Date: Sun, 12 Mar 2017 18:38:03 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r315169 - in stable/11/bin/sh: . tests/expansion Message-ID: <201703121838.v2CIc3di093370@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Sun Mar 12 18:38:03 2017 New Revision: 315169 URL: https://svnweb.freebsd.org/changeset/base/315169 Log: MFC r314686: sh: Fix crash if a -T trap is taken during command substitution Code like t=$(stat -f %m "$file") segfaulted if -T was active and a trap was taken while the shell was waiting for the child process to finish. What happened was that the dotrap() call in waitforjob() was hit. This re-entered command execution (including expand.c) at a point not expected by expbackq(), and global state (unallocated stack string and argbackq) was corrupted. To fix this, change expbackq() to prepare for command execution to be re-entered. Reported by: bdrewery Added: stable/11/bin/sh/tests/expansion/cmdsubst21.0 - copied unchanged from r314686, head/bin/sh/tests/expansion/cmdsubst21.0 stable/11/bin/sh/tests/expansion/cmdsubst22.0 - copied unchanged from r314686, head/bin/sh/tests/expansion/cmdsubst22.0 Modified: stable/11/bin/sh/expand.c stable/11/bin/sh/tests/expansion/Makefile Directory Properties: stable/11/ (props changed) Modified: stable/11/bin/sh/expand.c ============================================================================== --- stable/11/bin/sh/expand.c Sun Mar 12 18:24:45 2017 (r315168) +++ stable/11/bin/sh/expand.c Sun Mar 12 18:38:03 2017 (r315169) @@ -460,7 +460,6 @@ expbackq(union node *cmd, int quoted, in p = grabstackstr(dest); evalbackcmd(cmd, &in); ungrabstackstr(p, dest); - argbackq = saveargbackq; p = in.buf; nnl = 0; @@ -513,12 +512,16 @@ expbackq(union node *cmd, int quoted, in close(in.fd); if (in.buf) ckfree(in.buf); - if (in.jp) + if (in.jp) { + p = grabstackstr(dest); exitstatus = waitforjob(in.jp, (int *)NULL); + ungrabstackstr(p, dest); + } TRACE(("expbackq: size=%td: \"%.*s\"\n", ((dest - stackblock()) - startloc), (int)((dest - stackblock()) - startloc), stackblock() + startloc)); + argbackq = saveargbackq; expdest = dest; INTON; } Modified: stable/11/bin/sh/tests/expansion/Makefile ============================================================================== --- stable/11/bin/sh/tests/expansion/Makefile Sun Mar 12 18:24:45 2017 (r315168) +++ stable/11/bin/sh/tests/expansion/Makefile Sun Mar 12 18:38:03 2017 (r315169) @@ -42,6 +42,8 @@ ${PACKAGE}FILES+= cmdsubst17.0 ${PACKAGE}FILES+= cmdsubst18.0 ${PACKAGE}FILES+= cmdsubst19.0 ${PACKAGE}FILES+= cmdsubst20.0 +${PACKAGE}FILES+= cmdsubst21.0 +${PACKAGE}FILES+= cmdsubst22.0 ${PACKAGE}FILES+= export1.0 ${PACKAGE}FILES+= export2.0 ${PACKAGE}FILES+= export3.0 Copied: stable/11/bin/sh/tests/expansion/cmdsubst21.0 (from r314686, head/bin/sh/tests/expansion/cmdsubst21.0) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/11/bin/sh/tests/expansion/cmdsubst21.0 Sun Mar 12 18:38:03 2017 (r315169, copy of r314686, head/bin/sh/tests/expansion/cmdsubst21.0) @@ -0,0 +1,6 @@ +# $FreeBSD$ + +set -T +trapped='' +trap "trapped=x$trapped" TERM +[ "x$($SH -c "kill $$")y" = xy ] && [ "$trapped" = x ] Copied: stable/11/bin/sh/tests/expansion/cmdsubst22.0 (from r314686, head/bin/sh/tests/expansion/cmdsubst22.0) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/11/bin/sh/tests/expansion/cmdsubst22.0 Sun Mar 12 18:38:03 2017 (r315169, copy of r314686, head/bin/sh/tests/expansion/cmdsubst22.0) @@ -0,0 +1,6 @@ +# $FreeBSD$ + +set -T +trapped='' +trap "trapped=x$trapped" TERM +[ "x$(:; kill $$)y" = xy ] && [ "$trapped" = x ]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703121838.v2CIc3di093370>