Nadav Tasher wrote:
> static void
>-tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char
>**argv, char **envp)
>+tryexec(const char *cmd, char **argv, char **envp)
> {
> #if ENABLE_FEATURE_SH_STANDALONE
>- if (applet_no >= 0) {
>- if (APPLET_IS_NOEXEC(applet_no
On Wed, Jan 29, 2025 at 7:47 AM Nadav Tasher wrote:
>
> So, in summary, I need one of the following:
> 1. Guarentee that anything BB_EXECVPE does is not going to affect argv[],
> since some of them are defined as string literals, and those can be in
> .rodata.
> 2. Change all of the argv initiali
On Wed, Jan 29, 2025 at 04:58:59PM +0800, Kang-Che Sung wrote:
> On Wed, Jan 29, 2025 at 7:47 AM Nadav Tasher wrote:
> >
> > So, in summary, I need one of the following:
> > 1. Guarentee that anything BB_EXECVPE does is not going to affect argv[],
> > since some of them are defined as string liter
Report of the static analyzer:
DEREF_OF_NULL.RET.STAT Return value of a function 'strtok_r' is dereferenced at
dpkg.c:450 without checking for NULL, but it is usually checked for this
function (23/25).
Corrections explained:
1. Added a check `field2 != NULL` before calling `strcmp`
to prevent de
This matches the GNU tar behaviour. Usefull when something needs to be
tarball but shouldn't contain any files.
function old new delta
tar_main12721278 +6
--
Report of the static analyzer:
DEREF_OF_NULL.EX After having been assigned to a NULL value at dpkg.c:845,
pointer 'status_from_file' is dereferenced at dpkg.c:852 by calling function
'strcmp'.
Corrections explained:
1. Added a check `status_from_file != NULL` before calling `strcmp`
to prevent d
On Wed, Jan 29, 2025 at 09:14:59AM +, Ron Yorston wrote:
> Nadav Tasher wrote:
> > static void
> >-tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char
> >**argv, char **envp)
> >+tryexec(const char *cmd, char **argv, char **envp)
> > {
> > #if ENABLE_FEATURE_SH_STANDALONE
>
Having FEATURE_PREFER_APPLETS on while building individual
applets seems like a bad idea.
Applets would try to execute theirselves with different
argument if applets are prefered.
Signed-off-by: Nadav Tasher
---
Config.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/Config.in b/Config.in
This patch makes BB_EXECVPE the gateway to the exec syscall
family.
When called, it first looks for a matching applet, and
executes it directly of indirectly by re-executing busybox
binary. This feature takes NOEXEC definitions into account
by checking NOEXEC with the APPLET_IS_NOEXEC function.
W
Using BB_EXECVP ensures consistency with spawn() function,
and allows moving NOEXEC support to BB_EXECVP, which makes
BB_EXECVP to go-to function for running new processes.
Signed-off-by: Nadav Tasher
---
libbb/vfork_daemon_rexec.c | 25 +
1 file changed, 13 insertions(+)
Hi!
Thank you all for you thorough reviews.
This new revision of the patchset contains the following changes:
1. Some patch reordering
2. All calls to BB_EXECVP are now supposed to be safe*
3. Fixed some overlooked problems, like execv in httpd and popredir in ash.
I am keen to hear your opinion
This replaces all invocations of execs with BB_EXECVP(E).
It provides better control over executed programs and allows
all applets to seamlessly execute other applets instead of
just calling exec.
Signed-off-by: Nadav Tasher
---
console-tools/reset.c | 2 +-
debianutils/start_stop_dae
Implemented bb_system using spawn_and_wait in conjuction with "sh",
to allow bb_system to execute the internal shell when using the
FEATURE_PREFER_APPLETS config option.
When FEATURE_PREFER_APPLETS is disabled, libc "system()" is used.
Signed-off-by: Nadav Tasher
---
include/libbb.h
Allows for execution of the internal shell when the
FEATURE_PREFER_APPLETS configuration option is enabled..
Signed-off-by: Nadav Tasher
---
archival/dpkg.c | 2 +-
editors/awk.c | 2 +-
editors/vi.c | 2 +-
init/bootchartd.c | 2 +-
miscutils/man.c | 2 +-
netwo
This change makes the standalone shell use the BB_EXECVPE utility.
BB_EXECVPE calls BB_EXECVP which has NOEXEC and applets only logic.
This allows for better control of the executed processes.
Signed-off-by: Nadav Tasher
---
shell/ash.c | 66 ++---
Since httpd needs to execute a binary, we would not like
it to succeed when busybox is configured not to execute
external binaries.
Signed-off-by: Nadav Tasher
---
networking/httpd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/networking/httpd.c b/networking/httpd.c
index ddcb03bca..87
Using BB_EXECVP allows for more control over the compressor
program executed.
The xz compressor is disabled when applets are prefered,
since the xz applet does not support compression.
Signed-off-by: Nadav Tasher
---
archival/tar.c | 28 +++-
1 file changed, 23 insertion
Report of the static analyzer:
DEREF_OF_NULL.EX After having been assigned to a NULL value at securetty.c:17,
pointer 'buf' is dereferenced at securetty.c:15 by calling function 'strcmp'.
Corrections explained:
1. Added a check `buf != NULL` before calling `strcmp` to prevent
dereferencing a NULL
18 matches
Mail list logo
