Module Name: src Committed By: kre Date: Tue Sep 14 14:49:39 UTC 2021
Modified Files: src/bin/sh: parser.c redir.c Log Message: Deal with some issues where fds intended only for internal use by the shell were available for manipulation by scripts (or the user). These issues were reported by Jan Schaumann on netbsd-users. The first allows the user to reference sh internal fds, and is a simple fix - any sh internal fd is simply treated as if it were closed when referenced by the script. These fds can be discovered by examining /proc/N/fd so it is not difficult for a script to discover which fd it should attempt to access. The second allows the user to reference a user level fd which is one that is normally available to it, but at a point where it should no longer be visible (when that fd has been redirected, for a built in command, so the original fd needs to be saved so it can be restored, the saving fd should not be accessible). It is not as easy for the script to determine which fd to attempt here, as the relevant one exists only during the lifetime of a built-in command (and similar), but there are ways in some cases (aside from looking at /proc from another process). Fix this one by watching which fds the user script is attempting to use, and avoid using those as temporary fds. This is possible in this case as we know what command is being run, before we need to save the fds it uses. That's different from the earlier case where when the shell allocates its fds we have no idea what it might reference later. Also clean up a couple of other minor code issues (NFC intended) that I noticed while here... To generate a diff of this commit: cvs rdiff -u -r1.172 -r1.173 src/bin/sh/parser.c cvs rdiff -u -r1.66 -r1.67 src/bin/sh/redir.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.