Re: www/lynx abort trap

Thu, 06 Jul 2017 03:34:28 -0700 

On Wed, Jul 05, 2017 at 09:29:49AM +0100, Stuart Henderson wrote:

> > The www/lynx port has execution of external programs disabled. However,
> > trying to use features which spawn external programs just causes it to 
> > crash.
> > If I understand correctly, it is not supposed to call external programs,
> > but it also shouldn't just crash if you try to.
> > 
> > Steps to reproduce (or at least one way):
> > 1. Add 'DOWNLOADER:Open with feh:feh %s' to /etc/lynx.cfg (replace
> > 'feh' with any image viewer).
> > 2. Run 'lynx https://www.openbsd.org/images/rack2009-s.png' (for example)
> > and press 'd' to download the image.
> > 3. Choose 'Open with feh'; lynx will crash with 'Abort trap (core dumped)'.

> The lynx port uses pledge(7) to disallow certain operations, including
> spawning another process. If those operations are attempted anyway,
> it *is* supposed to crash.
> 
> It would be a little nicer if the operation just failed rather than
> crashing the process, however the end result would still be "can't
> do what you want", so the simplest way to do that is to avoid setting
> DOWNLOADER: to open the file.

Agreed, the following diff should take care of that, it avoids parsing
DOWNLOADER directives from lynx.cfg. While there I also did the same
for the PRINTER directives, which are using the same scheme.

As a side note, there is no need to explicitely disable parsing UPLOADER
directives because we --disable-dired at configure time, nor EXTERNAL
directives as we do not build with --enable-externs.

Comments? OK?

Index: Makefile
===================================================================
RCS file: /cvs/ports/www/lynx/Makefile,v
retrieving revision 1.34
diff -u -p -r1.34 Makefile
--- Makefile    5 Jul 2017 22:04:11 -0000       1.34
+++ Makefile    6 Jul 2017 10:20:34 -0000
@@ -5,6 +5,7 @@ PL =            15
 COMMENT =      text web browser
 DISTNAME =     lynx${V}dev.${PL}
 PKGNAME =      lynx-${V}pl${PL}
+REVISION =     0
 EXTRACT_SUFX = .tar.bz2
 CATEGORIES =   www net
 
Index: patches/patch-src_LYReadCFG_c
===================================================================
RCS file: /cvs/ports/www/lynx/patches/patch-src_LYReadCFG_c,v
retrieving revision 1.4
diff -u -p -r1.4 patch-src_LYReadCFG_c
--- patches/patch-src_LYReadCFG_c       30 Apr 2017 12:08:32 -0000      1.4
+++ patches/patch-src_LYReadCFG_c       6 Jul 2017 10:20:34 -0000
@@ -1,7 +1,16 @@
 $OpenBSD: patch-src_LYReadCFG_c,v 1.4 2017/04/30 12:08:32 fcambus Exp $
---- src/LYReadCFG.c.orig       Thu Nov 24 16:35:29 2016
-+++ src/LYReadCFG.c    Sat Apr 29 11:09:38 2017
-@@ -1537,7 +1537,6 @@ static Config_Type Config_Table [] =
+Index: src/LYReadCFG.c
+--- src/LYReadCFG.c.orig
++++ src/LYReadCFG.c
+@@ -1508,7 +1508,6 @@ static Config_Type Config_Table [] =
+      PARSE_FUN(RC_DISPLAY_CHARSET_CHOICE, parse_display_charset_choice),
+ #endif
+      PARSE_SET(RC_DONT_WRAP_PRE,        dont_wrap_pre),
+-     PARSE_ADD(RC_DOWNLOADER,           downloaders),
+      PARSE_SET(RC_EMACS_KEYS_ALWAYS_ON, emacs_keys),
+      PARSE_FUN(RC_ENABLE_LYNXRC,        enable_lynxrc),
+      PARSE_SET(RC_ENABLE_SCROLLBACK,    enable_scrollback),
+@@ -1537,7 +1536,6 @@ static Config_Type Config_Table [] =
  #endif
       PARSE_Env(RC_FTP_PROXY,            0),
       PARSE_STR(RC_GLOBAL_EXTENSION_MAP, global_extension_map),
@@ -9,7 +18,7 @@ $OpenBSD: patch-src_LYReadCFG_c,v 1.4 20
       PARSE_Env(RC_GOPHER_PROXY,         0),
       PARSE_SET(RC_GOTOBUFFER,           goto_buffer),
       PARSE_PRG(RC_GZIP_PATH,            ppGZIP),
-@@ -1655,7 +1654,6 @@ static Config_Type Config_Table [] =
+@@ -1655,7 +1653,6 @@ static Config_Type Config_Table [] =
       PARSE_SET(RC_PERSISTENT_COOKIES,   persistent_cookies),
  #endif /* USE_PERSISTENT_COOKIES */
       PARSE_STR(RC_PERSONAL_EXTENSION_MAP, personal_extension_map),
@@ -17,7 +26,15 @@ $OpenBSD: patch-src_LYReadCFG_c,v 1.4 20
       PARSE_LST(RC_POSITIONABLE_EDITOR,  positionable_editor),
       PARSE_STR(RC_PREFERRED_CHARSET,    pref_charset),
       PARSE_ENU(RC_PREFERRED_ENCODING,   LYAcceptEncoding, 
tbl_preferred_encoding),
-@@ -1766,11 +1764,9 @@ static Config_Type Config_Table [] =
+@@ -1668,7 +1665,6 @@ static Config_Type Config_Table [] =
+      PARSE_FUN(RC_PRETTYSRC_SPEC,       psrcspec_fun),
+      PARSE_SET(RC_PRETTYSRC_VIEW_NO_ANCHOR_NUM, psrcview_no_anchor_numbering),
+ #endif
+-     PARSE_ADD(RC_PRINTER,              printers),
+      PARSE_SET(RC_QUIT_DEFAULT_YES,     LYQuitDefaultYes),
+      PARSE_INT(RC_READ_TIMEOUT,         reading_timeout),
+      PARSE_FUN(RC_REFERER_WITH_QUERY,   referer_with_query_fun),
+@@ -1767,11 +1763,9 @@ static Config_Type Config_Table [] =
       PARSE_PRG(RC_UUDECODE_PATH,        ppUUDECODE),
       PARSE_SET(RC_VERBOSE_IMAGES,       verbose_img),
       PARSE_SET(RC_VI_KEYS_ALWAYS_ON,    vi_keys),

Reply via email to