From 5f265b755a92e7efdbd0d18694913209dfd9e055 Mon Sep 17 00:00:00 2001 From: Eric Andersen Date: Fri, 11 May 2001 16:58:46 +0000 Subject: [PATCH] Fix a segfault in lash, hush, and cmdedit. Each of these used xgetcwd, but did not check the return for a NULL, and then continued to call strlen on the NULL when the cwd had been removed from under it. -Erik --- Makefile | 2 +- cmdedit.c | 4 ++++ hush.c | 6 ++++++ include/libbb.h | 1 + lash.c | 9 +++++++-- libbb/libbb.h | 1 + libbb/messages.c | 3 +++ shell/cmdedit.c | 4 ++++ shell/hush.c | 6 ++++++ shell/lash.c | 9 +++++++-- 10 files changed, 40 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 7ab060f7c..cbaf05704 100644 --- a/Makefile +++ b/Makefile @@ -259,7 +259,7 @@ endif LIBBB_MSRC=libbb/messages.c LIBBB_MESSAGES= full_version name_too_long omitting_directory not_a_directory \ memory_exhausted invalid_date invalid_option io_error dash_dash_help \ -write_error too_few_args name_longer_than_foo +write_error too_few_args name_longer_than_foo unknown LIBBB_MOBJ=$(patsubst %,$(LIBBB)/%.o, $(LIBBB_MESSAGES)) diff --git a/cmdedit.c b/cmdedit.c index ce5450032..ec9939312 100644 --- a/cmdedit.c +++ b/cmdedit.c @@ -355,6 +355,10 @@ static void parse_prompt(const char *prmt_ptr) char c; char *pbuf; + if (!pwd_buf) { + pwd_buf=unknown; + } + while (*prmt_ptr) { pbuf = buf; pbuf[1] = 0; diff --git a/hush.c b/hush.c index abc8f6e60..9a2243a89 100644 --- a/hush.c +++ b/hush.c @@ -429,6 +429,8 @@ static int builtin_cd(struct child_prog *child) return EXIT_FAILURE; } cwd = xgetcwd(cwd); + if (!cwd) + cwd = unknown; return EXIT_SUCCESS; } @@ -568,6 +570,8 @@ static int builtin_jobs(struct child_prog *child) static int builtin_pwd(struct child_prog *dummy) { cwd = xgetcwd(cwd); + if (!cwd) + cwd = unknown; puts(cwd); return EXIT_SUCCESS; } @@ -2307,6 +2311,8 @@ int shell_main(int argc, char **argv) /* initialize the cwd -- this is never freed...*/ cwd = xgetcwd(0); + if (!cwd) + cwd = unknown; #ifdef BB_FEATURE_COMMAND_EDITING cmdedit_set_initial_prompt(); #else diff --git a/include/libbb.h b/include/libbb.h index 21af5688a..fde58b0a6 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -282,5 +282,6 @@ extern const char * const dash_dash_help; extern const char * const write_error; extern const char * const too_few_args; extern const char * const name_longer_than_foo; +extern const char * const unknown; #endif /* __LIBBB_H__ */ diff --git a/lash.c b/lash.c index 1d128355c..0129d6c02 100644 --- a/lash.c +++ b/lash.c @@ -297,7 +297,8 @@ static int builtin_cd(struct child_prog *child) return EXIT_FAILURE; } cwd = xgetcwd(cwd); - + if (!cwd) + cwd = unknown; return EXIT_SUCCESS; } @@ -412,6 +413,9 @@ static int builtin_jobs(struct child_prog *child) /* built-in 'pwd' handler */ static int builtin_pwd(struct child_prog *dummy) { + cwd = xgetcwd(cwd); + if (!cwd) + cwd = unknown; printf( "%s\n", cwd); return EXIT_SUCCESS; } @@ -1827,7 +1831,6 @@ void free_memory(void) { if (cwd) { free(cwd); - cwd = NULL; } if (local_pending_command) free(local_pending_command); @@ -1919,6 +1922,8 @@ int shell_main(int argc_l, char **argv_l) /* initialize the cwd -- this is never freed...*/ cwd = xgetcwd(0); + if (!cwd) + cwd = unknown; #ifdef BB_FEATURE_CLEAN_UP atexit(free_memory); diff --git a/libbb/libbb.h b/libbb/libbb.h index 21af5688a..fde58b0a6 100644 --- a/libbb/libbb.h +++ b/libbb/libbb.h @@ -282,5 +282,6 @@ extern const char * const dash_dash_help; extern const char * const write_error; extern const char * const too_few_args; extern const char * const name_longer_than_foo; +extern const char * const unknown; #endif /* __LIBBB_H__ */ diff --git a/libbb/messages.c b/libbb/messages.c index 99c2bc9d5..910cb8fa2 100644 --- a/libbb/messages.c +++ b/libbb/messages.c @@ -58,4 +58,7 @@ #ifdef L_name_longer_than_foo const char * const name_longer_than_foo = "Names longer than %d chars not supported."; #endif +#ifdef L_unknown + const char * const unknown = "(unknown)"; +#endif diff --git a/shell/cmdedit.c b/shell/cmdedit.c index ce5450032..ec9939312 100644 --- a/shell/cmdedit.c +++ b/shell/cmdedit.c @@ -355,6 +355,10 @@ static void parse_prompt(const char *prmt_ptr) char c; char *pbuf; + if (!pwd_buf) { + pwd_buf=unknown; + } + while (*prmt_ptr) { pbuf = buf; pbuf[1] = 0; diff --git a/shell/hush.c b/shell/hush.c index abc8f6e60..9a2243a89 100644 --- a/shell/hush.c +++ b/shell/hush.c @@ -429,6 +429,8 @@ static int builtin_cd(struct child_prog *child) return EXIT_FAILURE; } cwd = xgetcwd(cwd); + if (!cwd) + cwd = unknown; return EXIT_SUCCESS; } @@ -568,6 +570,8 @@ static int builtin_jobs(struct child_prog *child) static int builtin_pwd(struct child_prog *dummy) { cwd = xgetcwd(cwd); + if (!cwd) + cwd = unknown; puts(cwd); return EXIT_SUCCESS; } @@ -2307,6 +2311,8 @@ int shell_main(int argc, char **argv) /* initialize the cwd -- this is never freed...*/ cwd = xgetcwd(0); + if (!cwd) + cwd = unknown; #ifdef BB_FEATURE_COMMAND_EDITING cmdedit_set_initial_prompt(); #else diff --git a/shell/lash.c b/shell/lash.c index 1d128355c..0129d6c02 100644 --- a/shell/lash.c +++ b/shell/lash.c @@ -297,7 +297,8 @@ static int builtin_cd(struct child_prog *child) return EXIT_FAILURE; } cwd = xgetcwd(cwd); - + if (!cwd) + cwd = unknown; return EXIT_SUCCESS; } @@ -412,6 +413,9 @@ static int builtin_jobs(struct child_prog *child) /* built-in 'pwd' handler */ static int builtin_pwd(struct child_prog *dummy) { + cwd = xgetcwd(cwd); + if (!cwd) + cwd = unknown; printf( "%s\n", cwd); return EXIT_SUCCESS; } @@ -1827,7 +1831,6 @@ void free_memory(void) { if (cwd) { free(cwd); - cwd = NULL; } if (local_pending_command) free(local_pending_command); @@ -1919,6 +1922,8 @@ int shell_main(int argc_l, char **argv_l) /* initialize the cwd -- this is never freed...*/ cwd = xgetcwd(0); + if (!cwd) + cwd = unknown; #ifdef BB_FEATURE_CLEAN_UP atexit(free_memory); -- 2.25.1