1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
From 56a335378ac100d51c30b21eee499a2effa37fba Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Tue, 15 Jun 2021 16:05:57 +0200
Subject: hush: fix handling of \^C and "^C"
function old new delta
parse_stream 2238 2252 +14
encode_string 243 256 +13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 27/0) Total: 27 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
(cherry picked from commit 1b7a9b68d0e9aa19147d7fda16eb9a6b54156985)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
CVE: CVE-2021-42376
Upstream-Status: Backport [https://git.busybox.net/busybox/patch/?id=56a335378ac100d51c30b21eee499a2effa37fba]
Comment: No changes in any hunk
---
shell/ash_test/ash-misc/control_char3.right | 1 +
shell/ash_test/ash-misc/control_char3.tests | 2 ++
shell/ash_test/ash-misc/control_char4.right | 1 +
shell/ash_test/ash-misc/control_char4.tests | 2 ++
shell/hush.c | 11 +++++++++++
shell/hush_test/hush-misc/control_char3.right | 1 +
shell/hush_test/hush-misc/control_char3.tests | 2 ++
shell/hush_test/hush-misc/control_char4.right | 1 +
shell/hush_test/hush-misc/control_char4.tests | 2 ++
9 files changed, 23 insertions(+)
create mode 100644 shell/ash_test/ash-misc/control_char3.right
create mode 100755 shell/ash_test/ash-misc/control_char3.tests
create mode 100644 shell/ash_test/ash-misc/control_char4.right
create mode 100755 shell/ash_test/ash-misc/control_char4.tests
create mode 100644 shell/hush_test/hush-misc/control_char3.right
create mode 100755 shell/hush_test/hush-misc/control_char3.tests
create mode 100644 shell/hush_test/hush-misc/control_char4.right
create mode 100755 shell/hush_test/hush-misc/control_char4.tests
diff --git a/shell/ash_test/ash-misc/control_char3.right b/shell/ash_test/ash-misc/control_char3.right
new file mode 100644
index 000000000..283e02cbb
--- /dev/null
+++ b/shell/ash_test/ash-misc/control_char3.right
@@ -0,0 +1 @@
+SHELL: line 1: �: not found
diff --git a/shell/ash_test/ash-misc/control_char3.tests b/shell/ash_test/ash-misc/control_char3.tests
new file mode 100755
index 000000000..4359db3f3
--- /dev/null
+++ b/shell/ash_test/ash-misc/control_char3.tests
@@ -0,0 +1,2 @@
+# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages)
+$THIS_SH -c '\�' SHELL
diff --git a/shell/ash_test/ash-misc/control_char4.right b/shell/ash_test/ash-misc/control_char4.right
new file mode 100644
index 000000000..2bf18e684
--- /dev/null
+++ b/shell/ash_test/ash-misc/control_char4.right
@@ -0,0 +1 @@
+SHELL: line 1: ����-�: not found
diff --git a/shell/ash_test/ash-misc/control_char4.tests b/shell/ash_test/ash-misc/control_char4.tests
new file mode 100755
index 000000000..48010f154
--- /dev/null
+++ b/shell/ash_test/ash-misc/control_char4.tests
@@ -0,0 +1,2 @@
+# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages)
+$THIS_SH -c '"����-�"' SHELL
diff --git a/shell/hush.c b/shell/hush.c
index 9fead37da..249728b9d 100644
--- a/shell/hush.c
+++ b/shell/hush.c
@@ -5235,6 +5235,11 @@ static int encode_string(o_string *as_string,
}
#endif
o_addQchr(dest, ch);
+ if (ch == SPECIAL_VAR_SYMBOL) {
+ /* Convert "^C" to corresponding special variable reference */
+ o_addchr(dest, SPECIAL_VAR_QUOTED_SVS);
+ o_addchr(dest, SPECIAL_VAR_SYMBOL);
+ }
goto again;
#undef as_string
}
@@ -5346,6 +5351,11 @@ static struct pipe *parse_stream(char **pstring,
if (ch == '\n')
continue; /* drop \<newline>, get next char */
nommu_addchr(&ctx.as_string, '\\');
+ if (ch == SPECIAL_VAR_SYMBOL) {
+ nommu_addchr(&ctx.as_string, ch);
+ /* Convert \^C to corresponding special variable reference */
+ goto case_SPECIAL_VAR_SYMBOL;
+ }
o_addchr(&ctx.word, '\\');
if (ch == EOF) {
/* Testcase: eval 'echo Ok\' */
@@ -5670,6 +5680,7 @@ static struct pipe *parse_stream(char **pstring,
/* Note: nommu_addchr(&ctx.as_string, ch) is already done */
switch (ch) {
+ case_SPECIAL_VAR_SYMBOL:
case SPECIAL_VAR_SYMBOL:
/* Convert raw ^C to corresponding special variable reference */
o_addchr(&ctx.word, SPECIAL_VAR_SYMBOL);
diff --git a/shell/hush_test/hush-misc/control_char3.right b/shell/hush_test/hush-misc/control_char3.right
new file mode 100644
index 000000000..94b4f8699
--- /dev/null
+++ b/shell/hush_test/hush-misc/control_char3.right
@@ -0,0 +1 @@
+hush: can't execute '�': No such file or directory
diff --git a/shell/hush_test/hush-misc/control_char3.tests b/shell/hush_test/hush-misc/control_char3.tests
new file mode 100755
index 000000000..4359db3f3
--- /dev/null
+++ b/shell/hush_test/hush-misc/control_char3.tests
@@ -0,0 +1,2 @@
+# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages)
+$THIS_SH -c '\�' SHELL
diff --git a/shell/hush_test/hush-misc/control_char4.right b/shell/hush_test/hush-misc/control_char4.right
new file mode 100644
index 000000000..698e21427
--- /dev/null
+++ b/shell/hush_test/hush-misc/control_char4.right
@@ -0,0 +1 @@
+hush: can't execute '����-�': No such file or directory
diff --git a/shell/hush_test/hush-misc/control_char4.tests b/shell/hush_test/hush-misc/control_char4.tests
new file mode 100755
index 000000000..48010f154
--- /dev/null
+++ b/shell/hush_test/hush-misc/control_char4.tests
@@ -0,0 +1,2 @@
+# (set argv0 to "SHELL" to avoid "/path/to/shell: blah" in error messages)
+$THIS_SH -c '"����-�"' SHELL
--
cgit v1.2.3
|
