Commit Graph

69 Commits

Author SHA1 Message Date
jilles
adf4768f5a sh: Fix copying uninitialized field 'special'.
This just copied uninitialized data and did not depend on it later, so it
should not be dangerous.

Found by:	clang static analyzer
2016-03-13 22:54:14 +00:00
jilles
00310b91de sh: Reduce size of builtins table. 2016-01-03 21:30:22 +00:00
jilles
3c6c0527e6 sh: Fix some arithmetic undefined behaviour.
Fix shifts of possibly negative numbers found with ubsan and avoid signed
integer overflow when hashing an extremely long command name.

MFC after:	1 week
2015-06-24 20:51:48 +00:00
jilles
4af4fa1f6f sh: Remove prefix() function. Use strncmp() instead. 2014-07-20 12:06:52 +00:00
jilles
7f92c4861a sh: Simplify find_command() slightly. 2014-05-31 22:25:45 +00:00
jilles
270892ce0a sh: Fix possible memory leaks and double frees with unexpected SIGINT. 2014-03-26 20:43:40 +00:00
jilles
1d244d8c45 sh: Prefer memcpy() to strcpy() in most cases. Remove the scopy macro. 2013-11-30 21:27:11 +00:00
jilles
367c40c277 sh: Properly quote alias output from command -v.
An alias should be printed by command -v as a command line; therefore, make
the alias definition suitable for re-input to the shell.
2013-11-10 23:00:39 +00:00
jilles
8b7d6031e6 sh: Recognize "--" as end of options in type builtin.
This implementation makes minimal changes: command names starting with "-"
(other than "--") can still be queried normally.
2013-08-30 12:09:59 +00:00
jilles
0ad2a46f33 sh: Remove mkinit.
Replace the RESET blocks with regular functions and a reset() function that
calls them all.

This code generation tool is unusual and does not appear to provide much
benefit. I do not think isolating the knowledge about which modules need to
be reset is worth an almost 500-line build tool and wider scope for
variables used by the reset functions.

Also, relying on reset functions is often wrong: the cleanup should be done
in exception handlers so that no stale state remains after 'command eval'
and the like.
2013-07-25 15:08:41 +00:00
jilles
3deb97fc0b sh: Fix various compiler warnings.
It now passes WARNS=7 with clang on i386.

GCC 4.2.1 does not understand setjmp() properly so will always trigger
-Wuninitialized. I will not add the volatile keywords to suppress this.
2013-04-01 17:18:22 +00:00
jilles
705fd8516a sh: Simplify cd-hash interaction.
Instead of rechecking relative paths for all hashed utilities after a cd,
track if any utility in cmdtable depends on a relative path in PATH.
If there is such a utility, cd clears the entire table.

As a result, the '*' in hash no longer happens.
2013-01-14 16:40:50 +00:00
jilles
aef0db8f9e sh: Change cmdtype in tblentry from short to signed char.
If this is a smaller type than int anyway, we can make it the smallest
possible.
2012-11-05 17:52:18 +00:00
jilles
abfb4133f0 sh: Use C99 flexible array instead of accessing array beyond bounds.
Although sufficient memory is available for a longer string in cmdname,
this is undefined behaviour anyway.

Side effect: for alignment reasons, an additional byte of memory is
allocated per hashed command.
2012-11-03 22:23:08 +00:00
jilles
689774f8e7 sh: Expand assignment-like words specially for export/readonly/local.
Examples:
  export x=~
now expands the tilde
  local y=$1
is now safe, even if $1 contains IFS characters or metacharacters.

For a word to "look like an assignment", it must start with a name followed
by an equals sign, none of which may be quoted.

The special treatment applies when the first word (potentially after
"command") is "export", "readonly" or "local". There may be quoting
characters but no expansions. If "local" is overridden with a function there
is no special treatment ("export" and "readonly" cannot be overridden with a
function).

If things like
  local arr=(1 2 3)
are ever allowed in the future, they cannot call a "local" function. This
would either be a run-time error or it would call the builtin.

This matches Austin Group bug #351, planned for the next issue of POSIX.1.

PR:		bin/166771
2012-07-15 10:19:43 +00:00
jilles
0458d57ea3 sh: Make 'hash' return 1 if at least one utility is not found.
Reported by:	lme
2012-02-11 21:06:45 +00:00
charnier
11c560ec5e Add prototypes, ANSIfy functions definitions to reduce WARNS=6 output. 2012-01-25 08:42:19 +00:00
jilles
8152f4c192 sh: Make various functions static. 2012-01-01 22:17:12 +00:00
jilles
9a75a8c404 sh: Remove clearcmdentry()'s now unused argument. 2011-02-05 14:08:51 +00:00
jilles
852a80acf7 sh: Forget all cached command locations on any PATH change.
POSIX requires this and it is simpler than the previous code that remembered
command locations when appending directories to PATH.

In particular,
  PATH=$PATH
is no longer a no-op but discards all cached command locations.
2011-02-05 14:01:46 +00:00
jilles
a81357fbe9 sh: Do not try to execute binary files as scripts.
If execve() returns an [ENOEXEC] error, check if the file is binary before
trying to execute it using sh. A file is considered binary if at least one
of the first 256 bytes is '\0'.

In particular, trying to execute ELF binaries for the wrong architecture now
fails with an "Exec format error" message instead of syntax errors and
potentially strange results.
2011-02-05 12:54:59 +00:00
jilles
95ad413d4a sh: Remove special code for shell scripts without magic number.
These are called "shell procedures" in the source.

If execve() failed with [ENOEXEC], the shell would reinitialize itself
and execute the program as a script. This requires a fair amount of code
which is not frequently used (most scripts have a #! magic number).
Therefore just execute a new instance of sh (_PATH_BSHELL) to run the
script.
2011-02-04 22:47:55 +00:00
jilles
86ccb3f9c0 sh: Return only 126 or 127 for execve() failures.
Do not return 2 for errors other than [EACCES] or [ENOENT].
2011-02-03 23:38:11 +00:00
jilles
2a782244a9 sh: Remove special %builtin PATH entry.
All builtins are now always found before a PATH search.

Most ash derivatives have an undocumented feature where the presence of an
entry "%builtin" in $PATH will cause builtins to be checked at that point of
the PATH search, rather than before looking at any directories as documented
in the man page (very old versions do document this feature).

I am removing this feature from sh, as it complicates the code, may violate
expectations (for example, /usr/bin/alias is very close to a forkbomb with
PATH=/usr/bin:%builtin, only /usr/bin/builtin not being another link saves
it) and appears to be unused (all the %builtin google code search finds is
in some sort of ash source code).

Note that aliases and functions took and take precedence above builtins.
Because aliases work on a lexical level they can only ever be overridden on
a lexical level (quoting or preceding 'builtin' or 'command'). Allowing
override of functions via PATH does not really fit in the model of sh and it
would work differently from %builtin if implemented.

Note: POSIX says special builtins are found before functions. We comply to
this because we do not allow functions with the same name as a special
builtin.

Silence from:	freebsd-hackers@ (message sent 20101225)
Discussed with:	dougb
2011-01-09 21:07:30 +00:00
jilles
de73f385a5 sh: Allow arbitrary large numbers in CHECKSTRSPACE.
Reduce "stack string" API somewhat and simplify code.
Add a check for integer overflow of the "stack string" length (probably
incomplete).
2010-12-26 13:25:47 +00:00
obrien
08b8d916b5 In the spirit of r90111, depend on c89 and remove the "STATIC" macro
and its usage.
2010-10-13 22:18:03 +00:00
obrien
f31ad1c86b Consistently use "STATIC" for all functions in order to be able to set
breakpoints with in a debugger.  And use naked "static" for variables.

Noticed by:	bde
2010-10-13 04:01:01 +00:00
jilles
1bfbe947ab sh: Improve the command builtin:
* avoid unnecessary fork
* allow executing builtins via command
* executing a special builtin via command removes its special properties

Obtained from:	NetBSD (parts)
2010-03-06 16:57:53 +00:00
jilles
446838eef9 sh: Fix some bugs with backquoted builtins:
- correctly handle error output in $(builtin 2>&1), clarify out1/out2 vs
  output/errout in the code
- treat all builtins as regular builtins so errors do not abort the shell
  and variable assignments do not persist
- respect the caller's INTOFF

Some bugs still exist:
- expansion errors may still abort the shell
- some side effects of expansions and builtins persist
2010-01-01 18:17:46 +00:00
jilles
9f56916a97 sh: Use PATH= assignment in type.
Example:
  PATH=/var/empty; PATH=/bin type ls
2009-12-31 17:44:24 +00:00
jilles
8e6aa134e5 sh: Allow command -pv and command -pV (lookup using _PATH_STDPATH). 2009-12-31 16:13:33 +00:00
jilles
5e8a2136e7 sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
- const
- initializations to silence -Wuninitialized (it was safe anyway)
- remove nested extern declarations
- rename "index" locals to "idx"
2009-12-27 18:04:05 +00:00
jilles
8e458de852 sh: Constify various strings.
Most of this is adding const keywords, but setvar() in var.c had to be
changed somewhat more.
2009-12-24 18:41:14 +00:00
jilles
fab15b104f sh: Send the "xyz: not found" message to redirected fd 2.
This also fixes that trying to execute a non-regular file with a command
name without '/' returns 127 instead of 126.
The fix is rather simplistic: treat CMDUNKNOWN as if the command were found
as an external program. The resulting fork is a bit wasteful but executing
unknown commands should not be very frequent.

PR:		bin/137659
2009-10-06 22:00:14 +00:00
jilles
0bf6e8da4e sh: Fix crash with empty functions (f() { }) introduced in r196483
Empty pairs of braces are represented by a NULL node pointer, just like
empty lines at the top level.

Support for empty pairs of braces may be removed later. They make the code
more complex, have inconsistent behaviour (may or may not change $?), are
not specified by POSIX and are not allowed by some other shells like bash,
dash and ksh93.

Reported by:	kan
2009-08-28 22:41:25 +00:00
jilles
4a8e08a110 sh: Fix crash when undefining or redefining a currently executing function.
Add a reference count to function definitions.
Memory may leak if multiple SIGINTs arrive in interactive mode,
this will be fixed later by changing SIGINT handling.

PR:		bin/137640
2009-08-23 21:09:46 +00:00
jilles
1f2b1b2840 Designate special builtins as such in command -V and type.
Also document various properties of special builtins that we implement.

Approved by:	ed (mentor) (implicit)
2009-06-24 22:04:04 +00:00
rse
7e3e9ea5ae align coding style with style(9) to avoid misunderstandings 2009-06-01 11:11:46 +00:00
stefanf
51fb928cb8 Report error messages of the builtins 'type' and 'command -V' to stderr instead
of stdout.

Noticed by:	Zajcev Evgeny
2008-11-28 18:55:42 +00:00
stefanf
542ee93dab Use eaccess() instead of access() for the type builtin, like we do for the
test builtin.

Submitted by:	Martin Kammerhofer
2007-01-18 22:31:22 +00:00
stefanf
69e741477c Return an error status (127) from the builtins 'type' and 'command' (with
either -v or -V) if a file with a slash in the name doesn't exist (if there is
no slash we already did that).

Additionally, suppress the error message for command -v for files with a slash.

PR:		107674
Submitted by:	Martin Kammerhofer
2007-01-11 00:19:00 +00:00
stefanf
968438f2fc Implement some of the differences between special built-ins and other builtins
demanded by POSIX.
- A redirection error is only fatal (meaning the execution of a shell script is
  terminated) for special built-ins.  Previously it was fatal for all shell
  builtins, causing problems like the one reported in PR 88845.
- Variable assignments remain in effect for special built-ins.
- Option or operand errors are only fatal for special built-ins.
This change also makes errors from 'fc' non-fatal (I could not find any reasons
for this behaviour).

Somewhat independently from the above down-grade the error handling in the
shift built-in if the operand is bigger than $# from an error() call (which is
now fatal) to a return 1.  I'm not sure if this should be considered a POSIX
"operand error", however this change is needed for now as we trigger that error
while building libncurses.  Comparing with other shells, zsh does the same as
our sh before this change (write a diagnostic, return 1), bash behaves as our
sh after this commit (no diagnostic, return 1) and ksh93 and NetBSD's sh treat
it as a fatal error.
2006-04-09 12:21:20 +00:00
stefanf
21aa82a5ae Add the POSIX options -v and -V to the 'command' builtin. Both describe the
type of their argument, if it is a shell function, an alias, a builtin, etc.
-V is more verbose than -v.

PR:	77259, 84539
2005-10-28 18:37:09 +00:00
stefanf
75938a7293 Use prototypes in the MKINIT lines collected by mkinit. 2005-08-13 08:12:18 +00:00
des
56f202851a Attempting to unset an undefined variable or function should not be
considered an error according to the Open Group Base Specification.

PR:		standards/45738
Submitted by:	Matthias Andree <matthias.andree@web.de>
MFC after:	3 days
2004-09-27 18:43:18 +00:00
markm
4383f14801 Remove clause 3 from the UCB licenses.
OK'ed by:	imp, core
2004-04-06 20:06:54 +00:00
dds
34719e1dbb Changes following CScout analysis:
- Removed dead declarations
- Made objects that should have been declared as static, static.

The changes use STATIC instead of static, following the existing
convention in the rest of the code.

Approved by:	schweikh (mentor)
MFC after:	2 weeks
2003-07-05 15:18:44 +00:00
tjr
2b33063d01 Restore "not found" error message when searching for (or executing)
a program fails because the file or a path component does not exist.

Suggested by:	bde
2002-10-01 11:48:18 +00:00
tjr
6307190b53 Convert the remaining callers of errmsg() to use strerror(), and remove
errmsg() and its table of error messages.
2002-09-29 11:37:39 +00:00
tjr
6f7073eccf Remove broken and incomplete support for old releases of System V,
don't support system that implement getcwd(3) with a pipe to /bin/pwd.
2002-07-19 08:09:04 +00:00