busybox/shell
Denys Vlasenko 749575d3c5 hush: protect against self-modifying trap code
function                                             old     new   delta
check_and_run_traps                                  211     236     +25

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-01-30 04:29:03 +01:00
..
ash_test shell: handle $((NUM++...) like bash does. Closes 10706 2018-01-28 20:13:33 +01:00
hush_test shell: handle $((NUM++...) like bash does. Closes 10706 2018-01-28 20:13:33 +01:00
ash_doc.txt
ash_ptr_hack.c *: make GNU licensing statement forms more regular 2010-08-16 20:14:46 +02:00
ash.c ash: make it possible to disable "const global ptr" optimization 2018-01-28 20:41:23 +01:00
brace.txt hush: wait for cmd to complete, and immediately store its exitcode in $? 2009-11-15 19:58:19 +01:00
Config.src config: deindent all help texts 2017-07-21 09:50:55 +02:00
cttyhack.c regularize format of source file headers, no code changes 2017-09-18 16:28:43 +02:00
hush_doc.txt
hush_leaktool.sh hush: fix "export not_yet_defined_var", fix parsing of "cmd | }" 2009-04-19 23:07:51 +00:00
hush.c hush: protect against self-modifying trap code 2018-01-30 04:29:03 +01:00
Kbuild.src Make it possible to select "sh" and "bash" aliases without selecting ash or hush 2016-12-23 16:56:43 +01:00
match.c shell/match.c: shrink by dropping double bool inversion 2010-09-12 15:06:42 +02:00
match.h hush: optimize #[#] and %[%] for speed. size -2 bytes. 2010-09-04 21:21:07 +02:00
math.c shell: handle $((NUM++...) like bash does. Closes 10706 2018-01-28 20:13:33 +01:00
math.h Make it possible to select "sh" and "bash" aliases without selecting ash or hush 2016-12-23 16:56:43 +01:00
random.c ash,hush: fix a thinko about 2^64-1 factorization 2014-03-15 09:25:46 +01:00
random.h ash,hush: improve randomness of $RANDOM, add easy-ish way to test it 2014-03-13 12:52:43 +01:00
README update shell/README 2010-05-20 12:56:14 +02:00
README.job
shell_common.c hush: GETOPT_RESET() _after_ getopts too. 2017-08-29 14:32:17 +02:00
shell_common.h shell: more efficient check for EOL in read 2017-08-09 14:04:07 +02:00

http://www.opengroup.org/onlinepubs/9699919799/
Open Group Base Specifications Issue 7


http://www.opengroup.org/onlinepubs/9699919799/utilities/V3_chap01.html
Shell & Utilities

It says that any of the standard utilities may be implemented
as a regular shell built-in. It gives a list of utilities which
are usually implemented that way (and some of them can only
be implemented as built-ins, like "alias"):

alias
bg
cd
command
false
fc
fg
getopts
jobs
kill
newgrp
pwd
read
true
umask
unalias
wait


http://www.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html
Shell Command Language

It says that shell must implement special built-ins. Special built-ins
differ from regular ones by the fact that variable assignments
done on special builtin are *PRESERVED*. That is,

VAR=VAL special_builtin; echo $VAR

should print VAL.

(Another distinction is that an error in special built-in should
abort the shell, but this is not such a critical difference,
and moreover, at least bash's "set" does not follow this rule,
which is even codified in autoconf configure logic now...)

List of special builtins:

. file
: [argument...]
break [n]
continue [n]
eval [argument...]
exec [command [argument...]]
exit [n]
export name[=word]...
export -p
readonly name[=word]...
readonly -p
return [n]
set [-abCefhmnuvx] [-o option] [argument...]
set [+abCefhmnuvx] [+o option] [argument...]
set -- [argument...]
set -o
set +o
shift [n]
times
trap n [condition...]
trap [action condition...]
unset [-fv] name...

In practice, no one uses this obscure feature - none of these builtins
gives any special reasons to play such dirty tricks.

However. This section also says that *function invocation* should act
similar to special built-in. That is, variable assignments
done on function invocation should be preserved after function invocation.

This is significant: it is not unthinkable to want to run a function
with some variables set to special values. But because of the above,
it does not work: variable will "leak" out of the function.