From 215b0ca6e4fe466c6942d21a1bba62d97f2d5e5d Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Fri, 19 Aug 2016 18:23:56 +0200 Subject: hush: fix a bug in FEATURE_SH_STANDALONE=y config. Closes 9186 Run this in a "sh SCRIPT": sha256sum /dev/null echo END sha256sum is a NOEXEC applet. It runs in a forked child. Then child exit()s. By this time, entire script is read, and buffered in a FILE object from fopen("SCRIPT"). But fgetc() did not consume entire input. exit() lseeks back by -9 bytes, from to 'e' in 'echo'. (this may be libc-specific). This change of fd position *is shared with the parent*! Now parent can read more, and it thinks there is another "echo END". End result: two "echo END"s are run. Fix this by _exit()ing instead. Signed-off-by: Denys Vlasenko --- libbb/appletlib.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'libbb/appletlib.c') diff --git a/libbb/appletlib.c b/libbb/appletlib.c index c341817e2..f760af2cb 100644 --- a/libbb/appletlib.c +++ b/libbb/appletlib.c @@ -877,7 +877,9 @@ void FAST_FUNC run_applet_no_and_exit(int applet_no, char **argv) } if (ENABLE_FEATURE_SUID) check_suid(applet_no); - exit(applet_main[applet_no](argc, argv)); + xfunc_error_retval = applet_main[applet_no](argc, argv); + /* Note: applet_main() may also not return (die on a xfunc or such) */ + xfunc_die(); } # endif /* NUM_APPLETS > 0 */ -- cgit v1.2.3-55-g6feb