From: Denis Vlasenko Date: Tue, 10 Apr 2007 15:43:37 +0000 (-0000) Subject: audit small applets and mark some of them as NOFORK. X-Git-Tag: 1_6_0~200 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=99912ca733dd960f5589227fd999c86e73c8e894;p=oweals%2Fbusybox.git audit small applets and mark some of them as NOFORK. Put big scary warnings in relevant places. --- diff --git a/coreutils/basename.c b/coreutils/basename.c index 46f7122c8..f4307d6ce 100644 --- a/coreutils/basename.c +++ b/coreutils/basename.c @@ -20,11 +20,10 @@ * 3) Save some space by using strcmp(). Calling strncmp() here was silly. */ -#include -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int basename_main(int argc, char **argv); int basename_main(int argc, char **argv) { @@ -47,5 +46,5 @@ int basename_main(int argc, char **argv) puts(s); - fflush_stdout_and_exit(EXIT_SUCCESS); + return fflush(stdout); } diff --git a/coreutils/cat.c b/coreutils/cat.c index 7bab325ef..eb141dc79 100644 --- a/coreutils/cat.c +++ b/coreutils/cat.c @@ -12,17 +12,23 @@ #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + + int bb_cat(char **argv) { static const char *const argv_dash[] = { "-", NULL }; + FILE *f; int retval = EXIT_SUCCESS; - if (!*argv) argv = (char**) &argv_dash; + if (!*argv) + argv = (char**) &argv_dash; do { f = fopen_or_warn_stdin(*argv); if (f) { + /* This is not an xfunc - never exits */ off_t r = bb_copyfd_eof(fileno(f), STDOUT_FILENO); fclose_if_not_stdin(f); if (r >= 0) diff --git a/coreutils/chgrp.c b/coreutils/chgrp.c index cfb8c15b2..48014ecdf 100644 --- a/coreutils/chgrp.c +++ b/coreutils/chgrp.c @@ -13,6 +13,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + int chgrp_main(int argc, char **argv); int chgrp_main(int argc, char **argv) { diff --git a/coreutils/chmod.c b/coreutils/chmod.c index 9a73218a1..aa3625877 100644 --- a/coreutils/chmod.c +++ b/coreutils/chmod.c @@ -16,6 +16,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + #define OPT_RECURSE (option_mask32 & 1) #define OPT_VERBOSE (USE_DESKTOP(option_mask32 & 2) SKIP_DESKTOP(0)) #define OPT_CHANGED (USE_DESKTOP(option_mask32 & 4) SKIP_DESKTOP(0)) diff --git a/coreutils/chown.c b/coreutils/chown.c index e64a39c3e..71ba81247 100644 --- a/coreutils/chown.c +++ b/coreutils/chown.c @@ -13,6 +13,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + #define OPT_STR ("Rh" USE_DESKTOP("vcfLHP")) #define BIT_RECURSE 1 #define OPT_RECURSE (option_mask32 & 1) diff --git a/coreutils/chroot.c b/coreutils/chroot.c index fcd70f21a..874ee917e 100644 --- a/coreutils/chroot.c +++ b/coreutils/chroot.c @@ -27,8 +27,9 @@ int chroot_main(int argc, char **argv) ++argv; if (argc == 2) { argv -= 2; - if (!(*argv = getenv("SHELL"))) { - *argv = (char *) DEFAULT_SHELL; + argv[0] = getenv("SHELL"); + if (!argv[0]) { + argv[0] = (char *) DEFAULT_SHELL; } argv[1] = (char *) "-i"; } diff --git a/coreutils/cp.c b/coreutils/cp.c index a80e0d286..8c0937971 100644 --- a/coreutils/cp.c +++ b/coreutils/cp.c @@ -18,6 +18,9 @@ #include "busybox.h" #include "libcoreutils/coreutils.h" +/* This is a NOEXEC applet. Be very careful! */ + + int cp_main(int argc, char **argv); int cp_main(int argc, char **argv) { diff --git a/coreutils/cut.c b/coreutils/cut.c index 22014fcfb..b9ea3127c 100644 --- a/coreutils/cut.c +++ b/coreutils/cut.c @@ -11,6 +11,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + /* option vars */ static const char optstring[] = "b:c:f:d:sn"; #define CUT_OPT_BYTE_FLGS (1<<0) diff --git a/coreutils/dd.c b/coreutils/dd.c index 4507b5e0c..34a325ea6 100644 --- a/coreutils/dd.c +++ b/coreutils/dd.c @@ -8,8 +8,11 @@ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. */ -#include "busybox.h" #include /* For FEATURE_DD_SIGNAL_HANDLING */ +#include "busybox.h" + +/* This is a NOEXEC applet. Be very careful! */ + static const struct suffix_mult dd_suffixes[] = { { "c", 1 }, diff --git a/coreutils/dirname.c b/coreutils/dirname.c index 4ecde3147..7c5484bfd 100644 --- a/coreutils/dirname.c +++ b/coreutils/dirname.c @@ -10,10 +10,10 @@ /* BB_AUDIT SUSv3 compliant */ /* http://www.opengroup.org/onlinepubs/007904975/utilities/dirname.html */ -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int dirname_main(int argc, char **argv); int dirname_main(int argc, char **argv) { @@ -23,5 +23,5 @@ int dirname_main(int argc, char **argv) puts(dirname(argv[1])); - fflush_stdout_and_exit(EXIT_SUCCESS); + return fflush(stdout); } diff --git a/coreutils/false.c b/coreutils/false.c index 2a26e0e28..90d6a0162 100644 --- a/coreutils/false.c +++ b/coreutils/false.c @@ -10,9 +10,10 @@ /* BB_AUDIT SUSv3 compliant */ /* http://www.opengroup.org/onlinepubs/007904975/utilities/false.html */ -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int false_main(int ATTRIBUTE_UNUSED argc, char ATTRIBUTE_UNUSED **argv); int false_main(int ATTRIBUTE_UNUSED argc, char ATTRIBUTE_UNUSED **argv) { diff --git a/coreutils/hostid.c b/coreutils/hostid.c index 51a76c631..e14f6ca57 100644 --- a/coreutils/hostid.c +++ b/coreutils/hostid.c @@ -9,10 +9,10 @@ /* BB_AUDIT SUSv3 N/A -- Matches GNU behavior. */ -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int hostid_main(int argc, char ATTRIBUTE_UNUSED **argv); int hostid_main(int argc, char ATTRIBUTE_UNUSED **argv) { @@ -22,5 +22,5 @@ int hostid_main(int argc, char ATTRIBUTE_UNUSED **argv) printf("%lx\n", gethostid()); - fflush_stdout_and_exit(EXIT_SUCCESS); + return fflush(stdout); } diff --git a/coreutils/length.c b/coreutils/length.c index 1dc122cc1..b3a9d4903 100644 --- a/coreutils/length.c +++ b/coreutils/length.c @@ -2,19 +2,18 @@ /* BB_AUDIT SUSv3 N/A -- Apparently a busybox (obsolete?) extension. */ -#include -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int length_main(int argc, char **argv); int length_main(int argc, char **argv) { - if ((argc != 2) || (**(++argv) == '-')) { - bb_show_usage(); + if ((argc != 2) || (**(++argv) == '-')) { + bb_show_usage(); } - printf("%lu\n", (unsigned long)strlen(*argv)); + printf("%u\n", (unsigned)strlen(*argv)); - fflush_stdout_and_exit(EXIT_SUCCESS); + return fflush(stdout); } diff --git a/coreutils/ln.c b/coreutils/ln.c index 720713475..fd4eacec2 100644 --- a/coreutils/ln.c +++ b/coreutils/ln.c @@ -13,6 +13,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + #define LN_SYMLINK 1 #define LN_FORCE 2 #define LN_NODEREFERENCE 4 diff --git a/coreutils/logname.c b/coreutils/logname.c index 743e2291c..aba6ce3c6 100644 --- a/coreutils/logname.c +++ b/coreutils/logname.c @@ -20,23 +20,23 @@ * a diagnostic message and an error return. */ -#include -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int logname_main(int argc, char ATTRIBUTE_UNUSED **argv); int logname_main(int argc, char ATTRIBUTE_UNUSED **argv) { - const char *p; + char buf[128]; if (argc > 1) { bb_show_usage(); } - if ((p = getlogin()) != NULL) { - puts(p); - fflush_stdout_and_exit(EXIT_SUCCESS); + /* Using _r function - avoid pulling in static buffer from libc */ + if (getlogin_r(buf, sizeof(buf)) == 0) { + puts(buf); + return fflush(stdout); } bb_perror_msg_and_die("getlogin"); diff --git a/coreutils/ls.c b/coreutils/ls.c index 34836ee29..7bbb19d6c 100644 --- a/coreutils/ls.c +++ b/coreutils/ls.c @@ -29,8 +29,11 @@ * 1. requires lstat (BSD) - how do you do it without? */ -#include "busybox.h" #include +#include "busybox.h" + +/* This is a NOEXEC applet. Be very careful! */ + enum { diff --git a/coreutils/mkdir.c b/coreutils/mkdir.c index 690e4ab40..5a6c9d077 100644 --- a/coreutils/mkdir.c +++ b/coreutils/mkdir.c @@ -19,19 +19,19 @@ /* Nov 28, 2006 Yoshinori Sato : Add SELinux Support. */ -#include -#include #include /* struct option */ #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + #if ENABLE_FEATURE_MKDIR_LONG_OPTIONS static const struct option mkdir_long_options[] = { - { "mode", 1, NULL, 'm' }, + { "mode" , 1, NULL, 'm' }, { "parents", 0, NULL, 'p' }, #if ENABLE_SELINUX { "context", 1, NULL, 'Z' }, #endif - { 0, 0, 0, 0 } + { NULL, 0, NULL, 0 } }; #endif diff --git a/coreutils/mkfifo.c b/coreutils/mkfifo.c index 6d8aa413e..7dcc50fa9 100644 --- a/coreutils/mkfifo.c +++ b/coreutils/mkfifo.c @@ -10,9 +10,6 @@ /* BB_AUDIT SUSv3 compliant */ /* http://www.opengroup.org/onlinepubs/007904975/utilities/mkfifo.html */ -#include -#include -#include #include "busybox.h" #include "libcoreutils/coreutils.h" @@ -24,7 +21,8 @@ int mkfifo_main(int argc, char **argv) mode = getopt_mk_fifo_nod(argc, argv); - if (!*(argv += optind)) { + argv += optind; + if (!*argv) { bb_show_usage(); } diff --git a/coreutils/pwd.c b/coreutils/pwd.c index d96f6a8e5..a93b8f115 100644 --- a/coreutils/pwd.c +++ b/coreutils/pwd.c @@ -7,10 +7,10 @@ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. */ -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int pwd_main(int argc, char **argv); int pwd_main(int argc, char **argv) { @@ -19,7 +19,8 @@ int pwd_main(int argc, char **argv) buf = xrealloc_getcwd_or_warn(NULL); if (buf != NULL) { puts(buf); - fflush_stdout_and_exit(EXIT_SUCCESS); + free(buf); + return fflush(stdout); } return EXIT_FAILURE; diff --git a/coreutils/rm.c b/coreutils/rm.c index 1883feed8..6f32e7dc5 100644 --- a/coreutils/rm.c +++ b/coreutils/rm.c @@ -15,9 +15,10 @@ * Size reduction. */ -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int rm_main(int argc, char **argv); int rm_main(int argc, char **argv) { @@ -27,14 +28,15 @@ int rm_main(int argc, char **argv) opt_complementary = "f-i:i-f"; opt = getopt32(argc, argv, "fiRr"); + argv += optind; if(opt & 1) - flags |= FILEUTILS_FORCE; + flags |= FILEUTILS_FORCE; if(opt & 2) flags |= FILEUTILS_INTERACTIVE; if(opt & 12) flags |= FILEUTILS_RECUR; - if (*(argv += optind) != NULL) { + if (*argv != NULL) { do { const char *base = bb_get_last_path_component(*argv); diff --git a/coreutils/rmdir.c b/coreutils/rmdir.c index 8cbd6f1fa..7f3253017 100644 --- a/coreutils/rmdir.c +++ b/coreutils/rmdir.c @@ -10,11 +10,12 @@ /* BB_AUDIT SUSv3 compliant */ /* http://www.opengroup.org/onlinepubs/007904975/utilities/rmdir.html */ -#include -#include #include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + + int rmdir_main(int argc, char **argv); int rmdir_main(int argc, char **argv) { @@ -24,7 +25,6 @@ int rmdir_main(int argc, char **argv) char *path; flags = getopt32(argc, argv, "p"); - argv += optind; if (!*argv) { @@ -37,7 +37,7 @@ int rmdir_main(int argc, char **argv) /* Record if the first char was a '.' so we can use dirname later. */ do_dot = (*path == '.'); - do { + while (1) { if (rmdir(path) < 0) { bb_perror_msg("'%s'", path); /* Match gnu rmdir msg. */ status = EXIT_FAILURE; @@ -53,7 +53,7 @@ int rmdir_main(int argc, char **argv) } } break; - } while (1); + } } while (*++argv); diff --git a/coreutils/seq.c b/coreutils/seq.c index e81a4660a..ef884d6ae 100644 --- a/coreutils/seq.c +++ b/coreutils/seq.c @@ -7,21 +7,22 @@ * Licensed under the GPL v2, see the file LICENSE in this tarball. */ -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + + int seq_main(int argc, char **argv); int seq_main(int argc, char **argv) { - double last, first, increment, i; + double last, increment, i; - first = increment = 1; + i = increment = 1; switch (argc) { case 4: increment = atof(argv[2]); case 3: - first = atof(argv[1]); + i = atof(argv[1]); case 2: last = atof(argv[argc-1]); break; @@ -30,12 +31,10 @@ int seq_main(int argc, char **argv) } /* You should note that this is pos-5.0.91 semantics, -- FK. */ - for (i = first; - (increment > 0 && i <= last) || (increment < 0 && i >=last); - i += increment) - { + while ((increment > 0 && i <= last) || (increment < 0 && i >= last)) { printf("%g\n", i); + i += increment; } - return EXIT_SUCCESS; + return fflush(stdout); } diff --git a/coreutils/sleep.c b/coreutils/sleep.c index b89b0fe9c..592005bab 100644 --- a/coreutils/sleep.c +++ b/coreutils/sleep.c @@ -18,12 +18,12 @@ * time suffixes for seconds, minutes, hours, and days. */ -#include -#include -#include #include "busybox.h" -#ifdef CONFIG_FEATURE_FANCY_SLEEP +/* This is a NOFORK applet. Be very careful! */ + + +#if ENABLE_FEATURE_FANCY_SLEEP static const struct suffix_mult sfx[] = { { "s", 1 }, { "m", 60 }, @@ -36,9 +36,9 @@ static const struct suffix_mult sfx[] = { int sleep_main(int argc, char **argv); int sleep_main(int argc, char **argv) { - unsigned int duration; + unsigned duration; -#ifdef CONFIG_FEATURE_FANCY_SLEEP +#if ENABLE_FEATURE_FANCY_SLEEP if (argc < 2) { bb_show_usage(); @@ -50,7 +50,7 @@ int sleep_main(int argc, char **argv) duration += xatoul_range_sfx(*argv, 0, UINT_MAX-duration, sfx); } while (*++argv); -#else /* CONFIG_FEATURE_FANCY_SLEEP */ +#else /* FEATURE_FANCY_SLEEP */ if (argc != 2) { bb_show_usage(); @@ -58,7 +58,7 @@ int sleep_main(int argc, char **argv) duration = xatou(argv[1]); -#endif /* CONFIG_FEATURE_FANCY_SLEEP */ +#endif /* FEATURE_FANCY_SLEEP */ if (sleep(duration)) { bb_perror_nomsg_and_die(); diff --git a/coreutils/sort.c b/coreutils/sort.c index dad542964..06a6cbf70 100644 --- a/coreutils/sort.c +++ b/coreutils/sort.c @@ -14,6 +14,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + /* sort [-m][-o output][-bdfinru][-t char][-k keydef]... [file...] sort -c [-bdfinru][-t char][-k keydef][file] diff --git a/coreutils/sync.c b/coreutils/sync.c index 536c57a17..e52ab768d 100644 --- a/coreutils/sync.c +++ b/coreutils/sync.c @@ -9,10 +9,10 @@ /* BB_AUDIT SUSv3 N/A -- Matches GNU behavior. */ -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int sync_main(int argc, char **argv); int sync_main(int argc, char **argv) { diff --git a/coreutils/test.c b/coreutils/test.c index d5babefce..e9b627638 100644 --- a/coreutils/test.c +++ b/coreutils/test.c @@ -21,12 +21,11 @@ */ #include "busybox.h" -#include -#include -#include -#include #include +/* This is a NOEXEC applet. Be very careful! */ + + /* test(1) accepts the following grammar: oexpr ::= aexpr | aexpr "-o" oexpr ; aexpr ::= nexpr | nexpr "-a" aexpr ; diff --git a/coreutils/true.c b/coreutils/true.c index b2f3a9bad..eee621331 100644 --- a/coreutils/true.c +++ b/coreutils/true.c @@ -10,9 +10,10 @@ /* BB_AUDIT SUSv3 compliant */ /* http://www.opengroup.org/onlinepubs/007904975/utilities/true.html */ -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int true_main(int argc, char **argv); int true_main(int argc, char **argv) { diff --git a/coreutils/tty.c b/coreutils/tty.c index c28aa33d7..d4c179fca 100644 --- a/coreutils/tty.c +++ b/coreutils/tty.c @@ -10,9 +10,6 @@ /* BB_AUDIT SUSv3 compliant */ /* http://www.opengroup.org/onlinepubs/007904975/utilities/tty.html */ -#include -#include -#include #include "busybox.h" int tty_main(int argc, char **argv); @@ -31,7 +28,8 @@ int tty_main(int argc, char **argv) retval = 0; - if ((s = ttyname(0)) == NULL) { + s = ttyname(0); + if (s == NULL) { /* According to SUSv3, ttyname can on fail with EBADF or ENOTTY. * We know the file descriptor is good, so failure means not a tty. */ s = "not a tty"; diff --git a/coreutils/usleep.c b/coreutils/usleep.c index 7dd914638..2baf2bc87 100644 --- a/coreutils/usleep.c +++ b/coreutils/usleep.c @@ -9,11 +9,10 @@ /* BB_AUDIT SUSv3 N/A -- Apparently a busybox extension. */ -#include -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int usleep_main(int argc, char **argv); int usleep_main(int argc, char **argv) { diff --git a/coreutils/whoami.c b/coreutils/whoami.c index 3185817b6..25757f633 100644 --- a/coreutils/whoami.c +++ b/coreutils/whoami.c @@ -9,11 +9,10 @@ /* BB_AUDIT SUSv3 N/A -- Matches GNU behavior. */ -#include -#include -#include #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int whoami_main(int argc, char **argv); int whoami_main(int argc, char **argv) { @@ -21,6 +20,6 @@ int whoami_main(int argc, char **argv) bb_show_usage(); puts(bb_getpwuid(NULL, geteuid(), -1)); - /* exits on error */ - fflush_stdout_and_exit(EXIT_SUCCESS); + + return fflush(stdout); } diff --git a/coreutils/yes.c b/coreutils/yes.c index 2611c3e82..569764150 100644 --- a/coreutils/yes.c +++ b/coreutils/yes.c @@ -16,25 +16,26 @@ #include "busybox.h" +/* This is a NOFORK applet. Be very careful! */ + int yes_main(int argc, char **argv); int yes_main(int argc, char **argv) { - static const char fmt_str[] = " %s"; - const char *fmt; char **first_arg; - *argv = (char*)"y"; + argv[0] = (char*)"y"; if (argc != 1) { ++argv; } first_arg = argv; do { - fmt = fmt_str + 1; - do { - printf(fmt, *argv); - fmt = fmt_str; - } while (*++argv); + while (1) { + fputs(*argv, stdout); + if (!*++argv) + break; + putchar(' '); + } argv = first_arg; } while (putchar('\n') != EOF); diff --git a/editors/awk.c b/editors/awk.c index f331a33fa..1bdb9b924 100644 --- a/editors/awk.c +++ b/editors/awk.c @@ -11,6 +11,8 @@ #include "xregex.h" #include +/* This is a NOEXEC applet. Be very careful! */ + #define MAXVARFMT 240 #define MINNVBLOCK 64 diff --git a/findutils/find.c b/findutils/find.c index 1a1301b38..b77d36dc3 100644 --- a/findutils/find.c +++ b/findutils/find.c @@ -48,6 +48,9 @@ #include #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + USE_FEATURE_FIND_XDEV(static dev_t *xdev_dev;) USE_FEATURE_FIND_XDEV(static int xdev_count;) diff --git a/findutils/xargs.c b/findutils/xargs.c index b4dd9f876..2b3a5081c 100644 --- a/findutils/xargs.c +++ b/findutils/xargs.c @@ -19,6 +19,9 @@ #include "busybox.h" +/* This is a NOEXEC applet. Be very careful! */ + + /* COMPAT: SYSV version defaults size (and has a max value of) to 470. We try to make it as large as possible. */ #if !defined(ARG_MAX) && defined(_SC_ARG_MAX) diff --git a/include/applets.h b/include/applets.h index ecce32169..b59d33183 100644 --- a/include/applets.h +++ b/include/applets.h @@ -76,17 +76,17 @@ USE_ARP(APPLET(arp, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_ARPING(APPLET(arping, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_ASH(APPLET_NOUSAGE(ash, ash, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_AWK(APPLET_NOEXEC(awk, awk, _BB_DIR_USR_BIN, _BB_SUID_NEVER, awk)) -USE_BASENAME(APPLET(basename, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_BASENAME(APPLET_NOFORK(basename, basename, _BB_DIR_USR_BIN, _BB_SUID_NEVER, basename)) USE_BBCONFIG(APPLET(bbconfig, _BB_DIR_BIN, _BB_SUID_NEVER)) //USE_BBSH(APPLET(bbsh, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_BUNZIP2(APPLET(bunzip2, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_BUNZIP2(APPLET_ODDNAME(bzcat, bunzip2, _BB_DIR_USR_BIN, _BB_SUID_NEVER, bzcat)) USE_CAL(APPLET(cal, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_CAT(APPLET_NOEXEC(cat, cat, _BB_DIR_BIN, _BB_SUID_NEVER, cat)) +USE_CAT(APPLET_NOFORK(cat, cat, _BB_DIR_BIN, _BB_SUID_NEVER, cat)) USE_CATV(APPLET(catv, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_CHATTR(APPLET(chattr, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_CHCON(APPLET(chcon, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_CHGRP(APPLET(chgrp, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_CHGRP(APPLET_NOEXEC(chgrp, chgrp, _BB_DIR_BIN, _BB_SUID_NEVER, chgrp)) USE_CHMOD(APPLET_NOEXEC(chmod, chmod, _BB_DIR_BIN, _BB_SUID_NEVER, chmod)) USE_CHOWN(APPLET_NOEXEC(chown, chown, _BB_DIR_BIN, _BB_SUID_NEVER, chown)) USE_CHPST(APPLET(chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) @@ -112,7 +112,7 @@ USE_DEVFSD(APPLET(devfsd, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_DF(APPLET(df, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_APP_DHCPRELAY(APPLET(dhcprelay, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_DIFF(APPLET(diff, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_DIRNAME(APPLET(dirname, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_DIRNAME(APPLET_NOFORK(dirname, dirname, _BB_DIR_USR_BIN, _BB_SUID_NEVER, dirname)) USE_DMESG(APPLET(dmesg, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_DNSD(APPLET(dnsd, _BB_DIR_USR_SBIN, _BB_SUID_ALWAYS)) USE_DOS2UNIX(APPLET(dos2unix, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) @@ -133,7 +133,7 @@ USE_ENVUIDGID(APPLET_ODDNAME(envuidgid, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, USE_ETHER_WAKE(APPLET_ODDNAME(ether-wake, ether_wake, _BB_DIR_USR_BIN, _BB_SUID_NEVER, ether_wake)) USE_EXPR(APPLET(expr, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_FAKEIDENTD(APPLET(fakeidentd, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) -USE_FALSE(APPLET(false, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_FALSE(APPLET_NOFORK(false, false, _BB_DIR_BIN, _BB_SUID_NEVER, false)) USE_FBSET(APPLET(fbset, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_FDFLUSH(APPLET_ODDNAME(fdflush, freeramdisk, _BB_DIR_BIN, _BB_SUID_NEVER, fdflush)) USE_FDFORMAT(APPLET(fdformat, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) @@ -162,7 +162,7 @@ USE_HALT(APPLET(halt, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_HDPARM(APPLET(hdparm, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_HEAD(APPLET(head, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_HEXDUMP(APPLET_NOEXEC(hexdump, hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hexdump)) -USE_HOSTID(APPLET(hostid, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_HOSTID(APPLET_NOFORK(hostid, hostid, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hostid)) USE_HOSTNAME(APPLET(hostname, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_HTTPD(APPLET(httpd, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_HUSH(APPLET_NOUSAGE(hush, hush, _BB_DIR_BIN, _BB_SUID_NEVER)) @@ -190,7 +190,7 @@ USE_KILLALL5(APPLET_ODDNAME(killall5, kill, _BB_DIR_USR_BIN, _BB_SUID_NEVER, kil USE_KLOGD(APPLET(klogd, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_LASH(APPLET(lash, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_LAST(APPLET(last, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_LENGTH(APPLET(length, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_LENGTH(APPLET_NOFORK(length, length, _BB_DIR_USR_BIN, _BB_SUID_NEVER, length)) USE_LESS(APPLET(less, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_SETARCH(APPLET_NOUSAGE(linux32, setarch, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_SETARCH(APPLET_NOUSAGE(linux64, setarch, _BB_DIR_BIN, _BB_SUID_NEVER)) @@ -201,7 +201,7 @@ USE_LOADFONT(APPLET(loadfont, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_LOADKMAP(APPLET(loadkmap, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_LOGGER(APPLET(logger, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_LOGIN(APPLET(login, _BB_DIR_BIN, _BB_SUID_ALWAYS)) -USE_LOGNAME(APPLET(logname, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_LOGNAME(APPLET_NOFORK(logname, logname, _BB_DIR_USR_BIN, _BB_SUID_NEVER, logname)) USE_LOGREAD(APPLET(logread, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_LOSETUP(APPLET(losetup, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_LS(APPLET_NOEXEC(ls, ls, _BB_DIR_BIN, _BB_SUID_NEVER, ls)) @@ -213,7 +213,7 @@ USE_MAKEDEVS(APPLET(makedevs, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_MD5SUM(APPLET_ODDNAME(md5sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_NEVER, md5sum)) USE_MDEV(APPLET(mdev, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_MESG(APPLET(mesg, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_MKDIR(APPLET_NOEXEC(mkdir, mkdir, _BB_DIR_BIN, _BB_SUID_NEVER, mkdir)) +USE_MKDIR(APPLET_NOFORK(mkdir, mkdir, _BB_DIR_BIN, _BB_SUID_NEVER, mkdir)) //USE_MKE2FS(APPLET(mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_MKFIFO(APPLET(mkfifo, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) //USE_MKE2FS(APPLET_NOUSAGE(mkfs.ext2, mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER)) @@ -249,7 +249,7 @@ USE_HALT(APPLET_ODDNAME(poweroff, halt, _BB_DIR_SBIN, _BB_SUID_NEVER, poweroff)) USE_PRINTENV(APPLET(printenv, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_PRINTF(APPLET(printf, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_PS(APPLET(ps, _BB_DIR_BIN, _BB_SUID_NEVER)) -USE_PWD(APPLET(pwd, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_PWD(APPLET_NOFORK(pwd, pwd, _BB_DIR_BIN, _BB_SUID_NEVER, pwd)) USE_RAIDAUTORUN(APPLET(raidautorun, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_RDATE(APPLET(rdate, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_READAHEAD(APPLET(readahead, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) @@ -260,8 +260,8 @@ USE_HALT(APPLET_ODDNAME(reboot, halt, _BB_DIR_SBIN, _BB_SUID_NEVER, reboot)) USE_RENICE(APPLET(renice, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_RESET(APPLET(reset, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_RESIZE(APPLET(resize, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_RM(APPLET_NOEXEC(rm, rm, _BB_DIR_BIN, _BB_SUID_NEVER, rm)) -USE_RMDIR(APPLET(rmdir, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_RM(APPLET_NOFORK(rm, rm, _BB_DIR_BIN, _BB_SUID_NEVER, rm)) +USE_RMDIR(APPLET_NOFORK(rmdir, rmdir, _BB_DIR_BIN, _BB_SUID_NEVER, rmdir)) USE_RMMOD(APPLET(rmmod, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_ROUTE(APPLET(route, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_RPM(APPLET(rpm, _BB_DIR_BIN, _BB_SUID_NEVER)) @@ -274,7 +274,7 @@ USE_RUNSVDIR(APPLET(runsvdir, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_RX(APPLET(rx, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_SELINUXENABLED(APPLET(selinuxenabled, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) USE_SED(APPLET(sed, _BB_DIR_BIN, _BB_SUID_NEVER)) -USE_SEQ(APPLET(seq, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_SEQ(APPLET_NOFORK(seq, seq, _BB_DIR_USR_BIN, _BB_SUID_NEVER, seq)) USE_SETARCH(APPLET(setarch, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_SETCONSOLE(APPLET(setconsole, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_SETENFORCE(APPLET(setenforce, _BB_DIR_USR_SBIN, _BB_SUID_NEVER)) @@ -287,7 +287,7 @@ USE_FEATURE_SH_IS_HUSH(APPLET_NOUSAGE(sh, hush, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_FEATURE_SH_IS_LASH(APPLET_NOUSAGE(sh, lash, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_FEATURE_SH_IS_MSH(APPLET_NOUSAGE(sh, msh, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_SHA1SUM(APPLET_ODDNAME(sha1sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_NEVER, sha1sum)) -USE_SLEEP(APPLET(sleep, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_SLEEP(APPLET_NOFORK(sleep, sleep, _BB_DIR_BIN, _BB_SUID_NEVER, sleep)) USE_SOFTLIMIT(APPLET_ODDNAME(softlimit, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, softlimit)) USE_SORT(APPLET_NOEXEC(sort, sort, _BB_DIR_USR_BIN, _BB_SUID_NEVER, sort)) USE_SPLIT(APPLET(split, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) @@ -303,7 +303,7 @@ USE_SVLOGD(APPLET(svlogd, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_SWAPONOFF(APPLET_ODDNAME(swapoff, swap_on_off, _BB_DIR_SBIN, _BB_SUID_NEVER,swapoff)) USE_SWAPONOFF(APPLET_ODDNAME(swapon, swap_on_off, _BB_DIR_SBIN, _BB_SUID_NEVER, swapon)) USE_SWITCH_ROOT(APPLET(switch_root, _BB_DIR_SBIN, _BB_SUID_NEVER)) -USE_SYNC(APPLET(sync, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_SYNC(APPLET_NOFORK(sync, sync, _BB_DIR_BIN, _BB_SUID_NEVER, sync)) USE_BB_SYSCTL(APPLET(sysctl, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_SYSLOGD(APPLET(syslogd, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_TAIL(APPLET(tail, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) @@ -322,7 +322,7 @@ USE_TOP(APPLET(top, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_TOUCH(APPLET_NOFORK(touch, touch, _BB_DIR_BIN, _BB_SUID_NEVER, touch)) USE_TR(APPLET(tr, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_TRACEROUTE(APPLET(traceroute, _BB_DIR_USR_BIN, _BB_SUID_MAYBE)) -USE_TRUE(APPLET(true, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_TRUE(APPLET_NOFORK(true, true, _BB_DIR_BIN, _BB_SUID_NEVER, true)) USE_TTY(APPLET(tty, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) //USE_TUNE2FS(APPLET(tune2fs, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_APP_UDHCPC(APPLET(udhcpc, _BB_DIR_SBIN, _BB_SUID_NEVER)) @@ -336,7 +336,7 @@ USE_UNIX2DOS(APPLET_ODDNAME(unix2dos, dos2unix, _BB_DIR_USR_BIN, _BB_SUID_NEVER, USE_UNLZMA(APPLET(unlzma, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_UNZIP(APPLET(unzip, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_UPTIME(APPLET(uptime, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_USLEEP(APPLET(usleep, _BB_DIR_BIN, _BB_SUID_NEVER)) +USE_USLEEP(APPLET_NOFORK(usleep, usleep, _BB_DIR_BIN, _BB_SUID_NEVER, usleep)) USE_UUDECODE(APPLET(uudecode, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_UUENCODE(APPLET(uuencode, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_VCONFIG(APPLET(vconfig, _BB_DIR_SBIN, _BB_SUID_NEVER)) @@ -348,9 +348,9 @@ USE_WC(APPLET(wc, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_WGET(APPLET(wget, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_WHICH(APPLET(which, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_WHO(APPLET(who, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) -USE_WHOAMI(APPLET(whoami, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_WHOAMI(APPLET_NOFORK(whoami, whoami, _BB_DIR_USR_BIN, _BB_SUID_NEVER, whoami)) USE_XARGS(APPLET_NOEXEC(xargs, xargs, _BB_DIR_USR_BIN, _BB_SUID_NEVER, xargs)) -USE_YES(APPLET(yes, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) +USE_YES(APPLET_NOFORK(yes, yes, _BB_DIR_USR_BIN, _BB_SUID_NEVER, yes)) USE_GUNZIP(APPLET_ODDNAME(zcat, gunzip, _BB_DIR_BIN, _BB_SUID_NEVER, zcat)) USE_ZCIP(APPLET(zcip, _BB_DIR_SBIN, _BB_SUID_NEVER)) diff --git a/libbb/copyfd.c b/libbb/copyfd.c index 805b80187..e0596d5f6 100644 --- a/libbb/copyfd.c +++ b/libbb/copyfd.c @@ -7,19 +7,15 @@ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. */ -#include -#include -#include -#include - #include "libbb.h" - #if BUFSIZ < 4096 #undef BUFSIZ #define BUFSIZ 4096 #endif +/* Used by NOFORK applets (e.g. cat) - must be very careful + * when calling xfuncs, allocating memory, with signals, termios, etc... */ static off_t bb_full_fd_action(int src_fd, int dst_fd, off_t size) { @@ -27,7 +23,8 @@ static off_t bb_full_fd_action(int src_fd, int dst_fd, off_t size) off_t total = 0; RESERVE_CONFIG_BUFFER(buffer, BUFSIZ); - if (src_fd < 0) goto out; + if (src_fd < 0) + goto out; if (!size) { size = BUFSIZ; diff --git a/libbb/fflush_stdout_and_exit.c b/libbb/fflush_stdout_and_exit.c index 6f44770c6..ae68222b4 100644 --- a/libbb/fflush_stdout_and_exit.c +++ b/libbb/fflush_stdout_and_exit.c @@ -13,6 +13,10 @@ #include "libbb.h" +// TODO: make it safe to call from NOFORK applets +// Currently, it can exit(0). Even if it is made to do longjmp trick +// (see sleep_and_die internals), zero cannot be passed thru this way! + void fflush_stdout_and_exit(int retval) { if (fflush(stdout)) diff --git a/libbb/make_directory.c b/libbb/make_directory.c index fbec4e20e..d540ad133 100644 --- a/libbb/make_directory.c +++ b/libbb/make_directory.c @@ -22,11 +22,10 @@ * val. Otherwise, pass -1 to get default permissions. */ -#include -#include -#include #include "libbb.h" +/* This function is used from NOFORK applets. It must not allocate anything */ + int bb_make_directory (char *path, long mode, int flags) { mode_t mask; diff --git a/libbb/parse_mode.c b/libbb/parse_mode.c index 3ab4eb6fc..a31bd4bfd 100644 --- a/libbb/parse_mode.c +++ b/libbb/parse_mode.c @@ -11,6 +11,8 @@ #include "libbb.h" +/* This function is used from NOFORK applets. It must not allocate anything */ + #define FILEMODEBITS (S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO) int bb_parse_mode(const char *s, mode_t *current_mode) diff --git a/libbb/remove_file.c b/libbb/remove_file.c index 3aaaef8c7..3edc91dae 100644 --- a/libbb/remove_file.c +++ b/libbb/remove_file.c @@ -9,6 +9,8 @@ #include "libbb.h" +/* Used from NOFORK applets. Must not allocate anything */ + int remove_file(const char *path, int flags) { struct stat path_stat; diff --git a/util-linux/hexdump.c b/util-linux/hexdump.c index cddd185e2..85a449038 100644 --- a/util-linux/hexdump.c +++ b/util-linux/hexdump.c @@ -9,10 +9,13 @@ * Licensed under GPLv2 or later, see file License in this tarball for details. */ -#include "busybox.h" #include +#include "busybox.h" #include "dump.h" +/* This is a NOEXEC applet. Be very careful! */ + + static void bb_dump_addfile(char *name) { char *p; @@ -45,10 +48,10 @@ static const char add_first[] = "\"%07.7_Ax\n\""; static const char hexdump_opts[] = "bcdoxCe:f:n:s:v"; static const struct suffix_mult suffixes[] = { - {"b", 512 }, - {"k", 1024 }, - {"m", 1024*1024 }, - {NULL, 0 } + { "b", 512 }, + { "k", 1024 }, + { "m", 1024*1024 }, + { NULL, 0 } }; int hexdump_main(int argc, char **argv);