summaryrefslogtreecommitdiff
path: root/editors/sed.c
AgeCommit message (Collapse)Author
2005-05-18Patch from Colin Watson (mangled slightly by Rob Landley):Rob Landley
This patch implements the 'T' command in sed. This is a GNU extension, but one of the udev hotplug scripts uses it, so I need it in busybox anyway. Includes a test; 'svn add testsuite/sed/sed-branch-conditional-inverted' after applying.
2005-05-18Doug Swarin pointed out a security bug in the -i option of sed.Rob Landley
While the permissions on the temp file are correct to prevent it from being maliciously mangled by passing strangers, (created with 600, opened O_EXCL, etc), the permissions on the _directory_ might not be, and we re-open the file to convert the filehandle to a FILE * (and automatically get an error message and exit if the directory's read-only or out of space or some such). This opens a potential race condition if somebody's using dnotify on the directory, deletes/renames the tempfile, and drops a symlink or something there. Somebody running sed -i as root in a world writeable directory could do damage. I dug up notes on an earlier discussion where we looked at the security implications of this (unfortunately on the #uclibc channel rather than email; I don't have a transcript, just notes-to-self) which pointed out that if the permissions on the directory allow other people's files to be deleted/renamed then the original file is vulnerable to sabotage anyway. However, there are two cases that discussion apparently didn't take into account: 1) Using another user's permissions to damage files in other directories you can't access (standard symlink attack). 2) Reading data another user couldn't otherwise access by having the new file belong to that other user. This patch uses fdopen to convert the filehandle into a FILE *, rather than reopening the file.
2005-04-16Patch from Bernhard Fischer to make a bunch of symbols staticEric Andersen
which were otherwise cluttering the global namespace.
2004-11-25Hiroshi found another bug. Currently sed's $ triggers at end of every file,Rob Landley
and with multiple files SuSv3 says it should only trigger at the end of the LAST file. The trivial fix I tried first broke if the last file is empty. Fixing this properly required restructuring things to create a file list (actually a FILE * list), and then processing it all in one go. (There's probably a smaller way to do this, merging with append_list perhaps. But let's get the behavior correct first.) Note that editing files in place (-i) needs the _old_ behavior, with $ triggering at the end of each file. Here's a test of all the things this patch fixed. gnu and busybox seds produce the same results with this patch, and different without it. echo -n -e "1one\n1two\n1three" > ../test1 echo -n > ../test2 echo -e "3one\n3two\n3three" > ../test3 sed -n "$ p" ../test1 ../test2 ../test3 sed -n "$ p" ../test1 ../test2 sed -i -n "$ p" ../test1 ../test2 ../test3
2004-10-30Hiroshi Ito found some bugs. The 'c' command (cut and paste) was hardwiredRob Landley
to not put a newline at the end (which was backwards, it should have been hardwired _to_ put a newline at the end, whether or not the input line ended with a newline). Test case for that: echo | sed -e '$ctest' And then this would segfault: echo | sed -e 'g' Because pattern_space got freed but the dead pointer was only overwritten in an if statement that didn't trigger if the hold space was empty. Oops. While debugging it, I found out that the hold space is persistent between multiple input files, so I promoted it to a global and added it to the memory cleanup. The relevant test case (to compare with That Other Sed) is: echo -n woo > woo sed -e h -e g woo echo "fish" | sed -e '/woo/h' -e "izap" -e 's/woo/thingy/' -e '/fish/g' woo - And somebody gratuitously stuck in a c99 int8_t type for something that's just a flag, so I grouped the darn ints.
2004-05-26Rob Landley writes:Eric Andersen
add sed -r support. I bumped into a couple of things that want to use extended regular expressions in sed, and it really isn't that hard to add. Can't say I've extensively tested it, but it's small and isn't going to break anything that doesn't use it, so... Rob
2004-05-16Use int instead of char for return type, in theory avoiding a castGlenn L McGrath
2004-05-10Fix for debian bug #248106, should use int for returned getopt value.Glenn L McGrath
2004-04-25Update my email address, document some of my tasks in the AUTHORS fileGlenn L McGrath
2004-04-21This sed patch can only be described as "duh". Stat the source file, chmodEric Andersen
the _destination_ file. (Ah hah! That works _much_ better...) I implemented the behavior, I just forgot to test this corner of it. My fault, sorry... No, gnu sed -i doesn't preverve ownership information. I checked. Permissions, yes, ownership info, no. Rob
2004-04-21So I'm building a linux from scratch system, using a working script to do thisEric Andersen
that the _only_ change to is that gnu sed has been replaced with busybox sed. And ncurses' install phase hangs. I trace it down, and it's trying to run gawk. (Insert obligatory doubletake, but this is FSF code we're talking about, so...) It turns out gawk shells out to sed, ala "sed -f /tmp/blah file.h". The /tmp/blah file is basically empty (it contains one character, a newline). So basically, gawk is using sed as "cat". With gnu sed, it works like cat, anyway. With busybox sed, it tests if its command list is empty after parsing the command line, and if the list is empty it takes the first file argument as a sed command string, and if that leaves the file list empty it tries to read the data to operate on from stdin. (Hence the hang, since nothing's coming in on stdin...) It _should_ be testing whether there were any instances of -f or -e, not whether it actually got any commands. Using sed as cat may be kind of stupid, but it's valid and gawk relies on this behavior. Here's a patch to fix it, turning a couple of ints into chars in hopes of saving a bit of the space this adds. Comments? Rob
2004-04-14Larry Doolittle writes:Eric Andersen
This is a bulk spelling fix patch against busybox-1.00-pre10. If anyone gets a corrupted copy (and cares), let me know and I will make alternate arrangements. Erik - please apply. Authors - please check that I didn't corrupt any meaning. Package importers - see if any of these changes should be passed to the upstream authors. I glossed over lots of sloppy capitalizations, missing apostrophes, mixed American/British spellings, and German-style compound words. What is "pretect redefined for test" in cmdedit.c? Good luck on the 1.00 release! - Larry
2004-04-01The last patch broke:Rob Landley
sed -i "/^boo/a fred" ipsec.conf Which works in gnu sed. (And is _supposed_ to strip all the whitespace before "fred".) It also broke: sed -i -e "/^boo/a \\" -e " fred" ipsec.conf I.E. there can legally be spaces between the a and the backslash at the end of the line. And strangely enough, gnu sed accepts the following syntax as well: sed -i "/^boo/a \\ fred" ipsec.conf Which is a way of having the significant whitespace at the start of the line, all on one line. (But notice that the whitespace BEFORE the slash is still stripped, as is the slash itself. And notice that the naieve placement of "\n" there doesn't work, it puts an n at the start of the appended line. The double slashing is for shell escapes because you could escape the quote, you see. It's turned into a single backslash. But \n there is _not_ turned into a newline by the shell. So there.) This makes all three syntaxes work in my tests. I should probably start writing better documentation at some point. I posted my current sedtests.py file to the list, which needs a lot more tests added as well...
2004-03-31Junio Hamano, junio at twinsun dot com writes:Eric Andersen
The sed command in busybox 1.0.0-pre8 loses leading whitespace in 'a' command ('i' and 'c' commands are also affected). A patch to fix this is attached at the end of this message. The following is a transcript that reproduces the problem. The first run uses busybox 1.0.0-pre3 as "/bin/sed" command, which gets the expected result. Later in the test, /bin/sed symlink is changed to point at busybox 1.0.0-pre8 and the test script is run again, which shows the failure. === reproduction recipe === * Part 1. Use busybox 1.0.0-pre3 as sed; this works. root# cd /tmp root# cat 1.sh #!/bin/sh cd /tmp rm -f ipsec.conf ipsec.conf+ cat >ipsec.conf <<\EOF version 2.0 config setup klipsdebug=none plutodebug=none plutostderrlog=/dev/null conn %default keyingtries=1 ... EOF sed -e '/^config setup/a\ nat_traversal=yes' ipsec.conf >ipsec.conf+ mv -f ipsec.conf+ ipsec.conf root# sh -x 1.sh + cd /tmp + rm -f ipsec.conf ipsec.conf+ + cat + sed -e /^config setup/a\ nat_traversal=yes ipsec.conf + mv -f ipsec.conf+ ipsec.conf root# cat ipsec.conf version 2.0 config setup nat_traversal=yes klipsdebug=none plutodebug=none plutostderrlog=/dev/null conn %default keyingtries=1 ... root# sed --version sed: invalid option -- - BusyBox v1.00-pre3 (2004.02.26-18:47+0000) multi-call binary Usage: sed [-nef] pattern [files...] * Part 2. Continuing from the above, use busybox 1.0.0-pre8 as sed; this fails. root# ln -s busybox-pre8 /bin/sed-8 root# mv /bin/sed-8 /bin/sed root# sed --version This is not GNU sed version 4.0 root# sed -- BusyBox v1.00-pre8 (2004.03.30-02:44+0000) multi-call binary Usage: sed [-nef] pattern [files...] root# sh -x 1.sh + cd /tmp + rm -f ipsec.conf ipsec.conf+ + cat + sed -e /^config setup/a\ nat_traversal=yes ipsec.conf + mv -f ipsec.conf+ ipsec.conf root# cat ipsec.conf version 2.0 config setup nat_traversal=yes klipsdebug=none plutodebug=none plutostderrlog=/dev/null conn %default keyingtries=1 ... root# === reproduction recipe ends here === This problem was introduced in 1.0.0-pre4. The problem is that the command argument parsing code strips leading whitespaces too aggressively. When running the above example, the piece of code in question gets "\n\tnat_traversal=yes" as its argument in cmdstr variable (shown part in the following patch). What it needs to do at this point is to strip the first newline and nothing else, but it instead strips all the leading whitespaces at the beginning of the string, thus losing the tab character. The following patch fixes this.
2004-03-15Remove trailing whitespace. Update copyright to include 2004.Eric Andersen
2004-02-18Add -i option to sed, to edit files in-place.Rob Landley
2004-02-04Rob Landley writes:Eric Andersen
While building glibc with busybox as part of the development environment, I found a bug in glibc's regexec can throw sed into an endless loop. This fixes it. Should I put an #ifdef around it or something? (Note, this patch also contains the "this is not gnu sed 4.0" hack I posted earlier, which is also needed to build glibc...)
2004-01-04Thinko in s//options. (Whitespace skipping in the wrong place.)Rob Landley
2003-12-23Patch from Matt Kraai:Eric Andersen
sed is broken: busybox sed -n '/^a/,/^a/p' >output <<EOF a b a b EOF cmp -s output - <<EOF a b a EOF The attached patch fixes it.
2003-10-09Fix some warnings that have crept in recentlyEric Andersen
2003-10-09Comaptability with gcc-2.95Glenn L McGrath
2003-10-04Patch from Rob Landley;Glenn L McGrath
Moving on to building diffutils, busybox sed needs this patch to get past the first problem. (Passing it a multi-line command line argument with -e works, but if you don't use -e it doesn't break up the multiple lines...)
2003-10-01Patch from Rob Landley to fix backrefsGlenn L McGrath
2003-10-01Patch by Rob Landley, fix "newline after edit command"Glenn L McGrath
2003-10-01Patch by Rob Landley, work in progress update, fixes lots of bugs,Glenn L McGrath
introduces a few others (but they are being worked on)
2003-09-24Fix some typo's, remove some extra free statementsGlenn L McGrath
2003-09-16Configuration option to define wether to follows GNU sed's behaviour Glenn L McGrath
or the posix standard. Put the cleanup code back the way it was.
2003-09-16Fix a bug that creapt in recently with substitution subprinting, and addGlenn L McGrath
a test for it.
2003-09-15Fix a simple mistake with pattern space, and add a test for itGlenn L McGrath
2003-09-15Fix some memory allocation problemsGlenn L McGrath
----------------------------------------------------------------------
2003-09-15Add a test for the 'P' command and fix current implementation so itGlenn L McGrath
doesnt permanently modify the pattern space.
2003-09-15A test and fix for the sed 'n' commandGlenn L McGrath
2003-09-15Fix for the sed-append-next-line testGlenn L McGrath
2003-09-15Fix recursion problemGlenn L McGrath
2003-09-14Memory cleanups and fix for `echo "foo" | sed 's/foo/bar/;H;q'`Glenn L McGrath
2003-09-14Cleanup memory usageGlenn L McGrath
2003-09-14The previous fix for 's/a/1/;s/b/2/;t one;p;:one;p' broke the case ofGlenn L McGrath
echo fooba | ./busybox sed -n 's/foo//;s/bar/found/p' I really need to start adding these tests to the testsuite. keep the substituted and altered flags seperate
2003-09-14Preserve substitution flag value within the current line.Glenn L McGrath
Fixed the following testcase # cat strings |./busybox sed -n -f test3.sed 1 1 2 c c # cat strings a b c
2003-09-14Fix branching commands.Glenn L McGrath
If a label isnt specified, jump to end of script, not the last command in the script. Print an error and exit if you try and jump to a non-existant label Works for the following testcase # cat strings a b c d e f g # cat strings | ./busybox sed -n '/d/b;p' a b c e f g
2003-09-14Patch from Rob Landley Glenn L McGrath
Fixed a memory leak in add_cmd/add_cmd_str by moving the allocation of sed_cmd down to where it's actually first needed. In get_address, if index_of_next_unescaped_regexp_delim ever failed, we wouldn't notice because the return value was added to idx, which was already guaranteed to be > 0. (This is buried in the changes made when I redid get_address to be based on pointer arithmetic, because all the tests were gratuitously dereferencing with a constant zero, which wasn't obvious.) Comment in parse_regex_delim was wrong: 's' and 'y' both call it. The reason "sed_cmd->num_backrefs = 0;" isn't needed is that sed_cmd was allocated with cmalloc, which zeroes memory. Different handling of space after \ in i... Different handling of pattern "s/a/b s/c/d" Cool, resursive reads don't cause a crash. :) Fixed "sed -f blah filename - < filename" since GNU sed was handling both - and filenames on the same line. (You can even list - more than once, although it's immediate EOF...)
2003-09-14Stupid typoGlenn L McGrath
2003-09-14Fix some memory allocation problemsGlenn L McGrath
2003-09-13Fix the following testcase by disabling global substitution if the regexGlenn L McGrath
is anchored to the start of line, there can be only one subst. echo "aah" | sed 's/^a/b/g'
2003-09-13Fix the following testcase by storing the state of the adress match withGlenn L McGrath
the command. # cat strings a b c d e f g # ./busybox sed '1,2d;4,$d' <strings c # ./busybox sed '4,$d;1,2d' <strings # sed '4,$d;1,2d' <strings c # sed '1,2d;4,$d' <strings c
2003-08-30Fix the substitution print subcommand, it should only print if itsGlenn L McGrath
own substitution matched, not previous ones. e.g echo fooba | sed -n 's/foo//;s/bar/found/p' shouldnt print anything
2003-04-26New commands, 'G' and 'H'Glenn L McGrath
2003-04-12Fix logic error in grouped commandsGlenn L McGrath
2003-04-11Fix up indentingGlenn L McGrath
2003-04-09Really fix the 'r' commandGlenn L McGrath
2003-04-09Fix the sed 'r' commandGlenn L McGrath