diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2016-08-19 18:23:56 +0200 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2016-08-19 18:43:06 +0200 |
| commit | 215b0ca6e4fe466c6942d21a1bba62d97f2d5e5d (patch) | |
| tree | 4fbb9563d870ce8a5f8f08015424e358a1462677 /shell | |
| parent | aedc3fe19fac368dc363050e0387d263b7e01cc6 (diff) | |
| download | busybox-w32-215b0ca6e4fe466c6942d21a1bba62d97f2d5e5d.tar.gz busybox-w32-215b0ca6e4fe466c6942d21a1bba62d97f2d5e5d.tar.bz2 busybox-w32-215b0ca6e4fe466c6942d21a1bba62d97f2d5e5d.zip | |
hush: fix a bug in FEATURE_SH_STANDALONE=y config. Closes 9186
Run this in a "sh SCRIPT":
sha256sum /dev/null
echo END
sha256sum is a NOEXEC applet. It runs in a forked child. Then child exit()s.
By this time, entire script is read, and buffered in a FILE object
from fopen("SCRIPT"). But fgetc() did not consume entire input.
exit() lseeks back by -9 bytes, from <eof> to 'e' in 'echo'.
(this may be libc-specific).
This change of fd position *is shared with the parent*!
Now parent can read more, and it thinks there is another "echo END".
End result: two "echo END"s are run.
Fix this by _exit()ing instead.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'shell')
| -rw-r--r-- | shell/hush.c | 23 | ||||
| -rwxr-xr-x | shell/hush_test/run-all | 3 |
2 files changed, 22 insertions, 4 deletions
diff --git a/shell/hush.c b/shell/hush.c index ab192e2cd..be5c98a20 100644 --- a/shell/hush.c +++ b/shell/hush.c | |||
| @@ -1580,11 +1580,11 @@ static void hush_exit(int exitcode) | |||
| 1580 | } | 1580 | } |
| 1581 | #endif | 1581 | #endif |
| 1582 | 1582 | ||
| 1583 | #if ENABLE_HUSH_JOB | ||
| 1584 | fflush_all(); | 1583 | fflush_all(); |
| 1584 | #if ENABLE_HUSH_JOB | ||
| 1585 | sigexit(- (exitcode & 0xff)); | 1585 | sigexit(- (exitcode & 0xff)); |
| 1586 | #else | 1586 | #else |
| 1587 | exit(exitcode); | 1587 | _exit(exitcode); |
| 1588 | #endif | 1588 | #endif |
| 1589 | } | 1589 | } |
| 1590 | 1590 | ||
| @@ -6466,7 +6466,23 @@ static void dump_cmd_in_x_mode(char **argv) | |||
| 6466 | * Never returns. | 6466 | * Never returns. |
| 6467 | * Don't exit() here. If you don't exec, use _exit instead. | 6467 | * Don't exit() here. If you don't exec, use _exit instead. |
| 6468 | * The at_exit handlers apparently confuse the calling process, | 6468 | * The at_exit handlers apparently confuse the calling process, |
| 6469 | * in particular stdin handling. Not sure why? -- because of vfork! (vda) */ | 6469 | * in particular stdin handling. Not sure why? -- because of vfork! (vda) |
| 6470 | * Also, it was observed that on exit(), fgetc'ed buffered data | ||
| 6471 | * gets "unwound" by some libcs, via lseek(fd, -NUM, SEEK_CUR). | ||
| 6472 | * With the net effect that even after fork(), not vfork(), | ||
| 6473 | * exit() in NOEXECed applet in "sh SCRIPT": | ||
| 6474 | * noexec_applet_here | ||
| 6475 | * echo END_OF_SCRIPT | ||
| 6476 | * lseeks fd in input FILE object from EOF to "e" in "echo END_OF_SCRIPT". | ||
| 6477 | * This makes "echo END_OF_SCRIPT" executed twice. exexit() is the fix. | ||
| 6478 | */ | ||
| 6479 | #if ENABLE_FEATURE_SH_STANDALONE | ||
| 6480 | static void exexit(void) | ||
| 6481 | { | ||
| 6482 | fflush_all(); | ||
| 6483 | _exit(xfunc_error_retval); | ||
| 6484 | } | ||
| 6485 | #endif | ||
| 6470 | static void pseudo_exec_argv(nommu_save_t *nommu_save, | 6486 | static void pseudo_exec_argv(nommu_save_t *nommu_save, |
| 6471 | char **argv, int assignment_cnt, | 6487 | char **argv, int assignment_cnt, |
| 6472 | char **argv_expanded) NORETURN; | 6488 | char **argv_expanded) NORETURN; |
| @@ -6547,6 +6563,7 @@ static NOINLINE void pseudo_exec_argv(nommu_save_t *nommu_save, | |||
| 6547 | # if BB_MMU /* see above why on NOMMU it is not allowed */ | 6563 | # if BB_MMU /* see above why on NOMMU it is not allowed */ |
| 6548 | if (APPLET_IS_NOEXEC(a)) { | 6564 | if (APPLET_IS_NOEXEC(a)) { |
| 6549 | debug_printf_exec("running applet '%s'\n", argv[0]); | 6565 | debug_printf_exec("running applet '%s'\n", argv[0]); |
| 6566 | die_func = exexit; | ||
| 6550 | run_applet_no_and_exit(a, argv); | 6567 | run_applet_no_and_exit(a, argv); |
| 6551 | } | 6568 | } |
| 6552 | # endif | 6569 | # endif |
diff --git a/shell/hush_test/run-all b/shell/hush_test/run-all index 64a7abc47..837b3f7da 100755 --- a/shell/hush_test/run-all +++ b/shell/hush_test/run-all | |||
| @@ -64,11 +64,12 @@ do_test() | |||
| 64 | echo -n "$1/$x:" | 64 | echo -n "$1/$x:" |
| 65 | ( | 65 | ( |
| 66 | "$THIS_SH" "./$x" >"$name.xx" 2>&1 | 66 | "$THIS_SH" "./$x" >"$name.xx" 2>&1 |
| 67 | r=$? | ||
| 67 | # filter C library differences | 68 | # filter C library differences |
| 68 | sed -i \ | 69 | sed -i \ |
| 69 | -e "/: invalid option /s:'::g" \ | 70 | -e "/: invalid option /s:'::g" \ |
| 70 | "$name.xx" | 71 | "$name.xx" |
| 71 | test $? -eq 77 && rm -f "../$1-$x.fail" && exit 77 | 72 | test $r -eq 77 && rm -f "../$1-$x.fail" && exit 77 |
| 72 | diff -u "$name.xx" "$name.right" >"../$1-$x.fail" && rm -f "$name.xx" "../$1-$x.fail" | 73 | diff -u "$name.xx" "$name.right" >"../$1-$x.fail" && rm -f "$name.xx" "../$1-$x.fail" |
| 73 | ) | 74 | ) |
| 74 | case $? in | 75 | case $? in |