From ed7497e3790b044ab680fcdcd9dc4034a73ead9a Mon Sep 17 00:00:00 2001 From: Daniel Shahaf Date: Mon, 11 Sep 2017 15:06:05 +0000 Subject: unposted: internal: Document zreaddir(). --- Src/utils.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'Src/utils.c') diff --git a/Src/utils.c b/Src/utils.c index 5055d69fe..70aad396a 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -4947,6 +4947,16 @@ ztrsub(char const *t, char const *s) return l; } +/* + * Wrapper for readdir(). + * + * If ignoredots is true, skip the "." and ".." entries. + * + * When __APPLE__ is defined, recode dirent names from UTF-8-MAC to UTF-8. + * + * Return the dirent's name, metafied. + */ + /**/ mod_export char * zreaddir(DIR *dir, int ignoredots) -- cgit v1.2.3 From 15bed0db4085f51f223f7193eede41a112b71c82 Mon Sep 17 00:00:00 2001 From: Daniel Shahaf Date: Thu, 21 Sep 2017 18:13:39 +0000 Subject: unposted (cf. 41707): internal: Document the count==0 case of checkrmall(). --- ChangeLog | 5 +++++ Src/utils.c | 4 +++- 2 files changed, 8 insertions(+), 1 deletion(-) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 34163e55f..3a0656fc6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2017-09-21 Daniel Shahaf + + * unposted (cf. 41707): Src/utils.c: internal: Document the + count==0 case of checkrmall(). + 2017-09-20 Barton E. Schaefer * 41736: NEWS, Src/exec.c: NO_INTERACTIVE_COMMENTS in $(...) diff --git a/Src/utils.c b/Src/utils.c index 70aad396a..0d71dda09 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -2724,8 +2724,10 @@ checkrmall(char *s) else if (count > 0) fprintf(shout, "zsh: sure you want to delete all %d files in ", count); - else + else { + /* We don't know how many files the glob will expand to; see 41707. */ fprintf(shout, "zsh: sure you want to delete all the files in "); + } nicezputs(s, shout); if(isset(RMSTARWAIT)) { fputs("? (waiting ten seconds)", shout); -- cgit v1.2.3 From ced82745eace69a8bbe0f187d8caa7cb6347f50d Mon Sep 17 00:00:00 2001 From: Daniel Shahaf Date: Thu, 21 Sep 2017 18:17:02 +0000 Subject: unposted (cf. 41672): checkrmall: Record the 41672 bug in a TODO. --- ChangeLog | 3 +++ Src/utils.c | 3 +++ 2 files changed, 6 insertions(+) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 3a0656fc6..000d5ccb3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2017-09-21 Daniel Shahaf + * unposted (cf. 41672): Src/utils.c: checkrmall: Record the + 41672 bug in a TODO. + * unposted (cf. 41707): Src/utils.c: internal: Document the count==0 case of checkrmall(). diff --git a/Src/utils.c b/Src/utils.c index 0d71dda09..4c0ebe6f5 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -2709,6 +2709,9 @@ checkrmall(char *s) const int max_count = 100; if ((rmd = opendir(unmeta(s)))) { int ignoredots = !isset(GLOBDOTS); + /* ### TODO: Passing ignoredots here is wrong. See workers/41672 + aka . + */ while (zreaddir(rmd, ignoredots)) { count++; if (count > max_count) -- cgit v1.2.3 From 5f6a52c06ca956cf61eacd7f45f270899337d45e Mon Sep 17 00:00:00 2001 From: Peter Stephenson Date: Fri, 22 Dec 2017 20:00:54 +0000 Subject: 42156: new CHECK_RUNNING_JOBS option demanded by bash groupies Also new job options. Also suppress debug error if rows or columns are reported as zero as this is normal without a physical terminal. --- ChangeLog | 10 +++ Doc/Zsh/options.yo | 17 ++++- Src/builtin.c | 3 +- Src/options.c | 1 + Src/utils.c | 4 +- Src/zsh.h | 1 + Test/W02jobs.ztst | 186 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 217 insertions(+), 5 deletions(-) create mode 100644 Test/W02jobs.ztst (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 1b9b0be68..5a3d0ec97 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,15 @@ 2017-12-22 Peter Stephenson + * dana: 42156 with tweak as per 42158: Doc/Zsh/options.yo, + Src/builtin.c, Src/options.c, Src/utils.c, Src/zsh.h, + Test/W02jobs.ztst: add CHECK_RUNNING_JOBS opion and job tests; + remove debug error when rows or columns are zero as this is + normal without a physical terminal. + + * dana: 42156: Doc/Zsh/options.yo, Src/builtin.c, + Src/options.c, Src/zsh.h, Test/W02jobs.ztst: new + CHECK_RUNNING_JOBS option demanded by bash groupies. + * danda: 42155: Completion/Unix/Command/_ssh: various improvements for OpenSSH. diff --git a/Doc/Zsh/options.yo b/Doc/Zsh/options.yo index d043cf398..25b3d5736 100644 --- a/Doc/Zsh/options.yo +++ b/Doc/Zsh/options.yo @@ -817,7 +817,7 @@ zsh sessions will all have the new entries from their history lists added to the history file, in the order that they exit. The file will still be periodically re-written to trim it when the number of lines grows 20% beyond the value specified by -tt($SAVEHIST) (see also the HIST_SAVE_BY_COPY option). +tt($SAVEHIST) (see also the tt(HIST_SAVE_BY_COPY) option). ) pindex(BANG_HIST) pindex(NO_BANG_HIST) @@ -1429,6 +1429,19 @@ ifnzman(the section Special Functions in noderef(Functions))\ ifzman(the section SPECIAL FUNCTIONS in zmanref(zshmisc)) is not counted for this purpose. ) +pindex(CHECK_RUNNING_JOBS) +pindex(NO_CHECK_RUNNING_JOBS) +pindex(CHECKRUNNINGJOBS) +pindex(NOCHECKRUNNINGJOBS) +cindex(exiting, checking running jobs when) +cindex(logging out, checking running jobs when) +item(tt(CHECK_RUNNING_JOBS) )( +Check for both running and suspended jobs when tt(CHECK_JOBS) is enabled. +When this option is disabled, zsh checks only for suspended jobs, which +matches the default behavior of bash. + +This option has no effect unless tt(CHECK_JOBS) is set. +) pindex(HUP) pindex(NO_HUP) pindex(NOHUP) @@ -1443,7 +1456,7 @@ pindex(LONGLISTJOBS) pindex(NOLONGLISTJOBS) cindex(jobs, list format) item(tt(LONG_LIST_JOBS) (tt(-R)))( -List jobs in the long format by default. +Print job notifications in the long format by default. ) pindex(MONITOR) pindex(NO_MONITOR) diff --git a/Src/builtin.c b/Src/builtin.c index f002b9912..0211f2721 100644 --- a/Src/builtin.c +++ b/Src/builtin.c @@ -5594,7 +5594,8 @@ checkjobs(void) for (i = 1; i <= maxjob; i++) if (i != thisjob && (jobtab[i].stat & STAT_LOCKED) && - !(jobtab[i].stat & STAT_NOPRINT)) + !(jobtab[i].stat & STAT_NOPRINT) && + (isset(CHECKRUNNINGJOBS) || jobtab[i].stat & STAT_STOPPED)) break; if (i <= maxjob) { if (jobtab[i].stat & STAT_STOPPED) { diff --git a/Src/options.c b/Src/options.c index 2b5795bab..590652ea9 100644 --- a/Src/options.c +++ b/Src/options.c @@ -111,6 +111,7 @@ static struct optname optns[] = { {{NULL, "chasedots", OPT_EMULATE}, CHASEDOTS}, {{NULL, "chaselinks", OPT_EMULATE}, CHASELINKS}, {{NULL, "checkjobs", OPT_EMULATE|OPT_ZSH}, CHECKJOBS}, +{{NULL, "checkrunningjobs", OPT_EMULATE|OPT_ZSH}, CHECKRUNNINGJOBS}, {{NULL, "clobber", OPT_EMULATE|OPT_ALL}, CLOBBER}, {{NULL, "combiningchars", 0}, COMBININGCHARS}, {{NULL, "completealiases", 0}, COMPLETEALIASES}, diff --git a/Src/utils.c b/Src/utils.c index 4c0ebe6f5..74fdac31f 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -1832,7 +1832,7 @@ adjustlines(int signalled) else shttyinfo.winsize.ws_row = zterm_lines; #endif /* TIOCGWINSZ */ - if (zterm_lines <= 0) { + if (zterm_lines < 0) { DPUTS(signalled, "BUG: Impossible TIOCGWINSZ rows"); zterm_lines = tclines > 0 ? tclines : 24; } @@ -1856,7 +1856,7 @@ adjustcolumns(int signalled) else shttyinfo.winsize.ws_col = zterm_columns; #endif /* TIOCGWINSZ */ - if (zterm_columns <= 0) { + if (zterm_columns < 0) { DPUTS(signalled, "BUG: Impossible TIOCGWINSZ cols"); zterm_columns = tccolumns > 0 ? tccolumns : 80; } diff --git a/Src/zsh.h b/Src/zsh.h index 22ae95480..92f75769a 100644 --- a/Src/zsh.h +++ b/Src/zsh.h @@ -2339,6 +2339,7 @@ enum { CHASEDOTS, CHASELINKS, CHECKJOBS, + CHECKRUNNINGJOBS, CLOBBER, APPENDCREATE, COMBININGCHARS, diff --git a/Test/W02jobs.ztst b/Test/W02jobs.ztst new file mode 100644 index 000000000..65b860072 --- /dev/null +++ b/Test/W02jobs.ztst @@ -0,0 +1,186 @@ +# Tests for interactive job control + +%prep + + if [[ $OSTYPE == cygwin ]]; then + ZTST_unimplemented='the zsh/zpty module does not work on Cygwin' + elif zmodload zsh/zpty 2> /dev/null; then + zpty_start() { + export PS1= PS2= + zpty -d + zpty zsh "${(q)ZTST_testdir}/../Src/zsh -fiV +Z" + } + zpty_input() { + zpty -w zsh "${(F)@}" $'\n' + } + zpty_stop() { + # exit twice in case of check_jobs + zpty -w zsh $'exit\nexit\n' + # zpty gives no output when piped without these braces (?) + { zpty -r zsh } | sed $'/[^[:space:]]/!d; s/\r$//;' + zpty -d + : + } + else + ZTST_unimplemented='the zsh/zpty module is not available' + fi + +%test + + zpty_start + zpty_input 'setopt no_long_list_jobs' + zpty_input ': &' + zpty_input 'wait' + zpty_stop +0:job notification with no_long_list_jobs +*>\[1] [0-9]## +*>\[1] + done[[:space:]]##: + + zpty_start + zpty_input 'setopt long_list_jobs' + zpty_input ': &' + zpty_input 'wait' + zpty_stop +0:job notification with long_list_jobs +*>\[1] [0-9]## +*>\[1] + [0-9]## done[[:space:]]##: + + zpty_start + zpty_input 'setopt no_hup no_check_jobs' + zpty_input 'sleep 3 &' + zpty_stop +0:running job with no_hup + no_check_jobs +*>\[1] [0-9]## + + zpty_start + zpty_input 'setopt no_check_jobs' + zpty_input 'sleep 3 &' + zpty_stop +0:running job with no_check_jobs +*>\[1] [0-9]## +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'setopt check_jobs no_check_running_jobs' + zpty_input 'sleep 3 &' + zpty_stop +0:running job with check_jobs + no_check_running_jobs +*>\[1] [0-9]## +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'setopt check_jobs check_running_jobs' + zpty_input 'sleep 3 &' + zpty_stop +0:running job with check_jobs + check_running_jobs +*>\[1] [0-9]## +*>zsh:*running jobs* +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'setopt check_jobs no_check_running_jobs' + zpty_input 'sleep 3' + sleep 0.1 + zpty_input $'\C-z' + zpty_stop +0:suspended job with check_jobs + no_check_running_jobs +*>zsh:*(stopped|suspended)*sleep* +*>zsh:*(stopped|suspended) jobs* +# no 'SIGHUPed' message for suspended jobs + + zpty_start + zpty_input 'setopt check_jobs check_running_jobs' + zpty_input 'sleep 3' + sleep 0.1 + zpty_input $'\C-z' + zpty_stop +0:suspended job with check_jobs + check_running_jobs +*>zsh:*(stopped|suspended)*sleep* +*>zsh:*(stopped|suspended) jobs* +# no 'SIGHUPed' message for suspended jobs + + zpty_start + zpty_input 'sleep 5 & sleep 4 & sleep 3 &' + zpty_input 'jobs' + zpty_stop +0:`jobs` (misc.) with multiple running jobs +*>\[1] [0-9]## +*>\[2] [0-9]## +*>\[3] [0-9]## +*>\[1] running*sleep 5* +*>\[2] - running*sleep 4* +*>\[3] + running*sleep 3* +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'sleep 3 &' + zpty_input 'jobs -l' + zpty_input 'jobs -p' + zpty_stop +0:`jobs -l` and `jobs -p` with running job +*>\[1] [0-9]## +*>\[1] + [0-9]## running*sleep* +*>\[1] + [0-9]## running*sleep* +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'sleep 3 &' + zpty_input 'jobs -d' + zpty_stop +0:`jobs -d` with running job +*>\[1] [0-9]## +*>\[1] + running*sleep* +*>\(pwd : ?*\) +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'sleep 3 &' + zpty_input 'jobs -r' + zpty_input 'print -- -' + zpty_input 'jobs -s' + zpty_stop +0:`jobs -r` and `jobs -s` with running job +*>\[1] [0-9]## +*>\[1] + running*sleep* +*>- +*>zsh:*SIGHUPed* + + zpty_start + zpty_input 'sleep 5' + sleep 0.1 + zpty_input $'\C-z' + zpty_input 'jobs -r' + zpty_input 'print -- -' + zpty_input 'jobs -s' + zpty_stop +0:`jobs -r` and `jobs -s` with suspended job +*>zsh:*(stopped|suspended)*sleep* +*>- +*>\[1] + (stopped|suspended)*sleep* +# no 'SIGHUPed' message for suspended jobs + + zpty_start + zpty_input 'sleep 10 & sleep 9 & sleep 8 & sleep 7 &' + sleep 0.1 + zpty_input 'kill %4' + sleep 0.1 + zpty_input 'kill -HUP %3' + sleep 0.1 + zpty_input 'kill -INT %2' + sleep 0.1 + zpty_input 'kill -KILL %1' + sleep 0.1 + zpty_stop +0:various `kill` signals with multiple running jobs +*>\[1] [0-9]## +*>\[2] [0-9]## +*>\[3] [0-9]## +*>\[4] [0-9]## +*>\[4] ? terminate*sleep* +*>\[3] ? hangup*sleep* +*>\[2] ? interrupt*sleep* +*>\[1] ? kill*sleep* + +%clean + + zmodload -ui zsh/zpty -- cgit v1.2.3 From 2cbf6b6a19716cd4f03c820929710499576aa809 Mon Sep 17 00:00:00 2001 From: Peter Stephenson Date: Wed, 31 Jan 2018 09:14:40 +0000 Subject: 42332: Special case unsigned printf formats. For constants we can avoid a conversion to signed by examining the expression before passing to math eval. --- ChangeLog | 6 ++++++ Src/builtin.c | 5 ++++- Src/utils.c | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index ae20911f9..24df71d49 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2018-01-31 Peter Stephenson + + * 42332: Src/builtin.c, Src/utils.c: special case printf for + unsigned integers by looking for constansts, avoiding conversion + to unsigned. + 2018-01-24 Daniel Hahler * 42323: Completion/Unix/Command/_git: _git: move "local" statement diff --git a/Src/builtin.c b/Src/builtin.c index 0211f2721..fb59738f3 100644 --- a/Src/builtin.c +++ b/Src/builtin.c @@ -5243,7 +5243,10 @@ bin_print(char *name, char **args, Options ops, int func) *d++ = 'l'; #endif *d++ = 'l', *d++ = *c, *d = '\0'; - zulongval = (curarg) ? mathevali(curarg) : 0; + if (!curarg) + zulongval = (zulong)0; + else if (!zstrtoul_underscore(curarg, &zulongval)) + zulongval = mathevali(curarg); if (errflag) { zulongval = 0; errflag &= ~ERRFLAG_ERROR; diff --git a/Src/utils.c b/Src/utils.c index 74fdac31f..3b589aa35 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -2455,6 +2455,67 @@ zstrtol_underscore(const char *s, char **t, int base, int underscore) return neg ? -(zlong)calc : (zlong)calc; } +/* + * If s represents a complete unsigned integer (and nothing else) + * return 1 and set retval to the value. Otherwise return 0. + * + * Underscores are always allowed. + * + * Sensitive to OCTAL_ZEROES. + */ + +/**/ +mod_export int +zstrtoul_underscore(const char *s, zulong *retval) +{ + zulong calc = 0, newcalc = 0, base; + + if (*s == '+') + s++; + + if (*s != '0') + base = 10; + else if (*++s == 'x' || *s == 'X') + base = 16, s++; + else if (*s == 'b' || *s == 'B') + base = 2, s++; + else + base = isset(OCTALZEROES) ? 8 : 10; + if (base < 2 || base > 36) { + return 0; + } else if (base <= 10) { + for (; (*s >= '0' && *s < ('0' + base)) || + *s == '_'; s++) { + if (*s == '_') + continue; + newcalc = calc * base + *s - '0'; + if (newcalc < calc) + { + return 0; + } + calc = newcalc; + } + } else { + for (; idigit(*s) || (*s >= 'a' && *s < ('a' + base - 10)) + || (*s >= 'A' && *s < ('A' + base - 10)) + || *s == '_'; s++) { + if (*s == '_') + continue; + newcalc = calc*base + (idigit(*s) ? (*s - '0') : (*s & 0x1f) + 9); + if (newcalc < calc) + { + return 0; + } + calc = newcalc; + } + } + + if (*s) + return 0; + *retval = calc; + return 1; +} + /**/ mod_export int setblock_fd(int turnonblocking, int fd, long *modep) -- cgit v1.2.3 From 679b71ec4d852037fe5f73d35bf557b0f406c8d4 Mon Sep 17 00:00:00 2001 From: Oliver Kiddle Date: Sat, 24 Mar 2018 15:02:41 +0100 Subject: 42518, CVE-2018-1071: check bounds when copying path in hashcmd() --- ChangeLog | 5 +++++ Src/exec.c | 2 +- Src/utils.c | 6 +++--- 3 files changed, 9 insertions(+), 4 deletions(-) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 02d60612b..084d971c2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2018-03-24 Oliver Kiddle + + * 42518, CVE-2018-1071: Src/exec.c, Src/utils.c: + check bounds when copying path in hashcmd() + 2018-03-24 Jun-ichi Takimoto * 42501: Src/Zle/complete.c, Src/Zle/computil.c, diff --git a/Src/exec.c b/Src/exec.c index 35b0bb191..e154d1249 100644 --- a/Src/exec.c +++ b/Src/exec.c @@ -934,7 +934,7 @@ hashcmd(char *arg0, char **pp) for (; *pp; pp++) if (**pp == '/') { s = buf; - strucpy(&s, *pp); + struncpy(&s, *pp, PATH_MAX); *s++ = '/'; if ((s - buf) + strlen(arg0) >= PATH_MAX) continue; diff --git a/Src/utils.c b/Src/utils.c index 3b589aa35..998b16220 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -2283,10 +2283,10 @@ struncpy(char **s, char *t, int n) { char *u = *s; - while (n--) - *u++ = *t++; + while (n-- && (*u++ = *t++)); *s = u; - *u = '\0'; + if (n > 0) /* just one null-byte will do, unlike strncpy(3) */ + *u = '\0'; } /* Return the number of elements in an array of pointers. * -- cgit v1.2.3 From 9bc391105ffc9a430668373388badd369e314415 Mon Sep 17 00:00:00 2001 From: "Barton E. Schaefer" Date: Sun, 25 Mar 2018 18:01:25 -0700 Subject: 42480: optimize $#var for single-byte character sets --- ChangeLog | 4 ++++ Src/utils.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 1664600cf..4ac19f9d9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2018-03-25 Barton E. Schaefer + + * 42480: Src/utils.c: optimize $#var for single-byte character sets + 2018-03-25 Peter Stephenson * 42505: README. Etc/FAQ.yo: prepare for 5.5 release. diff --git a/Src/utils.c b/Src/utils.c index 998b16220..6517e15b8 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -5496,7 +5496,7 @@ mb_metastrlenend(char *ptr, int width, char *eptr) wchar_t wc; int num, num_in_char, complete; - if (!isset(MULTIBYTE)) + if (!isset(MULTIBYTE) || MB_CUR_MAX == 1) return eptr ? (int)(eptr - ptr) : ztrlen(ptr); laststart = ptr; -- cgit v1.2.3 From fa0105f78c9204d72cb0cd68c20d5f390b2a044b Mon Sep 17 00:00:00 2001 From: Martijn Dekker Date: Mon, 26 Mar 2018 22:32:50 +0200 Subject: 42538: Temporarily set umask for here document. Done while signals are queued. --- ChangeLog | 6 ++++++ Src/utils.c | 4 ++++ Test/A04redirect.ztst | 9 +++++++++ 3 files changed, 19 insertions(+) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 4ac19f9d9..e36a0d49f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2018-03-27 Peter Stephenson + + * Martijn: 42538: Src/utils.c, Test/A04redirect.ztst: + temporarily set umask (with signals queued) while reading + here document. + 2018-03-25 Barton E. Schaefer * 42480: Src/utils.c: optimize $#var for single-byte character sets diff --git a/Src/utils.c b/Src/utils.c index 6517e15b8..466014263 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -2177,10 +2177,12 @@ gettempfile(const char *prefix, int use_heap, char **tempname) { char *fn; int fd; + mode_t old_umask; #if HAVE_MKSTEMP char *suffix = prefix ? ".XXXXXX" : "XXXXXX"; queue_signals(); + old_umask = umask(0177); if (!prefix && !(prefix = getsparam("TMPPREFIX"))) prefix = DEFAULT_TMPPREFIX; if (use_heap) @@ -2198,6 +2200,7 @@ gettempfile(const char *prefix, int use_heap, char **tempname) int failures = 0; queue_signals(); + old_umask = umask(0177); do { if (!(fn = gettempname(prefix, use_heap))) { fd = -1; @@ -2212,6 +2215,7 @@ gettempfile(const char *prefix, int use_heap, char **tempname) #endif *tempname = fn; + umask(old_umask); unqueue_signals(); return fd; } diff --git a/Test/A04redirect.ztst b/Test/A04redirect.ztst index ef7ddb25a..b5b65cf5d 100644 --- a/Test/A04redirect.ztst +++ b/Test/A04redirect.ztst @@ -667,3 +667,12 @@ 0:Redirect in the middle of assignments >b >d + + umask 0777 + cat <<' HERE' + look ma, no permissions + HERE + cat <<<"it's a miracle" +0:Here-{string,document}s succeed with restrictive umask +> look ma, no permissions +>it's a miracle -- cgit v1.2.3 From c053c6a0799397632df9ba88f8812a1da49c67f1 Mon Sep 17 00:00:00 2001 From: Oliver Kiddle Date: Wed, 28 Mar 2018 09:00:58 +0200 Subject: 42539: prevent overflow of PATH_MAX-sized buffer in spelling correction --- ChangeLog | 5 +++++ Src/utils.c | 14 +++++++++----- 2 files changed, 14 insertions(+), 5 deletions(-) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index e36a0d49f..d186d29a7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2018-03-28 Oliver Kiddle + + * 42539: Src/utils.c: prevent overflow of PATH_MAX-sized + buffer in spelling correction + 2018-03-27 Peter Stephenson * Martijn: 42538: Src/utils.c, Test/A04redirect.ztst: diff --git a/Src/utils.c b/Src/utils.c index 466014263..eab407eee 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -2287,7 +2287,8 @@ struncpy(char **s, char *t, int n) { char *u = *s; - while (n-- && (*u++ = *t++)); + while (n-- && (*u = *t++)) + u++; *s = u; if (n > 0) /* just one null-byte will do, unlike strncpy(3) */ *u = '\0'; @@ -4424,17 +4425,20 @@ spname(char *oldname) * odd to the human reader, and we may make use of the total * * distance for all corrections at some point in the future. */ if (bestdist < maxthresh) { - strcpy(new, spnameguess); - strcat(new, old); - return newname; + struncpy(&new, spnameguess, sizeof(newname) - (new - newname)); + struncpy(&new, old, sizeof(newname) - (new - newname)); + return (new - newname) >= (sizeof(newname)-1) ? NULL : newname; } else return NULL; } else { maxthresh = bestdist + thresh; bestdist += thisdist; } - for (p = spnamebest; (*new = *p++);) + for (p = spnamebest; (*new = *p++);) { + if ((new - newname) >= (sizeof(newname)-1)) + return NULL; new++; + } } } -- cgit v1.2.3 From bdf09270be2c5fb8a61b9e7f6bd0d0c194342000 Mon Sep 17 00:00:00 2001 From: Oliver Kiddle Date: Fri, 30 Mar 2018 12:13:59 +0200 Subject: 42560: silence sign-compare compiler warnings --- ChangeLog | 2 ++ Src/utils.c | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'Src/utils.c') diff --git a/ChangeLog b/ChangeLog index 86b5c428a..5812c75b7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2018-03-30 Oliver Kiddle + * 42560: Src/utils.c: silence sign-compare compiler warnings + * 42566: Completion/Unix/Command/_strings: new strings completion 2018-03-29 Mikael Magnusson diff --git a/Src/utils.c b/Src/utils.c index eab407eee..3587c3622 100644 --- a/Src/utils.c +++ b/Src/utils.c @@ -4396,7 +4396,7 @@ spname(char *oldname) * Rationale for this, if there ever was any, has been forgotten. */ for (;;) { while (*old == '/') { - if ((new - newname) >= (sizeof(newname)-1)) + if (new >= newname + sizeof(newname) - 1) return NULL; *new++ = *old++; } @@ -4427,7 +4427,7 @@ spname(char *oldname) if (bestdist < maxthresh) { struncpy(&new, spnameguess, sizeof(newname) - (new - newname)); struncpy(&new, old, sizeof(newname) - (new - newname)); - return (new - newname) >= (sizeof(newname)-1) ? NULL : newname; + return (new >= newname + sizeof(newname) -1) ? NULL : newname; } else return NULL; } else { @@ -4435,7 +4435,7 @@ spname(char *oldname) bestdist += thisdist; } for (p = spnamebest; (*new = *p++);) { - if ((new - newname) >= (sizeof(newname)-1)) + if (new >= newname + sizeof(newname) - 1) return NULL; new++; } -- cgit v1.2.3