From owner-svn-src-all@FreeBSD.ORG Mon Apr 14 21:26:36 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 680729E; Mon, 14 Apr 2014 21:26:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53F781DC0; Mon, 14 Apr 2014 21:26:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s3ELQaM4046947; Mon, 14 Apr 2014 21:26:36 GMT (envelope-from jilles@svn.freebsd.org) Received: (from jilles@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s3ELQZh7046940; Mon, 14 Apr 2014 21:26:35 GMT (envelope-from jilles@svn.freebsd.org) Message-Id: <201404142126.s3ELQZh7046940@svn.freebsd.org> From: Jilles Tjoelker Date: Mon, 14 Apr 2014 21:26:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r264478 - stable/10/bin/sh X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2014 21:26:36 -0000 Author: jilles Date: Mon Apr 14 21:26:34 2014 New Revision: 264478 URL: http://svnweb.freebsd.org/changeset/base/264478 Log: MFC r263777: sh: Fix possible memory leaks and double frees with unexpected SIGINT. Modified: stable/10/bin/sh/alias.c stable/10/bin/sh/exec.c stable/10/bin/sh/expand.c stable/10/bin/sh/redir.c stable/10/bin/sh/var.c Directory Properties: stable/10/ (props changed) Modified: stable/10/bin/sh/alias.c ============================================================================== --- stable/10/bin/sh/alias.c Mon Apr 14 21:12:38 2014 (r264477) +++ stable/10/bin/sh/alias.c Mon Apr 14 21:26:34 2014 (r264478) @@ -180,6 +180,7 @@ printaliases(void) int i, j; struct alias **sorted, *ap; + INTOFF; sorted = ckmalloc(aliases * sizeof(*sorted)); j = 0; for (i = 0; i < ATABSIZE; i++) @@ -187,9 +188,13 @@ printaliases(void) if (*ap->name != '\0') sorted[j++] = ap; qsort(sorted, aliases, sizeof(*sorted), comparealiases); - for (i = 0; i < aliases; i++) + for (i = 0; i < aliases; i++) { printalias(sorted[i]); + if (int_pending()) + break; + } ckfree(sorted); + INTON; } int Modified: stable/10/bin/sh/exec.c ============================================================================== --- stable/10/bin/sh/exec.c Mon Apr 14 21:12:38 2014 (r264477) +++ stable/10/bin/sh/exec.c Mon Apr 14 21:26:34 2014 (r264478) @@ -612,6 +612,7 @@ defun(const char *name, union node *func /* * Delete a function if it exists. + * Called with interrupts off. */ int Modified: stable/10/bin/sh/expand.c ============================================================================== --- stable/10/bin/sh/expand.c Mon Apr 14 21:12:38 2014 (r264477) +++ stable/10/bin/sh/expand.c Mon Apr 14 21:26:34 2014 (r264478) @@ -956,6 +956,7 @@ recordregion(int start, int end, int inq { struct ifsregion *ifsp; + INTOFF; if (ifslastp == NULL) { ifsp = &ifsfirst; } else { @@ -963,6 +964,7 @@ recordregion(int start, int end, int inq && ifslastp->inquotes == inquotes) { /* extend previous area */ ifslastp->endoff = end; + INTON; return; } ifsp = (struct ifsregion *)ckmalloc(sizeof (struct ifsregion)); @@ -973,6 +975,7 @@ recordregion(int start, int end, int inq ifslastp->begoff = start; ifslastp->endoff = end; ifslastp->inquotes = inquotes; + INTON; } Modified: stable/10/bin/sh/redir.c ============================================================================== --- stable/10/bin/sh/redir.c Mon Apr 14 21:12:38 2014 (r264477) +++ stable/10/bin/sh/redir.c Mon Apr 14 21:26:34 2014 (r264478) @@ -92,6 +92,13 @@ static int openhere(union node *); * undone by calling popredir. If the REDIR_BACKQ flag is set, then the * standard output, and the standard error if it becomes a duplicate of * stdout, is saved in memory. +* + * We suppress interrupts so that we won't leave open file + * descriptors around. Because the signal handler remains + * installed and we do not use system call restart, interrupts + * will still abort blocking opens such as fifos (they will fail + * with EINTR). There is, however, a race condition if an interrupt + * arrives after INTOFF and before open blocks. */ void @@ -103,6 +110,7 @@ redirect(union node *redir, int flags) int fd; char memory[10]; /* file descriptors to write to memory */ + INTOFF; for (i = 10 ; --i >= 0 ; ) memory[i] = 0; memory[1] = flags & REDIR_BACKQ; @@ -139,11 +147,14 @@ redirect(union node *redir, int flags) INTON; } openredirect(n, memory); + INTON; + INTOFF; } if (memory[1]) out1 = &memout; if (memory[2]) out2 = &memout; + INTON; } @@ -156,15 +167,6 @@ openredirect(union node *redir, char mem int f; int e; - /* - * We suppress interrupts so that we won't leave open file - * descriptors around. Because the signal handler remains - * installed and we do not use system call restart, interrupts - * will still abort blocking opens such as fifos (they will fail - * with EINTR). There is, however, a race condition if an interrupt - * arrives after INTOFF and before open blocks. - */ - INTOFF; memory[fd] = 0; switch (redir->nfile.type) { case NFROM: @@ -237,7 +239,6 @@ movefd: default: abort(); } - INTON; } Modified: stable/10/bin/sh/var.c ============================================================================== --- stable/10/bin/sh/var.c Mon Apr 14 21:12:38 2014 (r264477) +++ stable/10/bin/sh/var.c Mon Apr 14 21:26:34 2014 (r264478) @@ -249,6 +249,7 @@ setvar(const char *name, const char *val vallen = strlen(val); len += vallen; } + INTOFF; nameeq = ckmalloc(len); memcpy(nameeq, name, namelen); nameeq[namelen] = '='; @@ -257,6 +258,7 @@ setvar(const char *name, const char *val else nameeq[namelen + 1] = '\0'; setvareq(nameeq, flags); + INTON; } static int @@ -289,6 +291,7 @@ change_env(const char *s, int set) char *eqp; char *ss; + INTOFF; ss = savestr(s); if ((eqp = strchr(ss, '=')) != NULL) *eqp = '\0'; @@ -297,6 +300,7 @@ change_env(const char *s, int set) else (void) unsetenv(ss); ckfree(ss); + INTON; return; } @@ -359,13 +363,13 @@ setvareq(char *s, int flags) /* not found */ if (flags & VNOSET) return; + INTOFF; vp = ckmalloc(sizeof (*vp)); vp->flags = flags; vp->text = s; vp->name_len = nlen; vp->next = *vpp; vp->func = NULL; - INTOFF; *vpp = vp; if ((vp->flags & VEXPORT) && localevar(s)) { change_env(s, 1); @@ -773,6 +777,7 @@ poplocalvars(void) struct localvar *lvp; struct var *vp; + INTOFF; while ((lvp = localvars) != NULL) { localvars = lvp->next; vp = lvp->vp; @@ -790,6 +795,7 @@ poplocalvars(void) } ckfree(lvp); } + INTON; } @@ -828,18 +834,21 @@ unsetcmd(int argc __unused, char **argv if (flg_func == 0 && flg_var == 0) flg_var = 1; + INTOFF; for (ap = argptr; *ap ; ap++) { if (flg_func) ret |= unsetfunc(*ap); if (flg_var) ret |= unsetvar(*ap); } + INTON; return ret; } /* * Unset the specified variable. + * Called with interrupts off. */ int @@ -853,7 +862,6 @@ unsetvar(const char *s) return (0); if (vp->flags & VREADONLY) return (1); - INTOFF; if (vp->text[vp->name_len + 1] != '\0') setvar(s, nullstr, 0); if ((vp->flags & VEXPORT) && localevar(vp->text)) { @@ -869,7 +877,6 @@ unsetvar(const char *s) *vpp = vp->next; ckfree(vp); } - INTON; return (0); }