CVS commit: src/bin/sh

Antti Kantee Thu, 17 Feb 2011 07:13:58 -0800

Module Name:    src
Committed By:   pooka
Date:           Thu Feb 17 15:13:49 UTC 2011


Modified Files:
        src/bin/sh: cd.c eval.c input.c redir.c redir.h

Log Message:
Tell copyfd if the caller wants the exact tofd to just fd >= tofd.
Fixes "echo foo > /rump/bar" in a rump hijacked shell.

reviewed by christos


To generate a diff of this commit:
cvs rdiff -u -r1.40 -r1.41 src/bin/sh/cd.c
cvs rdiff -u -r1.100 -r1.101 src/bin/sh/eval.c
cvs rdiff -u -r1.43 -r1.44 src/bin/sh/input.c
cvs rdiff -u -r1.30 -r1.31 src/bin/sh/redir.c
cvs rdiff -u -r1.15 -r1.16 src/bin/sh/redir.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/bin/sh/cd.c
diff -u src/bin/sh/cd.c:1.40 src/bin/sh/cd.c:1.41
--- src/bin/sh/cd.c:1.40	Fri Jan  1 19:34:59 2010
+++ src/bin/sh/cd.c	Thu Feb 17 15:13:49 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: cd.c,v 1.40 2010/01/01 19:34:59 dholland Exp $	*/
+/*	$NetBSD: cd.c,v 1.41 2011/02/17 15:13:49 pooka Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993
@@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)cd.c	8.2 (Berkeley) 5/4/95";
 #else
-__RCSID("$NetBSD: cd.c,v 1.40 2010/01/01 19:34:59 dholland Exp $");
+__RCSID("$NetBSD: cd.c,v 1.41 2011/02/17 15:13:49 pooka Exp $");
 #endif
 #endif /* not lint */
 
@@ -425,7 +425,7 @@
 			(void) close(pip[0]);
 			if (pip[1] != 1) {
 				close(1);
-				copyfd(pip[1], 1);
+				copyfd(pip[1], 1, 1);
 				close(pip[1]);
 			}
 			(void) execl("/bin/pwd", "pwd", (char *)0);

Index: src/bin/sh/eval.c
diff -u src/bin/sh/eval.c:1.100 src/bin/sh/eval.c:1.101
--- src/bin/sh/eval.c:1.100	Thu Jun  3 16:14:13 2010
+++ src/bin/sh/eval.c	Thu Feb 17 15:13:49 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: eval.c,v 1.100 2010/06/03 16:14:13 christos Exp $	*/
+/*	$NetBSD: eval.c,v 1.101 2011/02/17 15:13:49 pooka Exp $	*/
 
 /*-
  * Copyright (c) 1993
@@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)eval.c	8.9 (Berkeley) 6/8/95";
 #else
-__RCSID("$NetBSD: eval.c,v 1.100 2010/06/03 16:14:13 christos Exp $");
+__RCSID("$NetBSD: eval.c,v 1.101 2011/02/17 15:13:49 pooka Exp $");
 #endif
 #endif /* not lint */
 
@@ -520,14 +520,14 @@
 			INTON;
 			if (prevfd > 0) {
 				close(0);
-				copyfd(prevfd, 0);
+				copyfd(prevfd, 0, 1);
 				close(prevfd);
 			}
 			if (pip[1] >= 0) {
 				close(pip[0]);
 				if (pip[1] != 1) {
 					close(1);
-					copyfd(pip[1], 1);
+					copyfd(pip[1], 1, 1);
 					close(pip[1]);
 				}
 			}
@@ -591,7 +591,7 @@
 			close(pip[0]);
 			if (pip[1] != 1) {
 				close(1);
-				copyfd(pip[1], 1);
+				copyfd(pip[1], 1, 1);
 				close(pip[1]);
 			}
 			eflag = 0;
@@ -905,7 +905,7 @@
 			close(pip[0]);
 			if (pip[1] != 1) {
 				close(1);
-				copyfd(pip[1], 1);
+				copyfd(pip[1], 1, 1);
 				close(pip[1]);
 			}
 		}

Index: src/bin/sh/input.c
diff -u src/bin/sh/input.c:1.43 src/bin/sh/input.c:1.44
--- src/bin/sh/input.c:1.43	Mon Aug 30 06:27:14 2010
+++ src/bin/sh/input.c	Thu Feb 17 15:13:49 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: input.c,v 1.43 2010/08/30 06:27:14 christos Exp $	*/
+/*	$NetBSD: input.c,v 1.44 2011/02/17 15:13:49 pooka Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993
@@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)input.c	8.3 (Berkeley) 6/9/95";
 #else
-__RCSID("$NetBSD: input.c,v 1.43 2010/08/30 06:27:14 christos Exp $");
+__RCSID("$NetBSD: input.c,v 1.44 2011/02/17 15:13:49 pooka Exp $");
 #endif
 #endif /* not lint */
 
@@ -405,7 +405,7 @@
 	}
 
 	if (fd < 10) {
-		fd2 = copyfd(fd, 10);
+		fd2 = copyfd(fd, 10, 0);
 		close(fd);
 		if (fd2 < 0)
 			error("Out of file descriptors");

Index: src/bin/sh/redir.c
diff -u src/bin/sh/redir.c:1.30 src/bin/sh/redir.c:1.31
--- src/bin/sh/redir.c:1.30	Mon Jan 21 06:43:03 2008
+++ src/bin/sh/redir.c	Thu Feb 17 15:13:49 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: redir.c,v 1.30 2008/01/21 06:43:03 msaitoh Exp $	*/
+/*	$NetBSD: redir.c,v 1.31 2011/02/17 15:13:49 pooka Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993
@@ -37,7 +37,7 @@
 #if 0
 static char sccsid[] = "@(#)redir.c	8.2 (Berkeley) 5/4/95";
 #else
-__RCSID("$NetBSD: redir.c,v 1.30 2008/01/21 06:43:03 msaitoh Exp $");
+__RCSID("$NetBSD: redir.c,v 1.31 2011/02/17 15:13:49 pooka Exp $");
 #endif
 #endif /* not lint */
 
@@ -222,7 +222,7 @@
 			if (memory[redir->ndup.dupfd])
 				memory[fd] = 1;
 			else
-				copyfd(redir->ndup.dupfd, fd);
+				copyfd(redir->ndup.dupfd, fd, 1);
 		}
 		INTON;
 		return;
@@ -235,7 +235,7 @@
 	}
 
 	if (f != fd) {
-		copyfd(f, fd);
+		copyfd(f, fd, 1);
 		close(f);
 	}
 	INTON;
@@ -308,7 +308,7 @@
                                 fd0_redirected--;
 			close(i);
 			if (rp->renamed[i] >= 0) {
-				copyfd(rp->renamed[i], i);
+				copyfd(rp->renamed[i], i, 1);
 				close(rp->renamed[i]);
 			}
 		}
@@ -375,11 +375,14 @@
  */
 
 int
-copyfd(int from, int to)
+copyfd(int from, int to, int equal)
 {
 	int newfd;
 
-	newfd = fcntl(from, F_DUPFD, to);
+	if (equal)
+		newfd = dup2(from, to);
+	else
+		newfd = fcntl(from, F_DUPFD, to);
 	if (newfd < 0) {
 		if (errno == EMFILE)
 			return EMPTY;

Index: src/bin/sh/redir.h
diff -u src/bin/sh/redir.h:1.15 src/bin/sh/redir.h:1.16
--- src/bin/sh/redir.h:1.15	Thu Aug  7 09:05:37 2003
+++ src/bin/sh/redir.h	Thu Feb 17 15:13:49 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: redir.h,v 1.15 2003/08/07 09:05:37 agc Exp $	*/
+/*	$NetBSD: redir.h,v 1.16 2011/02/17 15:13:49 pooka Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993
@@ -44,5 +44,5 @@
 void popredir(void);
 int fd0_redirected_p(void);
 void clearredir(int);
-int copyfd(int, int);
+int copyfd(int, int, int);

CVS commit: src/bin/sh

Reply via email to