diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-13 18:22:35 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-13 18:22:35 +0100 |
| commit | 25d9b91d94688b9b022224b95c06cbd4b75da085 (patch) | |
| tree | 6d3b5dd63f3fab3fba018c73ae4bc64e5a38b150 | |
| parent | 03d81ef43aca1808255d1a2a19ec394ed805eee8 (diff) | |
| download | busybox-w32-25d9b91d94688b9b022224b95c06cbd4b75da085.tar.gz busybox-w32-25d9b91d94688b9b022224b95c06cbd4b75da085.tar.bz2 busybox-w32-25d9b91d94688b9b022224b95c06cbd4b75da085.zip | |
shell/read: check that variable names are sane
function old new delta
shell_builtin_read 1000 1055 +55
parse_command 1460 1463 +3
builtin_umask 121 123 +2
is_well_formed_var_name 73 66 -7
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | shell/ash.c | 4 | ||||
| -rw-r--r-- | shell/builtin_read.c | 11 | ||||
| -rw-r--r-- | shell/hush.c | 10 | ||||
| -rw-r--r-- | shell/shell_common.c | 17 | ||||
| -rw-r--r-- | shell/shell_common.h | 8 |
5 files changed, 26 insertions, 24 deletions
diff --git a/shell/ash.c b/shell/ash.c index 31dc59253..798d15a4c 100644 --- a/shell/ash.c +++ b/shell/ash.c | |||
| @@ -1768,11 +1768,7 @@ static const struct { | |||
| 1768 | const char *text; | 1768 | const char *text; |
| 1769 | void (*func)(const char *) FAST_FUNC; | 1769 | void (*func)(const char *) FAST_FUNC; |
| 1770 | } varinit_data[] = { | 1770 | } varinit_data[] = { |
| 1771 | #if IFS_BROKEN | ||
| 1772 | { VSTRFIXED|VTEXTFIXED , defifsvar , NULL }, | 1771 | { VSTRFIXED|VTEXTFIXED , defifsvar , NULL }, |
| 1773 | #else | ||
| 1774 | { VSTRFIXED|VTEXTFIXED|VUNSET, "IFS\0" , NULL }, | ||
| 1775 | #endif | ||
| 1776 | #if ENABLE_ASH_MAIL | 1772 | #if ENABLE_ASH_MAIL |
| 1777 | { VSTRFIXED|VTEXTFIXED|VUNSET, "MAIL\0" , changemail }, | 1773 | { VSTRFIXED|VTEXTFIXED|VUNSET, "MAIL\0" , changemail }, |
| 1778 | { VSTRFIXED|VTEXTFIXED|VUNSET, "MAILPATH\0", changemail }, | 1774 | { VSTRFIXED|VTEXTFIXED|VUNSET, "MAILPATH\0", changemail }, |
diff --git a/shell/builtin_read.c b/shell/builtin_read.c index 73b0949cf..954e4cd14 100644 --- a/shell/builtin_read.c +++ b/shell/builtin_read.c | |||
| @@ -39,6 +39,7 @@ shell_builtin_read(void FAST_FUNC (*setvar)(const char *name, const char *val), | |||
| 39 | unsigned end_ms; /* -t TIMEOUT */ | 39 | unsigned end_ms; /* -t TIMEOUT */ |
| 40 | int fd; /* -u FD */ | 40 | int fd; /* -u FD */ |
| 41 | int nchars; /* -n NUM */ | 41 | int nchars; /* -n NUM */ |
| 42 | char **pp; | ||
| 42 | char *buffer; | 43 | char *buffer; |
| 43 | struct termios tty, old_tty; | 44 | struct termios tty, old_tty; |
| 44 | const char *retval; | 45 | const char *retval; |
| @@ -46,6 +47,16 @@ shell_builtin_read(void FAST_FUNC (*setvar)(const char *name, const char *val), | |||
| 46 | int startword; | 47 | int startword; |
| 47 | smallint backslash; | 48 | smallint backslash; |
| 48 | 49 | ||
| 50 | pp = argv; | ||
| 51 | while (*pp) { | ||
| 52 | if (!is_well_formed_var_name(*pp, '\0')) { | ||
| 53 | /* Mimic bash message */ | ||
| 54 | bb_error_msg("read: '%s': not a valid identifier", *pp); | ||
| 55 | return (const char *)(uintptr_t)1; | ||
| 56 | } | ||
| 57 | pp++; | ||
| 58 | } | ||
| 59 | |||
| 49 | nchars = 0; /* if != 0, -n is in effect */ | 60 | nchars = 0; /* if != 0, -n is in effect */ |
| 50 | if (opt_n) { | 61 | if (opt_n) { |
| 51 | nchars = bb_strtou(opt_n, NULL, 10); | 62 | nchars = bb_strtou(opt_n, NULL, 10); |
diff --git a/shell/hush.c b/shell/hush.c index bb0ab8408..810009ae8 100644 --- a/shell/hush.c +++ b/shell/hush.c | |||
| @@ -893,16 +893,6 @@ static void cmdedit_update_prompt(void); | |||
| 893 | 893 | ||
| 894 | /* Utility functions | 894 | /* Utility functions |
| 895 | */ | 895 | */ |
| 896 | static int is_well_formed_var_name(const char *s, char terminator) | ||
| 897 | { | ||
| 898 | if (!s || !(isalpha(*s) || *s == '_')) | ||
| 899 | return 0; | ||
| 900 | s++; | ||
| 901 | while (isalnum(*s) || *s == '_') | ||
| 902 | s++; | ||
| 903 | return *s == terminator; | ||
| 904 | } | ||
| 905 | |||
| 906 | /* Replace each \x with x in place, return ptr past NUL. */ | 896 | /* Replace each \x with x in place, return ptr past NUL. */ |
| 907 | static char *unbackslash(char *src) | 897 | static char *unbackslash(char *src) |
| 908 | { | 898 | { |
diff --git a/shell/shell_common.c b/shell/shell_common.c index 99bb91c6f..669a18dfd 100644 --- a/shell/shell_common.c +++ b/shell/shell_common.c | |||
| @@ -19,8 +19,17 @@ | |||
| 19 | #include "libbb.h" | 19 | #include "libbb.h" |
| 20 | #include "shell_common.h" | 20 | #include "shell_common.h" |
| 21 | 21 | ||
| 22 | #if IFS_BROKEN | ||
| 23 | const char defifsvar[] ALIGN1 = "IFS= \t\n"; | 22 | const char defifsvar[] ALIGN1 = "IFS= \t\n"; |
| 24 | #else | 23 | |
| 25 | const char defifs[] ALIGN1 = " \t\n"; | 24 | |
| 26 | #endif | 25 | int FAST_FUNC is_well_formed_var_name(const char *s, char terminator) |
| 26 | { | ||
| 27 | if (!s || !(isalpha(*s) || *s == '_')) | ||
| 28 | return 0; | ||
| 29 | |||
| 30 | do | ||
| 31 | s++; | ||
| 32 | while (isalnum(*s) || *s == '_'); | ||
| 33 | |||
| 34 | return *s == terminator; | ||
| 35 | } | ||
diff --git a/shell/shell_common.h b/shell/shell_common.h index a9e9a2239..7c8e8c356 100644 --- a/shell/shell_common.h +++ b/shell/shell_common.h | |||
| @@ -21,14 +21,10 @@ | |||
| 21 | 21 | ||
| 22 | PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN | 22 | PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN |
| 23 | 23 | ||
| 24 | #define IFS_BROKEN 1 | ||
| 25 | |||
| 26 | #if IFS_BROKEN | ||
| 27 | extern const char defifsvar[]; /* "IFS= \t\n" */ | 24 | extern const char defifsvar[]; /* "IFS= \t\n" */ |
| 28 | #define defifs (defifsvar + 4) | 25 | #define defifs (defifsvar + 4) |
| 29 | #else | 26 | |
| 30 | extern const char defifs[]; /* " \t\n" */ | 27 | int FAST_FUNC is_well_formed_var_name(const char *s, char terminator); |
| 31 | #endif | ||
| 32 | 28 | ||
| 33 | POP_SAVED_FUNCTION_VISIBILITY | 29 | POP_SAVED_FUNCTION_VISIBILITY |
| 34 | 30 | ||