From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oo1-xc36.google.com (mail-oo1-xc36.google.com [IPv6:2607:f8b0:4864:20::c36]) by sourceware.org (Postfix) with ESMTPS id E9E363858C83 for ; Mon, 27 Mar 2023 18:56:38 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E9E363858C83 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-oo1-xc36.google.com with SMTP id w13-20020a4aca0d000000b0053b8aa32089so1503492ooq.5 for ; Mon, 27 Mar 2023 11:56:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1679943398; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=4gYJgQMXdWvOxcqJpcebiAJ7PBDgiFgOAAUl6TcJT2o=; b=qeAgtKrHCuBq+MlDqi+OG/fCpqxH9WVmJM7vc8iGZymdGAytMxkjSxrCAEMoVc4xqJ j1aPZDZlTRzIiobbJALCoESzqJsh70+4XMdzAVPzhkzs2m4qwKFoeu+94N2TCgGV452S HmNw/7axgBg0eUkFnl08zJqU/wWYNyRfqpXvMhiI5hhaHYHfLuJbsbWW6RohfOBbA+s1 hi+rTi3SR7K0QocKlglKOVDJq/tcBZYDcmnlJaEpuArgMWn+PzrWUhTNCkEd2tc/7YYI ZMYpWtvXarBUB+yZOTVZd45vXmLMeHt+5aKBrTlqzSQNtlot+riwoqOmPidF6ZjjXywf VAOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679943398; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4gYJgQMXdWvOxcqJpcebiAJ7PBDgiFgOAAUl6TcJT2o=; b=6RVTwrpcg9KYgfntVDImG+IrnlydPFbwU90+/3nzf3JEJqIbIQuxy4D+t/9Mmz6MKG 1Xczg3fxTwRMXW1IAmRHgcN2vfBJrLp/8bHsFxBWq/6NPysWio68bZDwI6e9mdliXFb/ 214bk7WqBDC5UZy1ewPVda1avEfPknpy3a4azbQZVj4wThCc9OSvqpgUe281uxvdspJY IOpmUbnkiNlB8ywTDW7CFSdvcsO1i/gtXxvHETM1dN6728NCpSynyYnUNtGXAyDUL5xI VcTQzZq4e5MDwvJMCdbjV3mvDKSV6ezqhWKhVARCjCLaULo5fj7j/zilt2XDhBaQO1FK axGw== X-Gm-Message-State: AO0yUKXuIOCYEHzdwsPrsPaaVadFNA4uI7n7JNTsfSd2UD8U8utvOb7y O/0FFuJ/V0rcR7ny+YNs6DAQjbMgnQFoENRWdcGDKw== X-Google-Smtp-Source: AK7set/NiQrxWEi2JoKYFNyU2BZNprxUpMEF6VCPsNm0iNxISpfZaEOyheQWBKFPD5ZT/fXonFruqw== X-Received: by 2002:a4a:5585:0:b0:525:29fa:a287 with SMTP id e127-20020a4a5585000000b0052529faa287mr6319930oob.5.1679943398155; Mon, 27 Mar 2023 11:56:38 -0700 (PDT) Received: from ?IPV6:2804:1b3:a7c1:60f9:9d7f:7b90:a6ae:401d? ([2804:1b3:a7c1:60f9:9d7f:7b90:a6ae:401d]) by smtp.gmail.com with ESMTPSA id q204-20020a4a33d5000000b0053853156b5csm11168405ooq.8.2023.03.27.11.56.36 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 27 Mar 2023 11:56:37 -0700 (PDT) Message-ID: <4d6fca26-f73d-5e87-3e7e-082a92735f50@linaro.org> Date: Mon, 27 Mar 2023 15:56:35 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [PATCH] system: Add "--" after "-c" for sh (BZ #28519) Content-Language: en-US To: Joe Simmons-Talbott , libc-alpha@sourceware.org References: <20230322180430.986512-1-josimmon@redhat.com> From: Adhemerval Zanella Netto Organization: Linaro In-Reply-To: <20230322180430.986512-1-josimmon@redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 22/03/23 15:04, Joe Simmons-Talbott via Libc-alpha wrote: > Prevent sh from interpreting a user string as shell options if it > starts with '-' or '+'. Since the version of /bin/sh used for testing > system() is different from the full-fledged system /bin/sh add support > to it for handling "--" after "-c". Add a testcase to ensure the > expected behavior. Since https://austingroupbugs.net/view.php?id=1440 was accept, Florian remarks on BZ#27143 [1] (comment 1 and 3) does not apply anymore. However, although POSIX 2017 does state '--' as mark the end of the options, it seems that there are still shells that does not support it: $ /bin/csh -c -- "echo 123" --: Command not found. $ /bin/tcsh -c -- "echo 123" --: Command not found. (there are from ubuntu 22 packages) I am not sure if it should be ok to break such environments, at least there are available shells in some environments. The rest of the patch looks ok. [1] https://sourceware.org/bugzilla/show_bug.cgi?id=27143 > > Signed-off-by: Joe Simmons-Talbott > --- > libio/iopopen.c | 2 +- > stdlib/tst-system.c | 14 ++++++++++++++ > support/shell-container.c | 7 ++++++- > sysdeps/posix/system.c | 1 + > 4 files changed, 22 insertions(+), 2 deletions(-) > > diff --git a/libio/iopopen.c b/libio/iopopen.c > index d0545ad5ea..eef6d1ef18 100644 > --- a/libio/iopopen.c > +++ b/libio/iopopen.c > @@ -89,7 +89,7 @@ spawn_process (posix_spawn_file_actions_t *fa, FILE *fp, const char *command, > } > > err = __posix_spawn (&((_IO_proc_file *) fp)->pid, _PATH_BSHELL, fa, 0, > - (char *const[]){ (char*) "sh", (char*) "-c", > + (char *const[]){ (char*) "sh", (char*) "-c", (char*) "--", > (char *) command, NULL }, __environ); > if (err != 0) > return err; > diff --git a/stdlib/tst-system.c b/stdlib/tst-system.c > index 47a0afe6bf..3a55ec2791 100644 > --- a/stdlib/tst-system.c > +++ b/stdlib/tst-system.c > @@ -146,6 +146,20 @@ do_test (void) > TEST_COMPARE_STRING (result.out.buffer, "...\n"); > } > > + { > + struct support_capture_subprocess result; > + const char *cmd = "-echo"; > + result = support_capture_subprocess (call_system, > + &(struct args) { cmd, 127 }); > + support_capture_subprocess_check (&result, "system", 0, sc_allow_stderr | > + sc_allow_stdout); > + char *returnerr = xasprintf ("%s: execing -echo failed: " > + "No such file or directory", > + basename(_PATH_BSHELL)); > + TEST_COMPARE_STRING (result.err.buffer, returnerr); > + free (returnerr); > + } > + > { > struct support_capture_subprocess result; > result = support_capture_subprocess (call_system, > diff --git a/support/shell-container.c b/support/shell-container.c > index b1f9e793c1..28437e4206 100644 > --- a/support/shell-container.c > +++ b/support/shell-container.c > @@ -455,7 +455,12 @@ main (int argc, const char **argv) > dprintf (stderr, " argv[%d] is `%s'\n", i, argv[i]); > > if (strcmp (argv[1], "-c") == 0) > - run_command_string (argv[2], argv+3); > + { > + if (strcmp (argv[2], "--") == 0) > + run_command_string (argv[3], argv+4); > + else > + run_command_string (argv[2], argv+3); > + } > else > run_script (argv[1], argv+2); > > diff --git a/sysdeps/posix/system.c b/sysdeps/posix/system.c > index d77720a625..488b95163b 100644 > --- a/sysdeps/posix/system.c > +++ b/sysdeps/posix/system.c > @@ -147,6 +147,7 @@ do_system (const char *line) > ret = __posix_spawn (&pid, SHELL_PATH, 0, &spawn_attr, > (char *const[]){ (char *) SHELL_NAME, > (char *) "-c", > + (char *) "--", > (char *) line, NULL }, > __environ); > __posix_spawnattr_destroy (&spawn_attr);