Re: umask builtin

[kalle]

Am 08.11.2017 um 16:36 schrieb Eduardo Bustamante:
> On Wed, Nov 8, 2017 at 10:06 AM, kalle  wrote:
> [...]
>>> From umask(1p):
>>>   For a symbolic_mode value, the new value of the file mode creation mask
>>>   shall be the logical complement of the file permission bits portion  of
>>>   the file mode specified by the symbolic_mode string.
>>
>> This sentence is inacceptably complicate. Furthermore, it is not clear
>> which symbolic mode string is meant at the end of the sentence, but I
>> suppose it has been written by you to undermine the given facts.
> 
> Eh, what?

sorry, this was really a wrong formulation - I meant "it has been cited
by you as an argument for the status quo"

Re: umask builtin

[kalle]

> I linked the POSIX standard document in my reply. Here it is
> again: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/umask.html
> 
> That is how the standard specifies the behavior of the umask builtin.
> If your question
> is "why is it shown in that way", then the answer is: "because that's
> what the standard
> says". If you're not happy with the standard, you can go and ask the
> Austin Group
> about it.
> 

I see. This is the wrong place for this debate.

double free corruption bash 4.2.53(1)-release

[evil]

Hi all,

I found a bug in bash 4.2.48+ (doesn't seem to effect bash 4.3)

: 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from bash...(no debugging symbols found)...done.
(gdb) set args crash.sh
(gdb) r
Starting program: /bin/bash crash.sh
4.2.53(1)-release
\u200B
  5c 75 32 30 30 42 0a  |\u200B.|
0007
*** Error in `/bin/bash': double free or corruption (out):
0x02db0d30 ***
=== Backtrace: =
/lib64/libc.so.6(+0x73927)[0x3fff73de927]
/lib64/libc.so.6(+0x7994f)[0x3fff73e494f]
/lib64/libc.so.6(+0x7a1be)[0x3fff73e51be]
/bin/bash(echo_builtin+0x1c6)[0x2b4e7c6]
/bin/bash(+0x3b44d)[0x2ae544d]
/bin/bash(+0x430cb)[0x2aed0cb]
/bin/bash(+0x3d85c)[0x2ae785c]
/bin/bash(+0x3f301)[0x2ae9301]
/bin/bash(+0x42200)[0x2aec200]
/bin/bash(+0x407f9)[0x2aea7f9]
/bin/bash(+0x3f585)[0x2ae9585]
/bin/bash(execute_command+0xd8)[0x2aeb618]
/bin/bash(reader_loop+0x1cb)[0x2ac990b]
/bin/bash(main+0x1031)[0x2ac7c31]
/lib64/libc.so.6(__libc_start_main+0x114)[0x3fff738b8a4]
/bin/bash(_start+0x29)[0x2ac8539]
=== Memory map: 
2aaa000-2b9e000 r-xp  08:06 97  
/bin/bash
2d9d000-2da r--p 000f3000 08:06 97  
/bin/bash
2da-2da4000 rw-p 000f6000 08:06 97  
/bin/bash
2da4000-2dc8000 rw-p  00:00 0   
[heap]
3fff000-3fff0021000 rw-p  00:00 0
3fff0021000-3fff400 ---p  00:00 0
3fff7154000-3fff716a000 r-xp  08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff716a000-3fff7369000 ---p 00016000 08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff7369000-3fff736a000 r--p 00015000 08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff736a000-3fff736b000 rw-p 00016000 08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff736b000-3fff7508000 r-xp  08:03 444005  
/lib64/libc-2.23.so
3fff7508000-3fff7708000 ---p 0019d000 08:03 444005  
/lib64/libc-2.23.so
3fff7708000-3fff770c000 r--p 0019d000 08:03 444005  
/lib64/libc-2.23.so
3fff770c000-3fff770e000 rw-p 001a1000 08:03 444005  
/lib64/libc-2.23.so
3fff770e000-3fff7713000 rw-p  00:00 0
3fff7713000-3fff7715000 r-xp  08:03 444001  
/lib64/libdl-2.23.so
3fff7715000-3fff7915000 ---p 2000 08:03 444001  
/lib64/libdl-2.23.so
3fff7915000-3fff7916000 r--p 2000 08:03 444001  
/lib64/libdl-2.23.so
3fff7916000-3fff7917000 rw-p 3000 08:03 444001  
/lib64/libdl-2.23.so
3fff7917000-3fff797c000 r-xp  08:03 410922  
/lib64/libncurses.so.5.9
3fff797c000-3fff7b7c000 ---p 00065000 08:03 410922  
/lib64/libncurses.so.5.9
3fff7b7c000-3fff7b8 r--p 00065000 08:03 410922  
/lib64/libncurses.so.5.9
3fff7b8-3fff7b81000 rw-p 00069000 08:03 410922  
/lib64/libncurses.so.5.9
3fff7b81000-3fff7bce000 r-xp  08:03 471554  
/lib64/libreadline.so.7.0
3fff7bce000-3fff7dcd000 ---p 0004d000 08:03 471554  
/lib64/libreadline.so.7.0
3fff7dcd000-3fff7dd r--p 0004c000 08:03 471554  
/lib64/libreadline.so.7.0
3fff7dd-3fff7dd6000 rw-p 0004f000 08:03 471554  
/lib64/libreadline.so.7.0
3fff7dd6000-3fff7dd8000 rw-p  00:00 0
3fff7dd8000-3fff7dfd000 r-xp  08:03 444004  
/lib64/ld-2.23.so
3fff7fd6000-3fff7fda000 rw-p  00:00 0
3fff7ff9000-3fff7ffa000 rw-p  00:00 0
3fff7ffa000-3fff7ffb000 rw-p  00:00 0
3fff7ffb000-3fff7ffc000 r-xp  00:00 0   
[vdso]
3fff7ffc000-3fff7ffd000 r--p 00024000 08:03 444004  
/lib64/ld-2.23.so
3fff7ffd000-3fff7ffe000 rw-p 00025000 08:03 444004  
/lib64/ld-2.23.so
3fff7ffe000-3fff7fff000 rw-p  00:00 0
3fde000-3fff000 rw-p  00:00 0   
[stack]
ff60-ff601000 r--p  00:00 0 
[vsyscall]
[Inferior 1 (process 3271) exited normally]
(gdb)

Let 

Re: double free corruption bash 4.2.53(1)-release

[evil]

Went ahead and compiled libc and bash with debug symbols.  I can't seem to
trigger it when I am actually IN an interactive shell (e.g. having a pts
allocated to myself), but it still triggers with the shell script.

ifrit crash # gdb /bin/bash
GNU gdb (Gentoo 7.10.1 vanilla) 7.10.1
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /bin/bash...Reading symbols from
/usr/lib64/debug//bin/bash-4.2.debug...done.
done.
(gdb) set args crash.sh
(gdb) r
Starting program: /bin/bash crash.sh
4.2.53(1)-release
\u200B
  5c 75 32 30 30 42 0a  |\u200B.|
0007
*** Error in `/bin/bash': double free or corruption (out):
0x02dafad0 ***
=== Backtrace: =
/lib64/libc.so.6(+0x73867)[0x3fff73de867]
/lib64/libc.so.6(+0x7988f)[0x3fff73e488f]
/lib64/libc.so.6(+0x7a0fe)[0x3fff73e50fe]
/bin/bash(echo_builtin+0x1c6)[0x2b4e7c6]
/bin/bash(+0x3b44d)[0x2ae544d]
/bin/bash(+0x430cb)[0x2aed0cb]
/bin/bash(+0x3d85c)[0x2ae785c]
/bin/bash(+0x3f301)[0x2ae9301]
/bin/bash(+0x42200)[0x2aec200]
/bin/bash(+0x407f9)[0x2aea7f9]
/bin/bash(+0x3f585)[0x2ae9585]
/bin/bash(execute_command+0xd8)[0x2aeb618]
/bin/bash(reader_loop+0x1cb)[0x2ac990b]
/bin/bash(main+0x1031)[0x2ac7c31]
/lib64/libc.so.6(__libc_start_main+0x114)[0x3fff738b7e4]
/bin/bash(_start+0x29)[0x2ac8539]
=== Memory map: 
2aaa000-2b9e000 r-xp  08:06 122 
/bin/bash
2d9d000-2da r--p 000f3000 08:06 122 
/bin/bash
2da-2da4000 rw-p 000f6000 08:06 122 
/bin/bash
2da4000-2dc8000 rw-p  00:00 0   
[heap]
3fff000-3fff0021000 rw-p  00:00 0
3fff0021000-3fff400 ---p  00:00 0
3fff7154000-3fff716a000 r-xp  08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff716a000-3fff7369000 ---p 00016000 08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff7369000-3fff736a000 r--p 00015000 08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff736a000-3fff736b000 rw-p 00016000 08:03 520297  
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.9.3/libgcc_s.so.1
3fff736b000-3fff7508000 r-xp  08:03 444003  
/lib64/libc-2.23.so
3fff7508000-3fff7708000 ---p 0019d000 08:03 444003  
/lib64/libc-2.23.so
3fff7708000-3fff770c000 r--p 0019d000 08:03 444003  
/lib64/libc-2.23.so
3fff770c000-3fff770e000 rw-p 001a1000 08:03 444003  
/lib64/libc-2.23.so
3fff770e000-3fff7713000 rw-p  00:00 0
3fff7713000-3fff7715000 r-xp  08:03 444000  
/lib64/libdl-2.23.so
3fff7715000-3fff7915000 ---p 2000 08:03 444000  
/lib64/libdl-2.23.so
3fff7915000-3fff7916000 r--p 2000 08:03 444000  
/lib64/libdl-2.23.so
3fff7916000-3fff7917000 rw-p 3000 08:03 444000  
/lib64/libdl-2.23.so
3fff7917000-3fff797c000 r-xp  08:03 410922  
/lib64/libncurses.so.5.9
3fff797c000-3fff7b7c000 ---p 00065000 08:03 410922  
/lib64/libncurses.so.5.9
3fff7b7c000-3fff7b8 r--p 00065000 08:03 410922  
/lib64/libncurses.so.5.9
3fff7b8-3fff7b81000 rw-p 00069000 08:03 410922  
/lib64/libncurses.so.5.9
3fff7b81000-3fff7bce000 r-xp  08:03 471554  
/lib64/libreadline.so.7.0
3fff7bce000-3fff7dcd000 ---p 0004d000 08:03 471554  
/lib64/libreadline.so.7.0
3fff7dcd000-3fff7dd r--p 0004c000 08:03 471554  
/lib64/libreadline.so.7.0
3fff7dd-3fff7dd6000 rw-p 0004f000 08:03 471554  
/lib64/libreadline.so.7.0
3fff7dd6000-3fff7dd8000 rw-p  00:00 0
3fff7dd8000-3fff7dfd000 r-xp  08:03 40  
/lib64/ld-2.23.so
3fff7fd6000-3fff7fda000 rw-p  00:00 0
3fff7ff9000-3fff7ffa000 rw-p  00:00 0
3fff7ffa000-3fff7ffb000 rw-p  00:00 0
3fff7ffb000-3fff7ffc000 r-xp  00:00 0   
[vdso]
3fff7ffc000-3fff7ffd000 r--p 00024000 08:03 40  
/lib64/ld-2.23.so
3fff7ffd000-3fff7

Re: double free corruption bash 4.2.53(1)-release

[Chet Ramey]

On 11/9/17 11:19 AM, e...@onlythechosen.com wrote:
> Hi all,
> 
> I found a bug in bash 4.2.48+ (doesn't seem to effect bash 4.3)

Thanks for the report. A couple things: I no longer support bash-4.2.
If this is fixed in bash-4.3, it's been fixed for almost four years in
an official release (and longer than that in a development branch).
Second, just for grins, I ran your script against bash-4.2.53 on RHEL6,
and didn't get a crash.

Chet

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://cnswww.cns.cwru.edu/~chet/

Re: double free corruption bash 4.2.53(1)-release

[evil]

Thanks for at least trying.  I haven't found anyone else that has been
able to replicate it either, this would be a huge pain to chase down for
me.  I'm able to replicate it 100% of the time on my system.  So if anyone
IS interested in trying please contact me and I will give them a shell
account to help me figure out what is wrong.  The new version of bash
doesn't seem to let me echo unicode properly, so I would be greatly
interested in figuring out what is wrong.  Or for some guidance on fixing
that.

# uname -a;/lib64/libc.so.6;lsb_release -a
Linux ifrit 3.2.35-hardened-unicorn #7 SMP PREEMPT Fri Jun 28 02:48:14 CDT
2013 x86_64 Intel(R) Xeon(R) CPU X3220 @ 2.40GHz GenuineIntel GNU/Linux
GNU C Library (Gentoo 2.23-r4 p8) stable release version 2.23, by Roland
McGrath et al.
Copyright (C) 2016 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 4.9.3.
Available extensions:
C stubs add-on version 2.1.2
crypt add-on version 2.1 by Michael Glad and others
GNU Libidn by Simon Josefsson
Native POSIX Threads Library by Ulrich Drepper et al
BIND-8.2.3-T5B
libc ABIs: UNIQUE IFUNC
For bug reporting instructions, please see:
.
LSB Version:n/a
Distributor ID: Gentoo
Description:NAME=Gentoo
Release:n/a
Codename:   n/a




> On 11/9/17 11:19 AM, e...@onlythechosen.com wrote:
>> Hi all,
>>
>> I found a bug in bash 4.2.48+ (doesn't seem to effect bash 4.3)
>
> Thanks for the report. A couple things: I no longer support bash-4.2.
> If this is fixed in bash-4.3, it's been fixed for almost four years in
> an official release (and longer than that in a development branch).
> Second, just for grins, I ran your script against bash-4.2.53 on RHEL6,
> and didn't get a crash.
>
> Chet
>
> --
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
>``Ars longa, vita brevis'' - Hippocrates
> Chet Ramey, UTech, CWRUc...@case.edu
> http://cnswww.cns.cwru.edu/~chet/
>

Re: double free corruption bash 4.2.53(1)-release

[Chet Ramey]

On 11/9/17 4:16 PM, e...@onlythechosen.com wrote:
> The new version of bash
> doesn't seem to let me echo unicode properly, so I would be greatly
> interested in figuring out what is wrong.  

Which new version of bash, exactly? And what kind of problems?


-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRUc...@case.eduhttp://cnswww.cns.cwru.edu/~chet/

Re: double free corruption bash 4.2.53(1)-release

[evil]

Oddly enough it seems to have resolved itself after my libc recompile with
debug symbols.
ifrit ~ # echo $BASH_VERSION
4.3.48(1)-release

Before the libc recompile with debug symbols regardless of locale, the
printf builtin was just printing "\u200b\n"

as "\u200B"


The problem seems to have resolved itself now though so please disregard,
apologies for wasting everyone's time.


ifrit ~ # echo $BASH_VERSION
4.3.48(1)-release
ifrit ~ # printf "\u30b7\n"
シ
ifrit ~ # printf "\u200b\n"




> On 11/9/17 4:16 PM, e...@onlythechosen.com wrote:
>> The new version of bash
>> doesn't seem to let me echo unicode properly, so I would be greatly
>> interested in figuring out what is wrong.
>
> Which new version of bash, exactly? And what kind of problems?
>
>
> --
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
>``Ars longa, vita brevis'' - Hippocrates
> Chet Ramey, UTech, CWRUc...@case.edu
> http://cnswww.cns.cwru.edu/~chet/
>