Module Name: src Committed By: kre Date: Sat Feb 9 09:50:31 UTC 2019
Modified Files: src/bin/sh: parser.c Log Message: Add a check that the file descriptor mentioned in a N> or N< type redirect operator is within range of what the code tree node can hold. Currently this is a no-op change (the new error can never occur) as the code already checks that N is in range for an int (and errors if not) and the field in the node in which we store N is also an int, so we cannot overflow - but fd's do not really need to be that big (the max a typical kernel supports is < 10000) so this just adds validation in case it ever happens that we decide we can save some node size (ie: sh memory) by making that field smaller. Note this is parse time error detection, and has no bearing upon the execution time error that will occur if a script attempts to use an fd that exceeds the process's max fd limit. NFCI (for now anyway.) To generate a diff of this commit: cvs rdiff -u -r1.165 -r1.166 src/bin/sh/parser.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/bin/sh/parser.c diff -u src/bin/sh/parser.c:1.165 src/bin/sh/parser.c:1.166 --- src/bin/sh/parser.c:1.165 Mon Feb 4 11:16:41 2019 +++ src/bin/sh/parser.c Sat Feb 9 09:50:31 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: parser.c,v 1.165 2019/02/04 11:16:41 kre Exp $ */ +/* $NetBSD: parser.c,v 1.166 2019/02/09 09:50:31 kre Exp $ */ /*- * Copyright (c) 1991, 1993 @@ -37,13 +37,14 @@ #if 0 static char sccsid[] = "@(#)parser.c 8.7 (Berkeley) 5/16/95"; #else -__RCSID("$NetBSD: parser.c,v 1.165 2019/02/04 11:16:41 kre Exp $"); +__RCSID("$NetBSD: parser.c,v 1.166 2019/02/09 09:50:31 kre Exp $"); #endif #endif /* not lint */ +#include <limits.h> +#include <signal.h> #include <stdio.h> #include <stdlib.h> -#include <limits.h> #include "shell.h" #include "parser.h" @@ -1569,9 +1570,13 @@ parseredir(const char *out, int c) union node *np; int fd; - fd = (*out == '\0') ? -1 : number(out); - np = stalloc(sizeof(struct nfile)); + + fd = (*out == '\0') ? -1 : number(out); /* number(out) >= 0 */ + np->nfile.fd = fd; /* do this again later with updated fd */ + if (fd != np->nfile.fd) + error("file descriptor (%d) out of range", fd); + VTRACE(DBG_LEXER, ("parseredir after '%s%c' ", out, c)); if (c == '>') { if (fd < 0)