From 0829fce079dae45737330114c27886cb8af85043 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Fri, 12 Jul 2024 21:58:04 +0200 Subject: ash: do not abort interactive mode on >&9999 redirect With very large fd#, the error code path is different from one for closed but small fd#. Make it not abort if we are interactive: $ echo text >&99 # this wasn't buggy ash: dup2(9,1): Bad file descriptor $ echo text >&9999 # this was ash: fcntl(1,F_DUPFD,10000): Invalid argument function old new delta .rodata 105637 105661 +24 dup2_or_raise 35 38 +3 redirect 1084 1044 -40 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/1 up/down: 27/-40) Total: -13 bytes Signed-off-by: Denys Vlasenko --- shell/ash.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'shell') diff --git a/shell/ash.c b/shell/ash.c index 094a87390..39455c7c5 100644 --- a/shell/ash.c +++ b/shell/ash.c @@ -5621,10 +5621,13 @@ dup2_or_raise(int from, int to) newfd = (from != to) ? dup2(from, to) : to; if (newfd < 0) { /* Happens when source fd is not open: try "echo >&99" */ - ash_msg_and_raise_perror("%d", from); + ash_msg_and_raise_perror("dup2(%d,%d)", from, to); } return newfd; } +/* The only possible error return is EBADF (fd wasn't open). + * Transient errors retry, other errors raise exception. + */ static int dup_CLOEXEC(int fd, int avoid_fd) { @@ -5639,6 +5642,16 @@ dup_CLOEXEC(int fd, int avoid_fd) goto repeat; if (errno == EINTR) goto repeat; + if (errno != EBADF) { + /* "echo >&9999" gets EINVAL trying to save fd 1 to above 9999. + * We could try saving it _below_ 9999 instead (how?), but + * this probably means that dup2(9999,1) to effectuate >&9999 + * would also not work: fd 9999 can't exist. Gracefully bail out. + * (This differs from "echo >&99" where saving works, but + * subsequent dup2(99,1) fails if fd 99 is not open). + */ + ash_msg_and_raise_perror("fcntl(%d,F_DUPFD,%d)", fd, avoid_fd + 1); + } } return newfd; } @@ -5754,7 +5767,7 @@ save_fd_on_redirect(int fd, int avoid_fd, struct redirtab *sq) new_fd = dup_CLOEXEC(fd, avoid_fd); sq->two_fd[i].moved_to = new_fd; TRACE(("redirect_fd %d: already busy, moving to %d\n", fd, new_fd)); - if (new_fd < 0) /* what? */ + if (new_fd < 0) /* EBADF? what? */ xfunc_die(); return 0; /* "we did not close fd" */ } @@ -5769,8 +5782,7 @@ save_fd_on_redirect(int fd, int avoid_fd, struct redirtab *sq) new_fd = dup_CLOEXEC(fd, avoid_fd); TRACE(("redirect_fd %d: previous fd is moved to %d (-1 if it was closed)\n", fd, new_fd)); if (new_fd < 0) { - if (errno != EBADF) - xfunc_die(); + /* EBADF (fd is not open) */ /* new_fd = CLOSED; - already is -1 */ } sq->two_fd[i].moved_to = new_fd; -- cgit v1.2.3-55-g6feb From 08fb86726b508eb99502a6681da94395c4e4580c Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Fri, 12 Jul 2024 22:28:25 +0200 Subject: ash: remove limitation on fd# length "echo text >&0000000000002" works as you would expect, "echo text >&9999999999" properly fails instead of creating a file named "9999999999". function old new delta expredir 219 232 +13 readtoken1 3045 3053 +8 parsefname 204 201 -3 isdigit_str9 45 - -45 ------------------------------------------------------------------------------ (add/remove: 0/1 grow/shrink: 2/1 up/down: 21/-48) Total: -27 bytes Signed-off-by: Denys Vlasenko --- shell/ash.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) (limited to 'shell') diff --git a/shell/ash.c b/shell/ash.c index 39455c7c5..9da3e956a 100644 --- a/shell/ash.c +++ b/shell/ash.c @@ -557,10 +557,9 @@ static void trace_vprintf(const char *fmt, va_list va); #define is_in_name(c) ((c) == '_' || isalnum((unsigned char)(c))) static int -isdigit_str9(const char *str) +isdigit_str(const char *str) { - int maxlen = 9 + 1; /* max 9 digits: 999999999 */ - while (--maxlen && isdigit(*str)) + while (isdigit(*str)) str++; return (*str == '\0'); } @@ -9661,7 +9660,7 @@ expredir(union node *n) if (fn.list == NULL) ash_msg_and_raise_error("redir error"); #if BASH_REDIR_OUTPUT - if (!isdigit_str9(fn.list->text)) { + if (!isdigit_str(fn.list->text)) { /* >&file, not >&fd */ if (redir->nfile.fd != 1) /* 123>&file - BAD */ ash_msg_and_raise_error("redir error"); @@ -12011,12 +12010,19 @@ fixredir(union node *n, const char *text, int err) if (!err) n->ndup.vname = NULL; + if (LONE_DASH(text)) { + n->ndup.dupfd = -1; + return; + } + fd = bb_strtou(text, NULL, 10); if (!errno && fd >= 0) n->ndup.dupfd = fd; - else if (LONE_DASH(text)) - n->ndup.dupfd = -1; else { + /* This also fails on very large numbers + * which overflow "int" - bb_strtou() does not + * silently truncate results to word width. + */ if (err) raise_error_syntax("bad fd number"); n->ndup.vname = makename(); @@ -12702,7 +12708,7 @@ readtoken1(int c, int syntax, char *eofmark, int striptabs) if ((c == '>' || c == '<' IF_BASH_REDIR_OUTPUT( || c == 0x100 + '>')) && quotef == 0 ) { - if (isdigit_str9(out)) { + if (isdigit_str(out)) { PARSEREDIR(); /* passed as params: out, c */ lasttoken = TREDIR; return lasttoken; -- cgit v1.2.3-55-g6feb From 6c38d0e9da2d4a3defd2bff9f3e00f6229e9824b Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sat, 13 Jul 2024 00:14:41 +0200 Subject: hush: avoid duplicate fcntl(F_SETFD, FD_CLOEXEC) during init function old new delta hush_main 1149 1150 +1 Signed-off-by: Denys Vlasenko --- shell/hush.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) (limited to 'shell') diff --git a/shell/hush.c b/shell/hush.c index 3e6a13b32..afbc3ebec 100644 --- a/shell/hush.c +++ b/shell/hush.c @@ -1575,7 +1575,7 @@ static int dup_CLOEXEC(int fd, int avoid_fd) newfd = fcntl(fd, F_DUPFD_CLOEXEC, avoid_fd + 1); if (newfd >= 0) { if (F_DUPFD_CLOEXEC == F_DUPFD) /* if old libc (w/o F_DUPFD_CLOEXEC) */ - fcntl(newfd, F_SETFD, FD_CLOEXEC); + close_on_exec_on(newfd); } else { /* newfd < 0 */ if (errno == EBUSY) goto repeat; @@ -1601,7 +1601,7 @@ static int xdup_CLOEXEC_and_close(int fd, int avoid_fd) xfunc_die(); } if (F_DUPFD_CLOEXEC == F_DUPFD) /* if old libc (w/o F_DUPFD_CLOEXEC) */ - fcntl(newfd, F_SETFD, FD_CLOEXEC); + close_on_exec_on(newfd); close(fd); return newfd; } @@ -10710,7 +10710,7 @@ int hush_main(int argc, char **argv) G_interactive_fd = dup_CLOEXEC(STDIN_FILENO, 254); if (G_interactive_fd < 0) { /* try to dup to any fd */ - G_interactive_fd = dup(STDIN_FILENO); + G_interactive_fd = dup_CLOEXEC(STDIN_FILENO, -1); if (G_interactive_fd < 0) { /* give up */ G_interactive_fd = 0; @@ -10720,8 +10720,6 @@ int hush_main(int argc, char **argv) } debug_printf("interactive_fd:%d\n", G_interactive_fd); if (G_interactive_fd) { - close_on_exec_on(G_interactive_fd); - if (G_saved_tty_pgrp) { /* If we were run as 'hush &', sleep until we are * in the foreground (tty pgrp == our pgrp). @@ -10796,9 +10794,6 @@ int hush_main(int argc, char **argv) G_interactive_fd = 0; } } - if (G_interactive_fd) { - close_on_exec_on(G_interactive_fd); - } install_special_sighandlers(); #else /* We have interactiveness code disabled */ -- cgit v1.2.3-55-g6feb From 14e28c18ca1a0fb87b6c73d5cb7487e80bc6713a Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sat, 13 Jul 2024 00:59:02 +0200 Subject: hush: fix "exec 3>FILE" aborting if 3 is exactly the next free fd Signed-off-by: Denys Vlasenko --- shell/ash_test/ash-redir/redir3.right | 2 +- shell/ash_test/ash-redir/redir_exec2.right | 4 ++++ shell/ash_test/ash-redir/redir_exec2.tests | 11 +++++++++++ shell/ash_test/ash-redir/redir_to_bad_fd255.right | 2 +- shell/ash_test/ash-redir/redir_to_bad_fd3.right | 2 +- shell/hush.c | 13 +++++++++---- shell/hush_test/hush-redir/redir_exec2.right | 4 ++++ shell/hush_test/hush-redir/redir_exec2.tests | 11 +++++++++++ 8 files changed, 42 insertions(+), 7 deletions(-) create mode 100644 shell/ash_test/ash-redir/redir_exec2.right create mode 100755 shell/ash_test/ash-redir/redir_exec2.tests create mode 100644 shell/hush_test/hush-redir/redir_exec2.right create mode 100755 shell/hush_test/hush-redir/redir_exec2.tests (limited to 'shell') diff --git a/shell/ash_test/ash-redir/redir3.right b/shell/ash_test/ash-redir/redir3.right index fd641a8ea..d9cf5dac5 100644 --- a/shell/ash_test/ash-redir/redir3.right +++ b/shell/ash_test/ash-redir/redir3.right @@ -1,3 +1,3 @@ TEST -./redir3.tests: line 4: 9: Bad file descriptor +./redir3.tests: line 4: dup2(9,1): Bad file descriptor Output to fd#9: 1 diff --git a/shell/ash_test/ash-redir/redir_exec2.right b/shell/ash_test/ash-redir/redir_exec2.right new file mode 100644 index 000000000..2bdc093c9 --- /dev/null +++ b/shell/ash_test/ash-redir/redir_exec2.right @@ -0,0 +1,4 @@ +fd/5 +fd/4 +fd/3 +One:1 diff --git a/shell/ash_test/ash-redir/redir_exec2.tests b/shell/ash_test/ash-redir/redir_exec2.tests new file mode 100755 index 000000000..700a51786 --- /dev/null +++ b/shell/ash_test/ash-redir/redir_exec2.tests @@ -0,0 +1,11 @@ +cd /proc/$$ +exec 5>/dev/null +exec 4>/dev/null +exec 3>/dev/null +ls -1 fd/5 +ls -1 fd/4 +ls -1 fd/3 +exec 5>&- +test -e fd/5 && echo BUG +echo One:$? + diff --git a/shell/ash_test/ash-redir/redir_to_bad_fd255.right b/shell/ash_test/ash-redir/redir_to_bad_fd255.right index 9c5e35b36..ca4df91ac 100644 --- a/shell/ash_test/ash-redir/redir_to_bad_fd255.right +++ b/shell/ash_test/ash-redir/redir_to_bad_fd255.right @@ -1,2 +1,2 @@ -./redir_to_bad_fd255.tests: line 2: 255: Bad file descriptor +./redir_to_bad_fd255.tests: line 2: dup2(255,1): Bad file descriptor OK diff --git a/shell/ash_test/ash-redir/redir_to_bad_fd3.right b/shell/ash_test/ash-redir/redir_to_bad_fd3.right index 895a4a0a6..5120322a5 100644 --- a/shell/ash_test/ash-redir/redir_to_bad_fd3.right +++ b/shell/ash_test/ash-redir/redir_to_bad_fd3.right @@ -1,2 +1,2 @@ -./redir_to_bad_fd3.tests: line 2: 3: Bad file descriptor +./redir_to_bad_fd3.tests: line 2: dup2(3,1): Bad file descriptor OK diff --git a/shell/hush.c b/shell/hush.c index afbc3ebec..1d5642260 100644 --- a/shell/hush.c +++ b/shell/hush.c @@ -8077,8 +8077,11 @@ static int internally_opened_fd(int fd, struct squirrel *sq) return 0; } -/* squirrel != NULL means we squirrel away copies of stdin, stdout, - * and stderr if they are redirected. */ +/* sqp != NULL means we squirrel away copies of stdin, stdout, + * and stderr if they are redirected. + * If redirection fails, return 1. This will make caller + * skip command execution and restore already created redirect fds. + */ static int setup_redirects(struct command *prog, struct squirrel **sqp) { struct redir_struct *redir; @@ -8109,7 +8112,7 @@ static int setup_redirects(struct command *prog, struct squirrel **sqp) * "cmd > rd_type].mode; p = expand_string_to_string(redir->rd_filename, @@ -8124,7 +8127,9 @@ static int setup_redirects(struct command *prog, struct squirrel **sqp) */ return 1; } - if (newfd == redir->rd_fd && sqp) { + if (newfd == redir->rd_fd && sqp + && sqp != ERR_PTR /* not a redirect in "exec" */ + ) { /* open() gave us precisely the fd we wanted. * This means that this fd was not busy * (not opened to anywhere). diff --git a/shell/hush_test/hush-redir/redir_exec2.right b/shell/hush_test/hush-redir/redir_exec2.right new file mode 100644 index 000000000..2bdc093c9 --- /dev/null +++ b/shell/hush_test/hush-redir/redir_exec2.right @@ -0,0 +1,4 @@ +fd/5 +fd/4 +fd/3 +One:1 diff --git a/shell/hush_test/hush-redir/redir_exec2.tests b/shell/hush_test/hush-redir/redir_exec2.tests new file mode 100755 index 000000000..700a51786 --- /dev/null +++ b/shell/hush_test/hush-redir/redir_exec2.tests @@ -0,0 +1,11 @@ +cd /proc/$$ +exec 5>/dev/null +exec 4>/dev/null +exec 3>/dev/null +ls -1 fd/5 +ls -1 fd/4 +ls -1 fd/3 +exec 5>&- +test -e fd/5 && echo BUG +echo One:$? + -- cgit v1.2.3-55-g6feb From 23da5c4b716b92524240c6f81c2e2474c1825cfc Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sat, 13 Jul 2024 01:47:49 +0200 Subject: hush: do not exit interactive shell on some redirection errors $ echo >&99 hush: dup2(99,1): Bad file descriptor $ echo >&9999 hush: fcntl(1,F_DUPFD,10000): Invalid argument $ echo 2>/dev/tty 10>&9999 hush: fcntl(10,F_DUPFD,10000): Invalid argument $ still alive!_ function old new delta static.setup_redirects 334 394 +60 .rodata 105661 105712 +51 dup_CLOEXEC 49 79 +30 save_fd_on_redirect 263 277 +14 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 4/0 up/down: 155/0) Total: 155 bytes Signed-off-by: Denys Vlasenko --- shell/ash_test/ash-redir/redir_exec2.tests | 1 - shell/hush.c | 51 +++++++++++++++++----- shell/hush_test/hush-redir/redir3.right | 3 +- shell/hush_test/hush-redir/redir_exec2.tests | 1 - shell/hush_test/hush-redir/redir_to_bad_fd.right | 3 +- .../hush_test/hush-redir/redir_to_bad_fd255.right | 3 +- shell/hush_test/hush-redir/redir_to_bad_fd3.right | 3 +- 7 files changed, 47 insertions(+), 18 deletions(-) (limited to 'shell') diff --git a/shell/ash_test/ash-redir/redir_exec2.tests b/shell/ash_test/ash-redir/redir_exec2.tests index 700a51786..0af767592 100755 --- a/shell/ash_test/ash-redir/redir_exec2.tests +++ b/shell/ash_test/ash-redir/redir_exec2.tests @@ -8,4 +8,3 @@ ls -1 fd/3 exec 5>&- test -e fd/5 && echo BUG echo One:$? - diff --git a/shell/hush.c b/shell/hush.c index 1d5642260..707b77c9c 100644 --- a/shell/hush.c +++ b/shell/hush.c @@ -1581,6 +1581,16 @@ static int dup_CLOEXEC(int fd, int avoid_fd) goto repeat; if (errno == EINTR) goto repeat; + if (errno != EBADF) { + /* "echo >&9999" gets EINVAL trying to save fd 1 to above 9999. + * We could try saving it _below_ 9999 instead (how?), but + * this probably means that dup2(9999,1) to effectuate >&9999 + * would also not work: fd 9999 can't exist. + * (This differs from "echo >&99" where saving works, but + * subsequent dup2(99,1) fails if fd 99 is not open). + */ + bb_perror_msg("fcntl(%d,F_DUPFD,%d)", fd, avoid_fd + 1); + } } return newfd; } @@ -7893,10 +7903,16 @@ static struct squirrel *add_squirrel(struct squirrel *sq, int fd, int avoid_fd) if (sq) for (; sq[i].orig_fd >= 0; i++) { /* If we collide with an already moved fd... */ if (fd == sq[i].moved_to) { - sq[i].moved_to = dup_CLOEXEC(sq[i].moved_to, avoid_fd); - debug_printf_redir("redirect_fd %d: already busy, moving to %d\n", fd, sq[i].moved_to); - if (sq[i].moved_to < 0) /* what? */ - xfunc_die(); + moved_to = dup_CLOEXEC(sq[i].moved_to, avoid_fd); + debug_printf_redir("redirect_fd %d: already busy, moving to %d\n", fd, moved_to); + if (moved_to < 0) { + /* "echo 2>/dev/tty 10>&9999" testcase: + * We move fd 2 to 10, then discover we need to move fd 10 + * (and not hit 9999) and the latter fails. + */ + return NULL; /* fcntl failed */ + } + sq[i].moved_to = moved_to; return sq; } if (fd == sq[i].orig_fd) { @@ -7910,7 +7926,7 @@ static struct squirrel *add_squirrel(struct squirrel *sq, int fd, int avoid_fd) moved_to = dup_CLOEXEC(fd, avoid_fd); debug_printf_redir("redirect_fd %d: previous fd is moved to %d (-1 if it was closed)\n", fd, moved_to); if (moved_to < 0 && errno != EBADF) - xfunc_die(); + return NULL; /* fcntl failed (not because fd is closed) */ return append_squirrel(sq, i, fd, moved_to); } @@ -7943,6 +7959,8 @@ static struct squirrel *add_squirrel_closed(struct squirrel *sq, int fd) */ static int save_fd_on_redirect(int fd, int avoid_fd, struct squirrel **sqp) { + struct squirrel *new_squirrel; + if (avoid_fd < 9) /* the important case here is that it can be -1 */ avoid_fd = 9; @@ -8006,7 +8024,10 @@ static int save_fd_on_redirect(int fd, int avoid_fd, struct squirrel **sqp) } /* Check whether it collides with any open fds (e.g. stdio), save fds as needed */ - *sqp = add_squirrel(*sqp, fd, avoid_fd); + new_squirrel = add_squirrel(*sqp, fd, avoid_fd); + if (!new_squirrel) + return -1; /* redirect error */ + *sqp = new_squirrel; return 0; /* "we did not close fd" */ } @@ -8092,7 +8113,8 @@ static int setup_redirects(struct command *prog, struct squirrel **sqp) if (redir->rd_type == REDIRECT_HEREDOC2) { /* "rd_fd<rd_fd, /*avoid:*/ 0, sqp); + if (save_fd_on_redirect(redir->rd_fd, /*avoid:*/ 0, sqp) < 0) + return 1; /* for REDIRECT_HEREDOC2, rd_filename holds _contents_ * of the heredoc */ debug_printf_redir("set heredoc '%s'\n", @@ -8151,6 +8173,8 @@ static int setup_redirects(struct command *prog, struct squirrel **sqp) /* if "N>&-": close redir->rd_fd (newfd is REDIRFD_CLOSE) */ closed = save_fd_on_redirect(redir->rd_fd, /*avoid:*/ newfd, sqp); + if (closed < 0) + return 1; /* error */ if (newfd == REDIRFD_CLOSE) { /* "N>&-" means "close me" */ if (!closed) { @@ -8164,13 +8188,16 @@ static int setup_redirects(struct command *prog, struct squirrel **sqp) * and second redirect closes 3! Restore code then closes 3 again. */ } else { - /* if newfd is a script fd or saved fd, simulate EBADF */ + /* if newfd is a script fd or saved fd, do not allow to use it */ if (internally_opened_fd(newfd, sqp && sqp != ERR_PTR ? *sqp : NULL)) { - //errno = EBADF; - //bb_perror_msg_and_die("can't duplicate file descriptor"); - newfd = -1; /* same effect as code above */ + bb_error_msg("fd#%d is not open", newfd); + return 1; + } + if (dup2(newfd, redir->rd_fd) < 0) { + /* "echo >&99" testcase */ + bb_perror_msg("dup2(%d,%d)", newfd, redir->rd_fd); + return 1; } - xdup2(newfd, redir->rd_fd); if (redir->rd_dup == REDIRFD_TO_FILE) /* "rd_fd > FILE" */ close(newfd); diff --git a/shell/hush_test/hush-redir/redir3.right b/shell/hush_test/hush-redir/redir3.right index e3c878b7d..d49237c42 100644 --- a/shell/hush_test/hush-redir/redir3.right +++ b/shell/hush_test/hush-redir/redir3.right @@ -1,2 +1,3 @@ TEST -hush: can't duplicate file descriptor: Bad file descriptor +hush: dup2(9,1): Bad file descriptor +Output to fd#9: 1 diff --git a/shell/hush_test/hush-redir/redir_exec2.tests b/shell/hush_test/hush-redir/redir_exec2.tests index 700a51786..0af767592 100755 --- a/shell/hush_test/hush-redir/redir_exec2.tests +++ b/shell/hush_test/hush-redir/redir_exec2.tests @@ -8,4 +8,3 @@ ls -1 fd/3 exec 5>&- test -e fd/5 && echo BUG echo One:$? - diff --git a/shell/hush_test/hush-redir/redir_to_bad_fd.right b/shell/hush_test/hush-redir/redir_to_bad_fd.right index 936911ce5..4fc51cc93 100644 --- a/shell/hush_test/hush-redir/redir_to_bad_fd.right +++ b/shell/hush_test/hush-redir/redir_to_bad_fd.right @@ -1 +1,2 @@ -hush: can't duplicate file descriptor: Bad file descriptor +hush: dup2(10,1): Bad file descriptor +OK diff --git a/shell/hush_test/hush-redir/redir_to_bad_fd255.right b/shell/hush_test/hush-redir/redir_to_bad_fd255.right index 936911ce5..baa2959ca 100644 --- a/shell/hush_test/hush-redir/redir_to_bad_fd255.right +++ b/shell/hush_test/hush-redir/redir_to_bad_fd255.right @@ -1 +1,2 @@ -hush: can't duplicate file descriptor: Bad file descriptor +hush: dup2(255,1): Bad file descriptor +OK diff --git a/shell/hush_test/hush-redir/redir_to_bad_fd3.right b/shell/hush_test/hush-redir/redir_to_bad_fd3.right index 936911ce5..5e54abc0a 100644 --- a/shell/hush_test/hush-redir/redir_to_bad_fd3.right +++ b/shell/hush_test/hush-redir/redir_to_bad_fd3.right @@ -1 +1,2 @@ -hush: can't duplicate file descriptor: Bad file descriptor +hush: fd#3 is not open +OK -- cgit v1.2.3-55-g6feb