2532 Commits

Author SHA1 Message Date
jilles
8824c5ab76 sh: Fix heap-based buffer overflow in pathname generation.
The buffer for generated pathnames could be too small in some cases. It
happened to be always at least PATH_MAX long, so there was never an overflow
if the resulting pathnames would be usable.

This bug may be abused if a script subjects input from an untrusted source
to pathname generation, which a bad idea anyhow. Most shell scripts do not
work on untrusted data. secteam@ says no advisory is necessary.

PR:		bin/148733
Reported by:	Changming Sun snnn119 at gmail com
MFC after:	10 days
2010-08-10 22:45:59 +00:00
jilles
7aa77c20cf Remove unnecessary duplicate letters in mksyntax.c,
the table elements would just be overwritten twice.
2010-08-08 21:04:27 +00:00
jilles
184699830c sh: Return 0 from eval if no command was given.
This makes a difference if there is a command substitution.

To make this work, evalstring() has been changed to set exitstatus to 0 if
no command was executed (the string contained only whitespace).

Example:
  eval $(false); echo $?
should print 0.
2010-08-03 22:17:29 +00:00
kib
ad97a57b12 Document the new argument parser for sleep(1) and SIGINFO behaviour.
Remove higlight for the unportability notice.

MFC after:	3 weeks
2010-08-02 10:59:23 +00:00
kib
58f67b3672 Simplify argument parser by using sscanf(); simplify usage() by not
refusing to use stdio.
Reduce nesting level in the sleep loop by returning earlier for negative
timeouts.
Limit the maximum timeout to INT_MAX seconds.

Submitted by:	bde
MFC after:	3 weeks
2010-08-02 10:57:56 +00:00
jilles
21076809ad sh: Do not enter consecutive duplicates into the history.
This simply sets a flag in libedit. It has a shortcoming in that it does not
apply to multi-line commands.

Note that a configuration option for this is not going to happen, but always
having this seems better than not having it. NetBSD has done the same.

PR:		bin/54683
Obtained from:	NetBSD
MFC after:	1 month
2010-08-01 16:37:51 +00:00
joel
be2c32910f Spelling fixes. 2010-07-31 21:09:49 +00:00
kib
6bde39054e Deal with proper format for printing time_t.
Reported by:	ache
MFC after:	3 weeks
2010-07-31 17:41:58 +00:00
kib
5895145874 Report the time left for the sleep on SIGINFO.
Be stricter in the checking of interval specification.

PR:	bin/139345
MFC after:	3 weeks
2010-07-31 14:30:11 +00:00
jilles
981d60d218 kill: Stop processing if a syntactically invalid pid is encountered.
So a command like
  kill _HUP 1
now fails without sending SIGTERM to init.

The behaviour when kill(2) fails remains unchanged: processing continues.
This matches other implementations and POSIX and is useful for killing
multiple processes at once when some of them may already be gone.

PR:		bin/40282
2010-07-29 16:40:45 +00:00
bcr
b14508778a Typo fix: s/ommited/omitted
MFC after: 4 days
2010-07-27 17:33:02 +00:00
jilles
f8f703f788 sh: Fix crash due to uninitialized here-document.
If an ; or & token was followed by an EOF token, pending here-documents were
left uninitialized. Execution would crash, either in the main shell process
for literal here-documents or in a child process for expanded
here-documents. In the latter case the problem is hard to detect apart from
the core dumps and log messages.

Side effect: slightly different retries on inputs where EOF is not
persistent.

Note that tools/regression/bin/sh/parser/heredoc6.0 still causes a similar
crash in a child process. The text passed to eval is malformed and should be
rejected.
2010-07-25 22:25:52 +00:00
trasz
940c4d597c Fix alignment for the 'flags' label, and make more room for 'tdev'.
MFC after:	1 month
2010-07-24 15:37:36 +00:00
trasz
fb4120ccfd Add P_HASTHREADS flag description. 2010-07-24 15:24:12 +00:00
jilles
8be68756a9 sh: Allow a background command consisting solely of redirections.
Example:
  </dev/null &

MFC after:	2 weeks
2010-07-18 12:45:31 +00:00
jilles
7e0d773037 sh: There cannot be a TNOT in simplecmd(), remove checks.
simplecmd() only handles simple commands and function definitions, neither
of which involves the ! keyword. The initial token on entry to simplecmd()
is one of the following: TSEMI, TAND, TOR, TNL, TEOF, TWORD, TRP.
2010-07-14 22:31:45 +00:00
brian
0912059eb6 Add -l to the synopsis
Submitted by:	jhell at dataix dot net
MFC after:	3 days
2010-07-12 01:58:46 +00:00
jilles
4ae2ec7aa4 sh: Use $PWD instead of getcwd() for the \w and \W prompt expansions.
This ensures that the logical working directory (which may include
symlinks) is shown and is similar to the default behaviour of the pwd
builtin.
2010-07-02 22:17:13 +00:00
jilles
8fcbe1caf8 sh: Forget about terminated background processes sooner.
Unless $! has been referenced for a particular job or $! still contains that
job's pid, forget about it after it has terminated. If $! has been
referenced, remember the job until the wait builtin has reported its
completion (either with the pid as parameter or without parameters).

In interactive mode, jobs are forgotten after termination has been reported,
which happens before primary prompts and through the jobs builtin. Even
then, though, remember a job if $! has been referenced.

This is similar to what is suggested by POSIX and should fix most memory
leaks (which also tend to cause sh to use more CPU time) with long running
scripts that start background jobs.

Caveats:
* Repeatedly referencing $! without ever doing 'wait', like
    while :; do foo & echo started foo: $!; sleep 60; done
  will still use a lot of memory and CPU time in the long run.
* The jobs and jobid builtins do not cause a job to be remembered for longer
  like expanding $! does.

PR:		bin/55346
2010-06-29 22:37:45 +00:00
brian
f16fb8206e Recognise the -l switch with pkill - list kill command(s) used.
PR:		143558
Submitted by:	eitanadlerlist at gmail dot com
MFC after:	3 weeks
2010-06-20 08:48:30 +00:00
jilles
9620b35016 sh: Fix compilation with -DNO_HISTORY.
The LINENO code uses snprintf() and relied on "myhistedit.h" to pull in the
necessary <stdio.h>.

Compiling with -DNO_HISTORY disables all editing and history support and
allows linking without -ledit -ltermcap. This may be useful for embedded
systems.

MFC after:	2 weeks
2010-06-19 10:33:04 +00:00
jilles
714627407c sh: Add filename completion.
This uses the new libedit completion function with quoting support.

Unlike NetBSD, there is no 'set +o tabcomplete' option to disable
completion. I do not see any reason for such a special treatment, as
completion is rather useful and it is possible to do
  bind ^I ed-insert
to disable completion and insert a tab character instead.

Submitted by:	Guy Yur
2010-06-15 21:58:40 +00:00
uqs
763b37912d More mdoc nitpicking to improve compatibility to mdocml
- .Nd in section NAME is not optional
- .Ed was missing
- "indent" is not a flag, but a literal argument for -offset
- stop switching font sizes for acronyms
- use .Brq instead of rolling our own
2010-06-11 06:04:07 +00:00
jilles
caf58c06dc sh: Pass through SIGINT from a child if interactive and job control
is enabled.

This already worked if without job control.

In either case, this depends on it that a process that terminates due to
SIGINT exits on it (so not with status 1, or worse, 0).

Example:
  sleep 5; echo continued
This does not print "continued" any more if sleep is aborted via ctrl+c.

MFC after:	1 month
2010-06-06 22:27:32 +00:00
trasz
0bb05a5f0f Don't try to copy a socket after "xxx is a socket (not copied)." message.
Previously, it would either try to copy it anyway and fail (without -R),
or create fifo instead of the socket (with -R).

Found with:	Coverity Prevent
CID:		5623
MFC after:	2 weeks
2010-06-05 08:50:39 +00:00
brian
bf8440aa76 Explain that setting an absolute day value can fail and that the month should
usually be set first when using -v.

Adjust an example that sets the day to 30 before setting the month to 3 in
accordance with this approach as the example would always fail in February!

PR:		147354
MFC after:	2 weeks
2010-06-04 06:56:58 +00:00
jilles
e5f96a4e05 sh: Pass TERM changes to libedit.
I have changed the patch slightly to ignore TERM changes in subshells.

PR:		bin/146916
Submitted by:	Guy Yur
Obtained from:	NetBSD
2010-06-02 19:16:58 +00:00
uqs
fca046e372 Zero struct before reading from it
PR:	   140384
Found by:  clang static analyzer
MFC after: 3 weeks
2010-06-02 09:34:41 +00:00
jilles
e65f4ccf95 sh: Fix a crash if a heredoc was not properly ended and parsing continued.
Example (in interactive mode):
  cat <<EOF && )
The next command typed caused sh to segfault, because the state for the here
document was not reset.

Like parser_temp, this uses the fact that the parser is not re-entered.
2010-05-30 14:20:32 +00:00
jilles
930ce39226 sh: Change interaction of command substitution and here documents.
If a command substitution contains a newline token, this no longer starts
here documents of outer commands. This way, we follow POSIX's idea of the
command substitution being a separate script more closely. It also matches
other shells better and is consistent with newline characters in quotes not
starting here documents.

The extension tested in parser/heredoc3.0 ($(cat <<EOF)\ntext\nEOF\n)
continues to be supported.

In particular, this change allows things like
  cat <<EOF && echo `pwd`
(a `` command substitution after a here document)
which formerly silently used an empty file as the here document, because the
EOF of the inner command "pwd" also forced an empty here document.
2010-05-30 14:11:27 +00:00
jilles
c5fcbff43a sh: Recognize "--" in . and exec.
Although "--" historically has not been required to be recognized for
certain special builtins that do not take options in POSIX, some other
implementations recognize options for them, requiring scripts to use "--" or
avoid operands starting with "-".

Operands starting with "-" can be avoided with eval by prepending a space,
and cannot occur with break, continue, exit, return and shift as they only
take numbers, nor with times as it does not take operands. With . and exec,
avoiding "-" is not so easy as it may require reimplementing the PATH
search; therefore the current proposal for POSIX is to require recognition
of "--" for them.

We continue to accept other strings starting with "-" as operands to . and
exec, and also "--" if it is alone to . (which would otherwise be invalid
anyway).
2010-05-28 22:40:24 +00:00
jilles
ce59c74efd sh(1): Rework documentation of shell variables.
* Move the "environment variables" that do not need exporting to be
  effective or that are set by the shell without exporting to a new section
  "Special Variables".
* Add special variables LINENO and PPID.
* Add environment variables LANG, LC_* and PWD; also describe ENV under
  environment variables.
2010-05-24 15:12:12 +00:00
jilles
cc01dc82d8 sh(1): Improve wording of 'Special Parameters' section. 2010-05-24 13:28:12 +00:00
jilles
95d1dcb0f4 sh: Reap any zombies before forking for a background command.
This prevents accumulating huge amounts of zombies if a script executes
many background commands but no external commands or subshells.

Note that zombies will not be reaped during long calculations (within
the shell process) or read builtins, but those actions do not create
more zombies.

The terminated background commands will also still be remembered by the
shell.

PR:		bin/55346
2010-05-24 10:35:57 +00:00
uqs
60e8c402f3 Fix back references in substitute command for pax(1)
pax(1) was trying to copy the back-referenced data from
the match pattern, not the matched data.

PR:		bin/118132
Obtained from:	Debian bug #451361
Reviewed by:	jilles
MFC after:	3 weeks
2010-05-24 06:33:14 +00:00
trasz
5508b47842 Update authors and history.
MFC after:	1 week
2010-05-13 16:46:23 +00:00
jilles
c49fe4933f sh: Fix pathname expansion with quoted slashes like *\/.
These are git commits 36f0fa8fcbc8c7b2b194addd29100fb40e73e4e9 and
d6d06ff5c2ea0fa44becc5ef4340e5f2f15073e4 in dash.

Because this is the first code I'm importing from dash to expand.c, add the
Herbert Xu copyright notice which is in dash's expand.c.

When pathname expanding *\/, the CTLESC representing the quoted state was
erroneously taken as part of the * pathname component. This CTLESC was then
seen by the pattern matching code as escaping the '\0' terminating the
string.

The code is slightly different because dash converts the CTLESC characters
to backslashes and removes all the other CTL* characters to allow
substituting glob(3).

The effect of the bug was also slightly different from dash (where nothing
matched at all). Because a CTLESC can escape a '\0' in some way, whether
files were included despite the bug depended on memory that should not be
read. In particular, on many machines /*\/ expanded to a strict subset of
what /*/ expanded to.

Example:
  echo /*"/null"

This should print /dev/null, not /*/null.

PR:		bin/146378
Obtained from:	dash
2010-05-11 23:19:28 +00:00
jilles
48c5cd85a6 sh(1): Fix "reserved word" vs "keyword" inconsistency.
Use "keyword" everywhere, like the output of the 'type' builtin, and only
mention "reserved word" once to say it is the same thing.
2010-05-09 22:03:18 +00:00
jilles
6a8de408d7 sh: Have only one copy of _PATH_STDPATH in the binary. 2010-05-08 14:00:01 +00:00
jilles
f3856c6cf2 sh: Apply locale vars on builtins, recognize LC_MESSAGES as a locale var.
This allows doing things like LC_ALL=C some_builtin to run a builtin under a
different locale, just like is possible with external programs. The
immediate reason is that this allows making printf(1) a builtin without
breaking things like LC_NUMERIC=C printf '%f\n' 1.2

This change also affects special builtins, as even though the assignment is
persistent, the export is only to the builtin (unless the variable was
already exported).

Note: for this to work for builtins that also exist as external programs
such as /bin/test, the setlocale() call must be under #ifndef SHELL. The
shell will do the setlocale() calls which may not agree with the environment
variables.
2010-05-05 21:48:40 +00:00
jilles
88403fad18 sh: Use stalloc for arith variable names.
This is simpler than the custom memory tracker I added earlier, and is also
needed by the dash arith code I plan to import.
2010-04-25 20:43:19 +00:00
jilles
ae7b50400b symlink(7): Add lpathconf(2) and *at system calls.
MFC after:	1 week
2010-04-25 13:29:59 +00:00
jilles
92afafdbae symlink(7): The ownership of symlinks is used by the system,
in at least three ways, so do not say it is ignored:
* who may delete/rename a symlink in a sticky directory
* who may do lchflags(2)/lchown(2)/lchmod(2)
* whose inode quota is charged

MFC after:	1 week
2010-04-25 13:13:23 +00:00
jilles
1a724f1dca ln: Allow a trailing slash when creating a link to a directory.
In the 'ln source... directory' synopsis, the basename of each source
determines the name of the created link. Determine this using basename(3)
instead of strrchr(..., '/') which is incorrect if the pathname ends in a
slash.

The patch is somewhat changed to allow for basename(3) implementations that
change the passed pathname, and to fix the -w option's checking also.
The code to compare directory entries only applies to hard links, which
cannot be created to directories using ln.

Example:
  ln -s /etc/defaults/ /tmp
This should create a symlink named defaults.

PR:		121568
Submitted by:	Ighighi
MFC after:	1 week
2010-04-21 21:57:03 +00:00
jilles
fd633ce008 ln: Refuse deleting a directory entry by hardlinking it to itself.
Two pathnames refer to the same directory entry iff the directories match
and the final components' names match.

Example: (assuming file1 is an existing file)
  ln -f file1 file1
This now fails while leaving file1 intact. It used to delete file1 and then
complain it cannot be linked because it is gone.

With -i, this error is detected before the question is asked.

MFC after:	2 weeks
2010-04-17 22:39:53 +00:00
jilles
286029c478 sh: On startup of the shell, use PWD from the environment if it is valid.
Unset PWD if it is incorrect and no value for it can be determined.
This preserves the logical current directory across shell invocations.

Example (assuming /home is a symlink):
$ cd
$ pwd
/home/foo
$ sh
$ pwd
/home/foo

Formerly the second pwd would show the physical path (symlinks resolved).
2010-04-17 14:35:46 +00:00
uqs
3960614646 mdoc: order prologue macros consistently by Dd/Dt/Os
Although groff_mdoc(7) gives another impression, this is the ordering
most widely used and also required by mdocml/mandoc.

Reviewed by:	ru
Approved by:	philip, ed (mentors)
2010-04-14 19:08:06 +00:00
kib
a00ca9686b Update the list of the process flags for P_WKILLED.
MFC after:	4 weeks
2010-04-13 08:54:53 +00:00
jilles
160d26da32 sh: Partially revert r206146, allowing double-quotes in arithmetic.
These do pretty much nothing (except that parentheses are ignored), but
people seem to use them and allowing them does not hurt much.

Single-quotes seem not to be used and cause silently different behaviour
with ksh93 character constants.
2010-04-11 12:24:47 +00:00
jilles
f43d9cd171 sh: Automatically enable -o emacs in interactive shells with terminals.
This makes sh a bit more friendly in single user mode, make buildenv, chroot
and the like, and matches other shells.

The -o emacs can be overridden on the command line or in the ENV file.
2010-04-05 14:15:51 +00:00