diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2017-11-02 12:56:24 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2017-11-02 12:56:24 +0100 |
| commit | 9c143ce52da11ec3d21a3491c3749841d3dc10f0 (patch) | |
| tree | e1c353c9c7409417675f8f4604a1010263a81b43 | |
| parent | d5c1482fbac71c51e3add52632cdf1f9f9e6661b (diff) | |
| download | busybox-w32-9c143ce52da11ec3d21a3491c3749841d3dc10f0.tar.gz busybox-w32-9c143ce52da11ec3d21a3491c3749841d3dc10f0.tar.bz2 busybox-w32-9c143ce52da11ec3d21a3491c3749841d3dc10f0.zip | |
ash: retain envvars with bad names in initial environment. Closes 10231
Reworks "ash: [VAR] Sanitise environment variable names on entry"
commit.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | shell/ash.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/shell/ash.c b/shell/ash.c index 88e607f08..7a0b88c68 100644 --- a/shell/ash.c +++ b/shell/ash.c | |||
| @@ -10863,9 +10863,17 @@ showvars(const char *sep_prefix, int on, int off) | |||
| 10863 | const char *p; | 10863 | const char *p; |
| 10864 | const char *q; | 10864 | const char *q; |
| 10865 | 10865 | ||
| 10866 | p = strchrnul(*ep, '='); | 10866 | p = endofname(*ep); |
| 10867 | /* Used to have simple "p = strchrnul(*ep, '=')" here instead, but this | ||
| 10868 | * makes "export -p" to have output not suitable for "eval": | ||
| 10869 | * import os | ||
| 10870 | * os.environ["test-test"]="test" | ||
| 10871 | * if os.fork() == 0: | ||
| 10872 | * os.execv("ash", [ 'ash', '-c', 'eval $(export -p); echo OK' ]) # fixes this | ||
| 10873 | * os.execv("ash", [ 'ash', '-c', 'env | grep test-test' ]) | ||
| 10874 | */ | ||
| 10867 | q = nullstr; | 10875 | q = nullstr; |
| 10868 | if (*p) | 10876 | if (*p == '=') |
| 10869 | q = single_quote(++p); | 10877 | q = single_quote(++p); |
| 10870 | out1fmt("%s%s%.*s%s\n", sep_prefix, sep, (int)(p - *ep), *ep, q); | 10878 | out1fmt("%s%s%.*s%s\n", sep_prefix, sep, (int)(p - *ep), *ep, q); |
| 10871 | } | 10879 | } |
| @@ -13639,8 +13647,18 @@ init(void) | |||
| 13639 | 13647 | ||
| 13640 | initvar(); | 13648 | initvar(); |
| 13641 | for (envp = environ; envp && *envp; envp++) { | 13649 | for (envp = environ; envp && *envp; envp++) { |
| 13642 | p = endofname(*envp); | 13650 | /* Used to have |
| 13643 | if (p != *envp && *p == '=') { | 13651 | * p = endofname(*envp); |
| 13652 | * if (p != *envp && *p == '=') { | ||
| 13653 | * here to weed out badly-named variables, but this breaks | ||
| 13654 | * scenarios where people do want them passed to children: | ||
| 13655 | * import os | ||
| 13656 | * os.environ["test-test"]="test" | ||
| 13657 | * if os.fork() == 0: | ||
| 13658 | * os.execv("ash", [ 'ash', '-c', 'eval $(export -p); echo OK' ]) # fixes this | ||
| 13659 | * os.execv("ash", [ 'ash', '-c', 'env | grep test-test' ]) # breaks this | ||
| 13660 | */ | ||
| 13661 | if (strchr(*envp, '=')) { | ||
| 13644 | setvareq(*envp, VEXPORT|VTEXTFIXED); | 13662 | setvareq(*envp, VEXPORT|VTEXTFIXED); |
| 13645 | } | 13663 | } |
| 13646 | } | 13664 | } |