diff options
| author | Mike Frysinger <vapier@gentoo.org> | 2009-03-28 21:06:22 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2009-03-28 21:06:22 +0000 |
| commit | 7c3e52c1bd33fe4028e106dbff3e0a876064afd2 (patch) | |
| tree | 1d87804b46d96991a8e41bd7ede3b23fd86a745e | |
| parent | 56bdea1b43eda3f5ec7073736f5381e9c0017af4 (diff) | |
| download | busybox-w32-7c3e52c1bd33fe4028e106dbff3e0a876064afd2.tar.gz busybox-w32-7c3e52c1bd33fe4028e106dbff3e0a876064afd2.tar.bz2 busybox-w32-7c3e52c1bd33fe4028e106dbff3e0a876064afd2.zip | |
do not let handle_dollar() accept vars that start with a digit
| -rw-r--r-- | shell/hush.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/shell/hush.c b/shell/hush.c index 498b14e72..96c949115 100644 --- a/shell/hush.c +++ b/shell/hush.c | |||
| @@ -1647,6 +1647,7 @@ static int expand_vars_to_list(o_string *output, int n, char *arg, char or_mask) | |||
| 1647 | 1647 | ||
| 1648 | /* lookup the variable in question */ | 1648 | /* lookup the variable in question */ |
| 1649 | if (isdigit(var[0])) { | 1649 | if (isdigit(var[0])) { |
| 1650 | /* handle_dollar() should have vetted var for us */ | ||
| 1650 | i = xatoi_u(var); | 1651 | i = xatoi_u(var); |
| 1651 | if (i < G.global_argc) | 1652 | if (i < G.global_argc) |
| 1652 | val = G.global_argv[i]; | 1653 | val = G.global_argv[i]; |
| @@ -3726,22 +3727,33 @@ static int handle_dollar(o_string *dest, struct in_str *input) | |||
| 3726 | case '@': /* args */ | 3727 | case '@': /* args */ |
| 3727 | goto make_one_char_var; | 3728 | goto make_one_char_var; |
| 3728 | case '{': { | 3729 | case '{': { |
| 3729 | bool first_char; | 3730 | bool first_char, all_digits; |
| 3730 | 3731 | ||
| 3731 | o_addchr(dest, SPECIAL_VAR_SYMBOL); | 3732 | o_addchr(dest, SPECIAL_VAR_SYMBOL); |
| 3732 | i_getch(input); | 3733 | i_getch(input); |
| 3733 | /* XXX maybe someone will try to escape the '}' */ | 3734 | /* XXX maybe someone will try to escape the '}' */ |
| 3734 | expansion = 0; | 3735 | expansion = 0; |
| 3735 | first_char = true; | 3736 | first_char = true; |
| 3737 | all_digits = false; | ||
| 3736 | while (1) { | 3738 | while (1) { |
| 3737 | ch = i_getch(input); | 3739 | ch = i_getch(input); |
| 3738 | if (ch == '}') | 3740 | if (ch == '}') |
| 3739 | break; | 3741 | break; |
| 3740 | 3742 | ||
| 3741 | if (ch == '#' && first_char) | 3743 | if (first_char) { |
| 3742 | /* ${#var}: length of var contents */; | 3744 | if (ch == '#') |
| 3745 | /* ${#var}: length of var contents */ | ||
| 3746 | goto char_ok; | ||
| 3747 | else if (isdigit(ch)) { | ||
| 3748 | all_digits = true; | ||
| 3749 | goto char_ok; | ||
| 3750 | } | ||
| 3751 | } | ||
| 3743 | 3752 | ||
| 3744 | else if (expansion < 2 && !isalnum(ch) && ch != '_') { | 3753 | if (expansion < 2 && |
| 3754 | ((all_digits && !isdigit(ch)) || | ||
| 3755 | (!all_digits && !isalnum(ch) && ch != '_'))) | ||
| 3756 | { | ||
| 3745 | /* handle parameter expansions | 3757 | /* handle parameter expansions |
| 3746 | * http://www.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_06_02 | 3758 | * http://www.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_06_02 |
| 3747 | */ | 3759 | */ |
| @@ -3782,6 +3794,8 @@ static int handle_dollar(o_string *dest, struct in_str *input) | |||
| 3782 | return 1; | 3794 | return 1; |
| 3783 | } | 3795 | } |
| 3784 | } | 3796 | } |
| 3797 | |||
| 3798 | char_ok: | ||
| 3785 | debug_printf_parse(": '%c'\n", ch); | 3799 | debug_printf_parse(": '%c'\n", ch); |
| 3786 | o_addchr(dest, ch | quote_mask); | 3800 | o_addchr(dest, ch | quote_mask); |
| 3787 | quote_mask = 0; | 3801 | quote_mask = 0; |