| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
This is a build tool only and does not affect run time.
PR: 204951
|
| |
|
|
|
|
| |
variable.
Reported by: bapt
|
| |
|
|
| |
Add more SUBDIR_PARALLEL.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r269902:
Convert bin/sh/tests to ATF
The new code uses a "test discovery mechanism" to determine
what tests are available for execution
The test shell can be specified via:
kyua test -v test_suites.FreeBSD.bin.sh.test_shell=/path/to/test/sh
Sponsored by: EMC / Isilon Storage Division
Approved by: jmmv (mentor)
Reviewed by: jilles (maintainer)
r270101 (by jilles):
sh: Don't hardcode relative paths in the tests stderr files.
These paths have had to be adjusted to changes in the testsuite runner
several times, so modify the tests to remove the need for such adjustment.
A cp in functional_test.sh is now unneeded, but this matters little in
performance.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shell syntax is too complicated to detect command substitution and unquoted
operators reliably without implementing much of sh's parser. Therefore, have
sh do this detection.
While changing sh's support anyway, also read input from a pipe instead of
arguments to avoid {ARG_MAX} limits and improve privacy, and output count
and length using 16 instead of 8 digits.
The basic concept is:
execl("/bin/sh", "sh", "-c", "freebsd_wordexp ${1:+\"$1\"} -f "$2",
"", flags & WRDE_NOCMD ? "-p" : "", <pipe with words>);
The WRDE_BADCHAR error is still implemented in libc. POSIX requires us to
fail strings containing unquoted braces with code WRDE_BADCHAR. Since this
is normally not a syntax error in sh, there is still a need for checking
code in libc, we_check().
The new we_check() is an optimistic check that all the characters
<newline> | & ; < > ( ) { }
are quoted. To avoid duplicating too much sh logic, such characters are
permitted when quoting characters are seen, even if the quoting characters
may themselves be quoted. This code reports all WRDE_BADCHAR errors; bad
characters that get past it and are a syntax error in sh return WRDE_SYNTAX.
Although many implementations of WRDE_NOCMD erroneously allow some command
substitutions (and ours even documented this), there appears to be code that
relies on its security (codesearch.debian.net shows quite a few uses).
Passing untrusted data to wordexp() still exposes a denial of service
possibility and a fairly large attack surface.
This is also a MFC of r286830 to reduce conflicts. I changed the code
somewhat to avoid changes from r286941; in particular, WRDE_BADVAL can still
only be returned if WRDE_UNDEF was passed.
Relnotes: yes
Security: fixes command execution with wordexp(untrusted, WRDE_NOCMD)
|
| |
|
|
| |
These new tests from head pass with unmodified stable/10 sh.
|
| |
|
|
|
|
|
|
|
| |
The initial check for a matching ] was incorrect if a ] may be consumed by a
[:class:]. The subsequent loop assumed that there must be a ].
Remove the initial check and make the loop cope with a missing ].
Found with afl-fuzz.
|
| |
|
|
|
|
|
|
| |
* Remove some gotos.
* Remove unused parameter.
* Remove duplicate code.
This MFC is to avoid conflicts in the MFC of r287148.
|
| |
|
|
| |
This MFC is to avoid conflicts in the MFC of r287148.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
substitution error.
An invalid substitution like ${var@} does not cause a parse error but is
stored in the intermediate representation, to be written as part of the
error message. If there is a CTL* byte in the stored part, this confuses
some code such as the code to skip an unused alternative such as in
${var-alternative}.
To keep things simple, do not store CTL* bytes.
Found with afl-fuzz.
|
| |
|
|
|
| |
Fix shifts of possibly negative numbers found with ubsan and avoid signed
integer overflow when hashing an extremely long command name.
|
| |
|
|
|
|
|
|
| |
parameters.
Per Austin Group issue #459, shifting zero positional parameters may or may
not be considered an operand error (which causes the shell to exit in most
cases).
|
| |
|
|
|
|
| |
expansions.
PR: 193759
|
| |
|
|
|
|
|
|
| |
EXP_REDIR was supposed to generate pathnames in redirection if exactly one
file matches, as permitted but not required by POSIX in interactive mode. It
is unlikely this will be implemented.
No functional change is intended.
|
| |
|
|
|
| |
Quoting during expansion only cares about CCTL, which is the same for
DQSYNTAX and SQSYNTAX.
|
| |
|
|
|
|
|
| |
redirection.
EXP_REDIR was not being checked for while expanding positional parameters in
redirection, so CTL* bytes were not being prefixed where they should be.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
64-bit systems.
Currently, there can be no more than INT_MAX positional parameters. Make
sure to treat all higher ones as unset to avoid incorrect results and
crashes.
On 64-bit systems, our atoi() takes the low 32 bits of the strtol() and
sign-extends them.
On 32-bit systems, the call to atoi() returned INT_MAX for too high values
and there is not enough address space for so many positional parameters, so
there was no issue.
PR: 195918
|
| |
|
|
|
|
|
|
|
|
|
| |
The test locale1.0 depends on locale support; it is meaningless without a
working LC_MESSAGES.
I added an OptionalObsoleteFiles.inc entry.
PR: 181151
Submitted by: Garrett Cooper (original version)
Sponsored by: EMC / Isilon Storage Division
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- r263161 Make bsd.test.mk the only public mk fragment for the building of tests.
- r263172 Move FreeBSD Test Suite-specific code to a suite.test.mk file.
- r263204 Add some documentation for bsd.test.mk.
- r263217 Document support for TAP-compliant Perl test programs.
This is "make tinderbox" clean.
|
| |
|
|
| |
SIGINT.
|
| | |
|
| |
|
|
| |
using this.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a MFC of all the commits listed below.
My original goal of this change was to only merge the move of the tests
from tools/regression/bin/ into the new layout (which include tests for
sh(1) and other tools as well). However, doing so is tricky due to the
ongoing work in sh(1) and, especially, the many changes to its tests
since stable/10 was first branched.
Merging everything is the simplest way to achieve this goal and, as a
bonus point, we get various fixes and miscellaneous improvements into
the branch.
Per jilles' suggestion, I'm avoiding the merge of a couple of changes
(r256850 and r257506) that required depending kernel changes. I'm also
avoiding very recent changes that have not had a long enough time to be
validated in current.
This is "make tinderbox" clean.
r256735 sh: Remove one syscall when waiting for a foreground job.
r257399 sh: Allow trapping SIGINT/SIGQUIT after ignore because of '&'.
r257504 sh: Reorder union node to reduce its size on 64-bit platforms.
r257920 sh: Add a test case for would-be assignments that are not due to quoting.
r257929 sh: Properly quote alias output from command -v.
r258489 sh: Add tests for the </dev/null implicit in a background command.
r258533 sh: Add more tests for the </dev/null implicit in a background command.
r258535 sh: Make <&0 disable the </dev/null implicit in a background command.
r258776 sh: Prefer memcpy() to strcpy() in most cases. Remove the scopy macro.
r259047 sh: Split set -x output into a separate function.
r259210 Migrate tools/regression/bin/ tests to the new layout.
r259844 sh: Remove an unused variable.
r259846 sh: Initialize OPTIND=1 even if it came from the environment.
r259874 sh: Simplify code related to PPID variable.
r259946 sh: Don't check input for non-whitespace if history is disabled.
r260246 sh(1): Discourage use of -e.
r260506 Run the sh(1) and test(1) tests as unprivileged.
r260586 Mark the bin/pax tests as requiring perl.
r260634 Use TAP_TESTS_PERL to register the legacy_test in bin/pax.
r260635 Replace hand-crafted Kyuafiles with automatic generation.
r260654 sh: Remove SIGWINCH handler and just check for resize before every read.
r261121 sh: Add test for nested alias.
r261125 sh: Solve the alias recursion problem in a less hackish way.
r261141 sh: Do not depend on parse/execute split in new alias test.
r261160 sh: Add tests for alias names after another alias.
r261192 sh: Allow aliases to force alias substitution on the following word.
r262533 sh: Make expari() static.
r262565 sh: Do not corrupt internal representation if LINENO inner expansion fails.
r262697 sh: Simplify expari().
Reviewed by: jilles
|
| |
|
|
| |
Reviewed by: jilles
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Formerly, return always returned from a function if it was called from a
function, even if there was a closer dot script. This was for compatibility
with the Bourne shell which only allowed returning from functions.
Other modern shells and POSIX return from the function or the dot script,
whichever is closest.
Git 1.8.4's rebase --continue depends on the POSIX behaviour.
Reported by: Christoph Mallon, avg
|
| |
|
|
|
|
|
|
|
|
| |
The change in r238888 was incomplete. It was still possible for a trapped
signal to arrive before the shell went to sleep (sigsuspend()) because a
check was missing or because the signal arrived before in_waitcmd was set.
On SMP, this bug sometimes caused the builtins/wait4.0 test to take 1 second
to execute; it then might or might not fail. On UP, the test almost always
failed.
|
| |
|
|
|
|
| |
The erflag argument was only used by old-style (``) command substitutions.
We can remove it and handle the special case in the command substitution
code.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This implementation makes minimal changes: command names starting with "-"
(other than "--") can still be queried normally.
|
| |
|
|
|
|
|
|
|
|
| |
NEOF needs to be a non-null pointer distinct from valid union node pointers.
It is not dereferenced.
The new NEOF is much like SIG_ERR except that it is an object pointer
instead of a function pointer.
The variable tokpushback can now be static.
|
| |
|
|
|
| |
Aliases starting with "-" (which are non-POSIX) will need to be preceded by
an alias not starting with "-" or the newly added "--".
|
| |
|
|
|
|
|
|
|
|
| |
As per POSIX, a simple command must have at least one redirection,
assignment word or command word.
These occured in rare cases such as eval "f()" .
The extension of allowing no commands inside { }, if, while, for, etc.
remains.
|
| |
|
|
|
|
|
|
|
|
| |
POSIX does not require ++ and -- in arithmetic. It is probably more useful
to reject them than to treat ++x and --x as x silently.
Note that the behaviour of increment and decrement can be obtained via
(x+=1), ((x+=1)-1), (x-=1) and ((x-=1)+1).
PR: bin/176444
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If a job is specified to 'wait', wait for it to complete. Formerly, in
interactive mode, the job was deleted if it stopped.
If no jobs are specified in interactive mode, 'wait' still waits for all jobs
to complete or stop.
In non-interactive mode, WUNTRACED is not passed to wait3() so stopped jobs
are not detected.
PR: bin/181435
|
| |
|
|
| |
These are already handled by exception handlers.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Example: </dev/null | :
PR: 181240
MFC after: 1 week
|
| | |
|
| |
|
|
| |
MKINIT only served for the removed mkinit. Many variables can be static now.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the RESET blocks with regular functions and a reset() function that
calls them all.
This code generation tool is unusual and does not appear to provide much
benefit. I do not think isolating the knowledge about which modules need to
be reset is worth an almost 500-line build tool and wider scope for
variables used by the reset functions.
Also, relying on reset functions is often wrong: the cleanup should be done
in exception handlers so that no stale state remains after 'command eval'
and the like.
|
| |
|
|
|
| |
These cleanup operations are not needed because they are already performed
after an optimized command substitution (whether there was an error or not).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Although using -i with -c does not seem very useful, it seems inappropriate
to read commands from the terminal in this case.
Side effect: if the -s -c extension is used and the -s option is turned off
using 'set +s' during the interactive part, the shell now exits after an
error or interrupt. Note that POSIX only specifies -s as option to sh, not
to set.
See also Austin Group issue #718.
|
| | |
|
| |
|
|
|
|
| |
This has always been the case and is intended (just like cd).
This matches Austin group issue #706.
|
| |
|
|
| |
PR: 176916
|
