Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 4 Jul 2007 19:03:12 +0400
From:      Andrey Chernov <ache@nagual.pp.ru>
To:        Michal Mertl <mime@traveller.cz>, freebsd-current <freebsd-current@freebsd.org>, scf@freebsd.org
Subject:   Re: Environment handling broken in /bin/sh with changes to {get,set,put}env()
Message-ID:  <20070704150312.GB31683@nagual.pp.ru>
In-Reply-To: <20070704143642.GA31254@nagual.pp.ru>
References:  <1183557221.1799.16.camel@genius.i.cz> <20070704143642.GA31254@nagual.pp.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 04, 2007 at 06:36:42PM +0400, Andrey Chernov wrote:
> 2) "s" may point to getenv()-provided value there. So just modifying it 
> directly followed by setenv() call will make things inconsistent.
> 
> 3) In my version of patch there was savestr() which copy arg to avoid this 
> situation.
> 
> Fix will be to restore var.c to mine variant 1.34

You may also try this patch against var.c 1.36:

Index: var.c
===================================================================
RCS file: /home/ncvs/src/bin/sh/var.c,v
retrieving revision 1.36
diff -u -r1.36 var.c
--- var.c	4 Jul 2007 00:00:38 -0000	1.36
+++ var.c	4 Jul 2007 14:59:19 -0000
@@ -289,7 +289,7 @@
 setvareq(char *s, int flags)
 {
 	struct var *vp, **vpp;
-	char *p;
+	char *p, *ss;
 	int len;
 
 	if (aflag)
@@ -320,10 +320,11 @@
 			if (vp == &vmpath || (vp == &vmail && ! mpathset()))
 				chkmail(1);
 			if ((vp->flags & VEXPORT) && localevar(s)) {
-				p = strchr(s, '=');
+				ss = savestr(s);
+				p = strchr(ss, '=');
 				*p = '\0';
-				(void) setenv(s, p + 1, 1);
-				*p = '=';
+				(void) setenv(ss, p + 1, 1);
+				ckfree(ss);
 				(void) setlocale(LC_ALL, "");
 			}
 			INTON;
@@ -339,10 +340,11 @@
 	INTOFF;
 	*vpp = vp;
 	if ((vp->flags & VEXPORT) && localevar(s)) {
-		p = strchr(s, '=');
+		ss = savestr(s);
+		p = strchr(ss, '=');
 		*p = '\0';
-		(void) setenv(s, p + 1, 1);
-		*p = '=';
+		(void) setenv(ss, p + 1, 1);
+		ckfree(ss);
 		(void) setlocale(LC_ALL, "");
 	}
 	INTON;
@@ -567,7 +569,7 @@
 	struct var **vpp;
 	struct var *vp;
 	char *name;
-	char *p;
+	char *p, *ss;
 	char *cmdname;
 	int ch, values;
 	int flag = argv[0][0] == 'r'? VREADONLY : VEXPORT;
@@ -603,10 +605,11 @@
 
 						vp->flags |= flag;
 						if ((vp->flags & VEXPORT) && localevar(vp->text)) {
-							p = strchr(vp->text, '=');
+							ss = savestr(vp->text);
+							p = strchr(ss, '=');
 							*p = '\0';
-							(void) setenv(vp->text, p + 1, 1);
-							*p = '=';
+							(void) setenv(ss, p + 1, 1);
+							ckfree(ss);
 							(void) setlocale(LC_ALL, "");
 						}
 						goto found;
@@ -788,6 +791,7 @@
 {
 	struct var **vpp;
 	struct var *vp;
+	char *ss, *eqp;
 
 	vpp = hashvar(s);
 	for (vp = *vpp ; vp ; vpp = &vp->next, vp = *vpp) {
@@ -798,7 +802,11 @@
 			if (*(strchr(vp->text, '=') + 1) != '\0')
 				setvar(s, nullstr, 0);
 			if ((vp->flags & VEXPORT) && localevar(vp->text)) {
-				unsetenv(s);
+				ss = savestr(s);
+				if ((eqp = strchr(ss, '=')) != NULL)
+					*eqp = '\0';
+				(void) unsetenv(ss);
+				ckfree(ss);
 				setlocale(LC_ALL, "");
 			}
 			vp->flags &= ~VEXPORT;

-- 
http://ache.pp.ru/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070704150312.GB31683>