Using a space as the magic character would result in problems if the command
started with a number:
- For a 'valid' number n, n < size of argv, it would erroneously get
replaced with that argument; e.g. `apply -a ' ' -d 1rm x => `execxrm x`
- For an 'invalid' number n, n >= size of argv, it would segfault.
e.g. `apply -a ' ' 2to3 test.py` would try to access argv[2]
This problem occurred because apply(1) would prepend "exec " to the command
string before doing the actual magic number replacements, so it would come
across "exec 2to3 1" and assume that the " 2" is also a magic number to be
replaced.
Re-work this to instead just append "exec " to the command sbuf and
workaround the ugliness. This also simplifies stuff in the process.
PR: 226948
Submitted by: Tobias Stoeckmann <tobias@stoeckmann.org>
MFC after: 1 week
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
is in accordance with the information provided at
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
Also add $FreeBSD$ to a few files to keep svn happy.
Discussed with: imp, rwatson
snprintf(3) doesn't set errno in the tested cases.
- If the same argument reference (for example %1) was specified more than
once, the command didn't necessarily fit to the final command buffer. Fix
this using a dynamic sbuf buffer. Add a few regression tests for the case.
PR: bin/95079
No objections: freebsd-hackers
This is a style bug. err() is declared is non-returning so that every
use of it doesn't need to be encrufted with NOTREACHED. It's too bad
that only gcc understands the declaration.
Asked by: bde@
of the recent WARNS commits. The idea is:
1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.
string after each successful snprintf() call. This makes apply(1) work
*correctly*, although the whole snprintf() deal really should be redone.
Bug noted by: nectar (about 3 weeks ago)
declarations & their arguments; use only one tab after types; restore the
type of argv to sync with src tree style; sort new variables under main();
fix continuation indents; remove extra blank line before free()'s. Still
to do: fix snprintf() handling as nectar & bde suggested to me.
Submitted by: bde
BDECFLAGS; ANSIfy; use EXEC instead of "exec " where appropriate; use
proper types (size_t, int); use proper variable names for certain things;
get rid of static 'cache' style stuff by moving and sanitizing the
original SHELL checking code to main(), this also makes it easier to
free() the string; rename file-scope system() to exec_shell(); use
snprintf() everywhere instead of sprintf(); actually remember to free()
other malloc()'d char pointers in main().
I left out the -s option in this revision along with getusershell()
checking because of objections made by Warner Losh <imp> and Garrett
Wollman <wollman>. I agreed with their assertions that such code was
unnecessary in a program like this.
I dare people to make this coredump now.
Some suggestions: nectar (snprintf() truncate checking)
Reviewed by: markm, eivind, jedgar
Tortured by: examples in apply(1), fuzz(1),
and a lot of random ideas I came up with
especially on strings passed from argv; rename system() to exec_shell(),
and make it static; use strlcpy() and make sure it works; use proper
type (size_t) to be passed to malloc()/realloc().
Use getusershell() to make sure the SHELL environment variable passed is
safe to use. Add new option -s to allow anal users to pass things like
perl; this option is here along with getusershell() checking since the
such checking is only intended to affect things like suidperl that might
call apply(1).
Reviewed by: markm, jhb, C. Stephen Gunn <csg@waterspout.com>
This would have been commit #2 which was "Obtained from: BSD/OS" except
their code is buggy (they call err() if the execl() fails, which will
incorrectly call exit()), so instead this is:
Obtained from: NetBSD
execvp() in the child branch of a vfork(). Changed to use fork()
instead.
Some of these (mv, find, apply, xargs) might benefit greatly from
being rewritten to use vfork() properly.
PR: Loosely related to bin/8252
Approved by: jkh and bde
