko
cfd392bea9 ash: add a fixme comment at run_nofork_applet
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 19:56:29 +02:00
Denys Vlasenko
19c9f31af1 nofork: fix a bug uncovered by hush testsuite (forgotten fflush)
function                                             old     new   delta
run_nofork_applet                                    280     287      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 19:52:47 +02:00
Denys Vlasenko
72d725d7cc getopt: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 19:30:21 +02:00
Denys Vlasenko
39194f0309 new NOFORKs: pwdx,kill[all5],ttysize,realpath,readlink NOEXECs: date,resize
function                                             old     new   delta
run_nofork_applet                                    258     280     +22
readlink_main                                        112     123     +11
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 33/0)               Total: 33 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 19:03:32 +02:00
Denys Vlasenko
663ae52676 config: FEDORA_COMPAT option (so far only tweaks uname)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 03:46:14 +02:00
Denys Vlasenko
819b47aa35 new NOFORKs: clear, nproc, tty, uname, arch, unlink, which
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 03:29:32 +02:00
Denys Vlasenko
39701204cf hush: do not accept "if() { echo; }" function def
function                                             old     new   delta
parse_stream                                        2634    2692     +58
msg_and_die_if_script                                  -      21     +21
syntax_error_unexpected_ch                            41      46      +5
syntax_error_at                                       14      18      +4
die_if_script                                         31      28      -3
setup_redirects                                      319     308     -11
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 3/2 up/down: 88/-14)             Total: 74 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 19:46:14 +02:00
Denys Vlasenko
84ea60ed65 line editing: make read_line_input() not take timeout param
It's almost always -1.

function                                             old     new   delta
read_line_input                                     3902    3912     +10
new_line_input_t                                      24      31      +7
pgetc                                                583     585      +2
save_command_ps_at_cur_history                        80      78      -2
read_line                                             76      74      -2
fgetc_interactive                                    246     244      -2
addLines                                              84      82      -2
doCommands                                          2226    2222      -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/5 up/down: 19/-12)              Total: 7 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 17:27:28 +02:00
Denys Vlasenko
dd4b446f76 hush: make SIGINT handling visually less confusing
$ echo $$
18448
$ echo $? <wait here, run "kill -INT 18448" in other shell><press enter>
   <=== NOTHING??
$

That empty line does not look right. After this patch:

$ echo $$
18448
$ echo $? <wait here, run "kill -INT 18448" in other shell><press enter>
^C
$

function                                             old     new   delta
fgetc_interactive                                    245     246      +1

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 16:52:12 +02:00
Denys Vlasenko
7c40ddd950 NOFORK fixes
"rm -i FILE" and "yes" can now be interrupted by ^C in hush.
This also now works:

$ usleep 19999999
^C
$ echo $?
130

function                                             old     new   delta
run_pipe                                            1668    1711     +43
pseudo_exec_argv                                     312     321      +9
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 52/0)               Total: 52 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 16:37:39 +02:00
Denys Vlasenko
95f7953f2c do not use `a' quoting style in comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 14:26:33 +02:00
Denys Vlasenko
18e781dc02 config: do not use `a' quoting in help texts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 14:12:48 +02:00
Denys Vlasenko
ec05df13b0 ash: align --login code with dash
Upstream commit:

    Date: Sun, 13 Jul 2008 22:34:50 +0800
    [OPTIONS] Added support for -l

    This patch adds support for the -l option (login shell) as required
    by the LSB.

    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

It's a bit bigger, but gets rid of one global variable

function                                             old     new   delta
options                                              554     576     +22

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 19:43:47 +02:00
Denys Vlasenko
78b1b1b07a test: fix 4-argument case
Upstream dash commit:

    Date: Sun, 13 Jul 2008 19:20:10 +0800
    Fixed 3,4-argument cases for test per POSIX

    ----- Forwarded message from Gerrit Pape <pape@smarden.org> -----

    Subject: Bug#455828: dash: 4-argument test "test \( ! -e \)" yields an error
    Date: Fri, 28 Dec 2007 08:53:29 +0000
    From: Gerrit Pape <pape@smarden.org>
    To: Vincent Lefevre <vincent@vinc17.org>, 455828@bugs.debian.org

    On Thu, Dec 27, 2007 at 06:23:20PM +0100, Vincent Lefevre wrote:
    > On 2007-12-27 16:00:06 +0000, Gerrit Pape wrote:
    > > On Wed, Dec 12, 2007 at 02:18:47AM +0100, Vincent Lefevre wrote:
    > > > According to POSIX[*], "test \( ! -e \)" is a 4-argument test and is
    > > > here equivalent to "test ! -e". But dash (like ksh93 and bash) yields
    > > > an error:
    > > >
    > > > $ test \( ! -e \) || echo $?
    > > > test: 1: closing paren expected
    > > > 2
    > > > $ test ! -e || echo $?
    > > > 1
    > >
    > > Hi Vincent,
    > >
    > > the -e switch to test takes an argument, a pathname.
    >
    > According to POSIX, in both above examples, "-e" is *not* a switch,
    > just a string.
    >
    >   test \( ! -e \)
    >
    > means: return true if the string "-e" is empty, otherwhise return false.
    > The error in dash is that it incorrectly thinks that "-e" is a switch in
    > this context.

    I see, you're right.  Thanks, Gerrit.

    ----- End forwarded message -----

    This patch hard-codes the 3,4-argument cases in the way required by
    POSIX.

    Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

function                                             old     new   delta
test_main                                            370     421     +51

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 19:21:51 +02:00
Denys Vlasenko
cee603d921 hush: remove redundant "G_flag_return_in_progress = -1"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 18:06:07 +02:00
Denys Vlasenko
5b3d2eb327 hush: fix "true | func_with_return" not allowing return.
function                                             old     new   delta
pseudo_exec_argv                                     305     312      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 18:02:28 +02:00
Denys Vlasenko
d0fff9155b ash: fix display of ">&-" redirect in job strings
function                                             old     new   delta
cmdtxt                                               558     569     +11

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 14:32:18 +02:00
Denys Vlasenko
75481d3634 hush: functions have priority over builtins (!)
function                                             old     new   delta
pseudo_exec_argv                                     291     305     +14
run_pipe                                            1560    1555      -5
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 14/-5)               Total: 9 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 05:27:09 +02:00
Denys Vlasenko
bf1c344dfd hush: if STANDALONE, close interactive fd for NOEXECed children
function                                             old     new   delta
pseudo_exec_argv                                     291     305     +14

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 04:54:53 +02:00
Denys Vlasenko
32fdf2f9fc ash,hush: ">&10" redirects to script/tty fds should not work
The fact that shell has open fds to tty and/or scripts should be
unobservable, if possible. In particular, if redirect tries to dup
one of them via ">&script_fd", it's better to pretend that script_fd
is closed, and thus redirect fails with EBADF.

Fixes these two testcase failures:
ash-redir/redir_to_bad_fd.tests
hush-redir/redir_to_bad_fd3.tests

function                                             old     new   delta
redirect                                            1018    1129    +111
setup_redirects                                      250     359    +109
readtoken1                                          2651    2655      +4
cmdloop                                              185     187      +2
changepath                                           194     195      +1
save_fd_on_redirect                                  203     194      -9
evaltree                                             501     484     -17
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 5/2 up/down: 227/-26)           Total: 201 bytes
   text    data     bss     dec     hex filename
 914553     485    6848  921886   e111e busybox_old
 914754     485    6848  922087   e11e7 busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 04:35:18 +02:00
Denys Vlasenko
035486c750 ash: significant overhaul of redirect saving logic
New code is similar to what hush is doing.
Make CLOSED to -1: same as dash.
popredir() loses "restore" parameter: same as dash.
COPYFD_RESTORE bit is no longer necessary.

This change fixes this interactive bug:

	$ ls -l /proc/$$/fd 10>&-
	ash: can't set tty process group: Bad file descriptor
	ash: can't set tty process group: Bad file descriptor
	[1]+  Done(2)                    ls -l /proc/${\$}/fd 10>&4294967295

function                                             old     new   delta
unwindredir                                           29      27      -2
tryexec                                              154     152      -2
evaltree                                             503     501      -2
evalcommand                                         1369    1367      -2
cmdloop                                              187     185      -2
redirect                                            1029    1018     -11
popredir                                             153     123     -30
need_to_remember                                      36       -     -36
is_hidden_fd                                          68       -     -68
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 0/7 up/down: 0/-155)           Total: -155 bytes
   text    data     bss     dec     hex filename
 914572     485    6848  921905   e1131 busybox_old
 914553     485    6848  921886   e111e busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 04:21:46 +02:00
Denys Vlasenko
657e9005a9 hush: massage redirect code to be slightly more like ash
function                                             old     new   delta
save_fd_on_redirect                                    -     203    +203
xdup_CLOEXEC_and_close                                 -      75     +75
setup_redirects                                      245     250      +5
xdup_and_close                                        72       -     -72
save_fds_on_redirect                                 221       -    -221
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 1/0 up/down: 283/-293)          Total: -10 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-31 04:08:09 +02:00