Code shrink and prevention of possible out of bounds access.
function old new delta
nth_string 36 26 -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-10) Total: -10 bytes
text data bss dec hex filename
981342 16915 1872 1000129 f42c1 busybox_old
981332 16915 1872 1000119 f42b7 busybox_unstripped
Signed-off-by: Martin Lewis <martin.lewis.x84@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
fill_envp now iterates over the packet only once instead of a few hundred times
using the new option scanner.
function old new delta
udhcp_scan_options - 189 +189
putenvp - 46 +46
init_scan_state - 22 +22
udhcp_get_option 227 104 -123
udhcp_run_script 835 601 -234
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 0/2 up/down: 257/-357) Total: -100 bytes
Signed-off-by: Martin Lewis <martin.lewis.x84@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Added an option scanner to udhcp to enable iteration over packet options.
Signed-off-by: Martin Lewis <martin.lewis.x84@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
busybox will remove directory symlinks, which is at
odds with common layouts that have some of
bin/lib/lib32/lib64 symlinked.
this adds a exludelist for critcal and often symlinked
directories.
Fixes: Bug 12551
function old new delta
remove_file_array 139 231 +92
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The udhcpc script calls ip addr flush .. which flushes addresses
of any address family, including IPv6. However, busybox udhcpc is
IPv4 only and should not influence IPv6 addressing. Hence use ip
addr flush with family constraint.
The script particularly broke IPv6 SLAAC: Typically when udhcpc
calls the script the kernel already assigned the IPv6 link-local
address. The flush removes the link-local IPv6 address again and
prohibits proper IPv6 operation such as SLAAC since neighbor
discovery protocol relies on IPv6 link-local addressing.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
[Taken from https://git.openembedded.org/openembedded-core/commit/meta/recipes-core/busybox/files/simple.script?id=b77541dbb2f442e51842f9d24c8745a6df2d1478]
Signed-off-by: Quentin Schulz <quentin.schulz@streamunlimited.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
On Alpine, some users use /dev/null as a home directory. When removing
such a user with `deluser --remove-home` this causes the /dev/null
device file to be removed which is undesirable. To prevent this pitfall,
check if the home directory specified for the user is an actual
directory (or a symlink to a directory).
Implementations of similar tools for other operating systems also
implement such checks. For instance, the OpenBSD rmuser(1)
implementation [0].
[0]: b69faa6c70/usr.sbin/adduser/rmuser.perl (L143-L151)
function old new delta
deluser_main 337 380 +43
Signed-off-by: Sören Tempel <soeren+git@soeren-tempel.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Commit d1b75e184 (httpd: permit non-default home directory with NOMMU
enabled) only works when used with the '-f' (foreground) option.
When '-f' isn't specified and NOMMU is enabled bb_daemonize_or_rexec()
is called to daemonize the server. Since the server process has been
re-execed the previous patch results in the xchdir() not being called.
Fix this by resetting the re_execed variable in this case.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Prior to the patch, both -f and --first-only are in all cases either
no-op or ignored.
Without --tabs, --first-only is the default so specifying it is a no-op.
With --tabs, --all is implied, and --first-only is intended to reset this.
function old new delta
expand_main 690 694 +4
Signed-off-by: Mark Edgar <medgar123@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Incorporated valid_domain_label into good_hostname to simplify the implementation.
function old new delta
static.xmalloc_optname_optval 973 958 -15
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-15) Total: -15 bytes
text data bss dec hex filename
993144 16915 1872 1011931 f70db busybox_old
993129 16915 1872 1011916 f70cc busybox_unstripped
Signed-off-by: Martin Lewis <martin.lewis.x84@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When ENABLE_FEATURE_WGET_OPENSSL is enabled, correctly implement TLS
verification by default. And only ignore verification errors, if
--no-check-certificate was passed.
Also note, that previously OPENSSL implementation did not implement
TLS verification, nor printed any warning messages that verification
was not performed.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1879533
CVE-2018-1000500
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
show_history() checks that its argument in non-null so there's
no need to repeat the test at call sites.
function old new delta
historycmd 25 17 -8
builtin_history 29 21 -8
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-16) Total: -16 bytes
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
mim runs scripts from a specification file which can be thought
of as an extremely limited Makefile. Neither make variables nor
dependencies are supported. By default the file 'Mimfile' is read.
An example:
hello:
echo hello $1
clean:
rm -rf *
The command 'mim' or 'mim hello' will echo 'hello'. Unlike 'make'
arguments after the first are available to the script; they don't
specify additional targets.
mim isn't enabled by default. Enabling it increases the size of the
binary by about 500 bytes.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Since commit 7eb8eecbb (ash: eval: Add assignment built-in support
again) building BusyBox with the 'command' built-in disabled fails.
parse_command_args() only needs to be called when the 'command'
built-in is run. Which it won't be if it's disabled.
v2: Avoiding infinite loops is good, too. Thanks, Harald van Dijk.
Reported-by: Deweloper <deweloper@wp.pl>
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When BusyBox is compiled with NOMMU enabled running httpd with
the '-h' option fails even if the specified directory exists:
$ ls -d www
www
$ busybox httpd -fvvvp 8080 -h www
...
... try to access http://localhost:8080/www
...
httpd: can't change directory to 'www': No such file or directory
The parent process executes xchdir("www"). When a connection is accepted
it's handled by re-executing httpd in inetd mode. The child process
inherits the current directory "www" and tries to change directory again
to "www", which fails.
Omit the call to xchdir() when httpd is re-executed.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
From POSIX.1-2008:
The pattern_list's value shall consist of one or more patterns
separated by <newline> characters;
As such, given patterns need to be split at newline characters. Without
doing so, busybox grep will interpret the newline as part of the pattern
which is not in accordance with POSIX.
See also: https://bugs.busybox.net/show_bug.cgi?id=12721
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Grep currently special-cased empty pattern file to be the same as
pattern file with one empty line (empty pattern). That does mirror how
GNU grep behaves, except when -x is provided. In that case .* pattern
needs to be used instead.
Signed-off-by: Gray Wolf <wolf@wolfsden.cz>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Since commit 1ff7002b1 (xargs: fix handling of quoted arguments, closes
11441) the -n option hasn't worked properly:
$ echo 1 2 3 | xargs -n 1 echo
1
2
3
$
Because state is now remembered between calls to process_stdin() it's
necessary to update the state before any premature return.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When using GNU Make >=4.3, the KBUILD_STR() definition interferes badly
with dependency checks during build, and forces a complete rebuild every
time Make runs.
In if_changed_rule, Kconfig checks if the command used to build a file
has changed since last execution. The previous command is stored in the
generated .<file>.o.cmd file. For example applets/.applets.o.cmd defines
a "cmd_applets/applets.o" variable:
cmd_applets/applets.o := gcc ... -D"KBUILD_STR(s)=#s" ...
Here the '#' should be escaped with a backslash, otherwise GNU Make
interprets it as starting a comment, and ignore the rest of the
variable. As a result of this truncation, the previous command doesn't
equal the new command and Make rebuilds each target.
The problem started to appear when GNU Make 4.3 (released January 2020),
introduced a backward-incompatible fix to macros containing a '#'. While
the above use of '#', a simple Make variable, still needs to be escaped,
a '#' within a function invocation doesn't need to be escaped anymore.
As Martin Dorey explained on the GNU Make discussion [1], the above
declaration is generated from make-cmd, defined as:
make-cmd = $(subst \#,\\\#,$(subst $$,$$$$,$(call escsq,$(cmd_$(1))))
Since GNU Make 4.3, the first argument of subst should not have a
backslash. make-cmd now looks for literally \# and doesn't find it, and
as a result doesn't add the backslash when generating .o.cmd files.
[1] http://savannah.gnu.org/bugs/?20513
We could fix it by changing make-cmd to "$(subst #,\#,...)", but to
avoid compatibility headaches, simply get rid of the KBUILD_STR
definition, as done in Linux by b42841b7bb62 ("kbuild: Get rid of
KBUILD_STR"). Quote the string arguments directly rather than asking the
preprocessor to quote them.
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The official Info-Zip unzip creates the dir if it doesn't exist.
Signed-off-by: Lauri Kasanen <cand@gmx.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream commit:
Date: Wed, 12 Sep 2018 14:27:16 +0800
expand: Fix multiple issues with EXP_DISCARD in evalvar
The commit 3cd538634f71538370f5af239f342aec48b7470b broke parameter
expansion in multiple ways because the EXP_DISCARD flag wasn't set
or tested for various cases:
$ src/dash -c 'var=; echo ${var:+nonempty}'
nonempty
$ src/dash -u -c 'unset foo bar; echo ${foo+${bar}}'
dash: 1: bar: parameter not set
$ src/dash -c 'foo=bar; echo ${foo=BUG}; echo $foo'
barBUG
bar
$
This patch fixes them by introducing a new discard variable that
tracks whether the extra word should be discarded or not when it
is parsed.
Reported-by: Martijn Dekker <martijn@inlv.org>
Fixes: 3cd538634f71 ("expand: Do not reprocess data when...")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reported-by: Martijn Dekker <martijn@inlv.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Upstream patch:
Date: Wed, 30 May 2018 02:06:03 +0800
expand: Do not reprocess data when expanding words
Currently various paths will reprocess data when performing word
expansion. For example, expari will skip backwards looking for
the start of the arithmetic expansion, while evalvar will skip
unexpanded words manually.
This is cumbersome and error-prone. This patch fixes this by
making word expansions proceed in a linear fashion. This means
changing argstr and the various expansion functions such as expari
and subevalvar to return the next character to be expanded.
This is inspired by similar code from FreeBSD. However, we take
things one step further and completely remove the manual word
skipping in evalvar. This is accomplished by introducing a new
EXP_DISCARD flag that tells argstr to only parse and not produce
any actual expansions.
Incidentally, argstr will now always NUL-terminate the expansion
unless the EXP_WORD flag is set. This is because all but one
caller of argstr wants the result to be NUL-termianted.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Also includes two one-line follow-up fixes:
expand: Eat closing brace for length parameter
if (subtype == VSLENGTH) {
+ p++;
if (flag & EXP_DISCARD)
expand: Fix double-decrement in argstr
- newloc = expdest - (char *)stackblock() - end;
+ newloc = q - (char *)stackblock() - end;
and changes in code for bash substring extensions.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Following recent work on evalcommand() a TRACE statement to report
the status of a forked command was left in the wrong place.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>