Nadav Tasher <[email protected]> wrote: > static void >-tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char >**argv, char **envp) >+tryexec(const char *cmd, char **argv, char **envp) > { > #if ENABLE_FEATURE_SH_STANDALONE >- if (applet_no >= 0) { >- if (APPLET_IS_NOEXEC(applet_no)) { >- clearenv(); >- while (*envp) >- putenv(*envp++); >- popredir(/*drop:*/ 1); >- run_noexec_applet_and_exit(applet_no, cmd, argv); >- } >- /* re-exec ourselves with the new arguments */ >- execve(bb_busybox_exec_path, argv, envp); >- /* If they called chroot or otherwise made the binary no longer >- * executable, fall through */ >- }
This removes the call to popredir() without providing any replacement. Since it's an internal ash function it can't be called from BB_EXECVPE. The call was introduced in commit b31b61bb9b with this description: ash: fix redir_leak.tests if STANDALONE=y If STANDALONE and we run a NOEXEC applet, saved copies of redirected fds were visible for the child. They have CLOEXEC bit, yes, but we do not exec in this case. Although the patch set doesn't touch hush, the _other_ shell in BusyBox, it has a similar requirement. Before running a NOEXEC applet it calls two internal functions: close_saved_fds_and_FILE_fds() and switch_off_special_sigs(). Cheers, Ron _______________________________________________ busybox mailing list [email protected] https://lists.busybox.net/mailman/listinfo/busybox
