summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko2021-06-06 12:07:11 +0200
committerDenys Vlasenko2021-06-06 12:08:43 +0200
commit457825f77a7c7286647ee888a1000a6bb12ca8fc (patch)
treef4deac5510cbae6299b964f48d4c8cad8bde3ce4
parenta1b0d3856d9a0419cb74bf4c87525265871b5868 (diff)
downloadbusybox-457825f77a7c7286647ee888a1000a6bb12ca8fc.zip
busybox-457825f77a7c7286647ee888a1000a6bb12ca8fc.tar.gz
shells: do not allow bare "read" in non-bash compat configs
On Sat, Feb 9, 2019 Cristian Ionescu-Idbohrn wrote: > In my case (at work), I have to watch and prevent people from doing > unportable things. For me, that's a burden. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--libbb/getopt32.c11
-rw-r--r--shell/ash.c4
-rw-r--r--shell/hush.c13
-rw-r--r--shell/shell_common.c2
4 files changed, 22 insertions, 8 deletions
diff --git a/libbb/getopt32.c b/libbb/getopt32.c
index 3785100..5ab4d66 100644
--- a/libbb/getopt32.c
+++ b/libbb/getopt32.c
@@ -89,6 +89,12 @@ getopt32(char **argv, const char *applet_opts, ...)
root:x:0:0:root:/root:/bin/bash
user:x:500:500::/home/user:/bin/bash
+ "^" options string is "^optchars""\0""opt_complementary".
+
+ "!" If the first character in the applet_opts string is a '!',
+ report bad options, missing required options,
+ inconsistent options with all-ones return value (instead of abort.
+
"+" If the first character in the applet_opts string is a plus,
then option processing will stop as soon as a non-option is
encountered in the argv array. Useful for applets like env
@@ -96,10 +102,7 @@ getopt32(char **argv, const char *applet_opts, ...)
env -i ls -d /
Here we want env to process just the '-i', not the '-d'.
- "!" Report bad options, missing required options,
- inconsistent options with all-ones return value (instead of abort).
-
- "^" options string is "^optchars""\0""opt_complementary".
+ (The order of multiple prefixes must be "^!+...")
uint32_t
getopt32long(char **argv, const char *applet_opts, const char *logopts...)
diff --git a/shell/ash.c b/shell/ash.c
index 05c4795..bcf7a34 100644
--- a/shell/ash.c
+++ b/shell/ash.c
@@ -14161,6 +14161,10 @@ readcmd(int argc UNUSED_PARAM, char **argv UNUSED_PARAM)
}
}
+ if (!ENABLE_ASH_BASH_COMPAT && !argptr) {
+ bb_simple_error_msg("read: need variable name");
+ return 1;
+ }
params.argv = argptr;
params.setvar = setvar0;
params.ifs = bltinlookup("IFS"); /* can be NULL */
diff --git a/shell/hush.c b/shell/hush.c
index 144ad3e..77921e1 100644
--- a/shell/hush.c
+++ b/shell/hush.c
@@ -4251,7 +4251,7 @@ static int done_word(struct parse_context *ctx)
|| endofname(command->argv[0])[0] != '\0'
) {
/* bash says just "not a valid identifier" */
- syntax_error("not a valid identifier in for");
+ syntax_error("bad variable name in for");
return 1;
}
/* Force FOR to have just one word (variable name) */
@@ -10799,10 +10799,17 @@ static int FAST_FUNC builtin_read(char **argv)
*/
params.read_flags = getopt32(argv,
# if BASH_READ_D
- "!srn:p:t:u:d:", &params.opt_n, &params.opt_p, &params.opt_t, &params.opt_u, &params.opt_d
+ IF_NOT_HUSH_BASH_COMPAT("^")
+ "!srn:p:t:u:d:" IF_NOT_HUSH_BASH_COMPAT("\0" "-1"/*min 1 arg*/),
+ &params.opt_n, &params.opt_p, &params.opt_t, &params.opt_u, &params.opt_d
# else
- "!srn:p:t:u:", &params.opt_n, &params.opt_p, &params.opt_t, &params.opt_u
+ IF_NOT_HUSH_BASH_COMPAT("^")
+ "!srn:p:t:u:" IF_NOT_HUSH_BASH_COMPAT("\0" "-1"/*min 1 arg*/),
+ &params.opt_n, &params.opt_p, &params.opt_t, &params.opt_u
# endif
+//TODO: print "read: need variable name"
+//for the case of !BASH "read" with no args (now it fails silently)
+//(or maybe extend getopt32() to emit a message if "-1" fails)
);
if ((uint32_t)params.read_flags == (uint32_t)-1)
return EXIT_FAILURE;
diff --git a/shell/shell_common.c b/shell/shell_common.c
index e3d6783..2e36d92 100644
--- a/shell/shell_common.c
+++ b/shell/shell_common.c
@@ -59,7 +59,7 @@ shell_builtin_read(struct builtin_read_params *params)
while (*pp) {
if (endofname(*pp)[0] != '\0') {
/* Mimic bash message */
- bb_error_msg("read: '%s': not a valid identifier", *pp);
+ bb_error_msg("read: '%s': bad variable name", *pp);
return (const char *)(uintptr_t)1;
}
pp++;