strcpy of overlapping memory ranges in prompt expansion
Configuration Information [Automatically generated, do not change]: Machine: i386 OS: darwin13.0.0 Compiler: gcc Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='i386' -DCONF_OSTYPE='darwin13.0.0' -DCONF_MACHTYPE='i386-apple-darwin13.0.0' -DCONF_VENDOR='apple' -DLOCALEDIR='/usr/local/share/locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H -DMACOSX -I. -I. -I./include -I./lib -I./lib/intl -I/Users/simon/src/bash-4.2/lib/intl -g -O2 uname output: Darwin darnassus 13.0.0 Darwin Kernel Version 13.0.0: Wed Jun 19 17:59:46 PDT 2013; root:xnu-2422.1.26.0.1~2/RELEASE_X86_64 x86_64 Machine Type: i386-apple-darwin13.0.0 Bash Version: 4.2 Patch Level: 45 Release Status: release Description: When using \w in the prompt and changing the directory outside of HOME bash crashes with an abort trap. strcpy(3) say src and dst must not overlap. OS X 10.9 checks that on runtime and forcefully aborts your code if they do. Repeat-By: PS1="\w" cd / bash exists with an abort trap. Fix: Assign the return value from polite_directory_format to a temporary value. If the pointers are different and only then do a strcpy --- parse.y.orig2013-07-03 22:00:42.0 +0200 +++ parse.y 2013-07-03 22:02:23.0 +0200 @@ -5262,7 +5262,12 @@ else /* polite_directory_format is guaranteed to return a string no longer than PATH_MAX - 1 characters. */ - strcpy (t_string, polite_directory_format (t_string)); + /* polite_directory_format might simply return the pointer to t_string + strcpy(3) tells dst and src may not overlap, OS X 10.9 asserts this and + triggers an abort trap if that's the case */ + temp = polite_directory_format (t_string); + if (temp != t_string) + strcpy (t_string, temp); temp = trim_pathname (t_string, PATH_MAX - 1); /* If we're going to be expanding the prompt string later,
Gegen das Vergessen
In den fruehen Abendstunden des 13. Februar 1945 gegen 21:41 Uhr heulten die Sirenen der Lazarettstadt Dresden das erste mal auf. Die Bewohner der Elbmetropole machten sich zu der Zeit noch keine Sorgen, da Dresden als Stadt ohne Bewaffnung und ohne militaerischen Nutzen bekannt war und von ca. 1,2 Millionen Frauen, Kindern und Greisen bewohnt wurde. Gegen 22:09 Uhr gab der Rundfunk durch, daß die alliierten Bomberverbaende ihren Kurs geaendert haben und nun auf Dresden zufliegen. Kurz darauf befanden sich 244 britische Bomber am Himmel der deutschen Kulturstadt. Drei Stunden nach dieser ersten Angriffswelle - es befanden sich bereits alle verfuegbaren Rettungsmannschaften, Sanitaeter und Feuerwehmaenner in Dresden - verdunkelten weitere 500 Bomber den Himmel. Am naechsten Tag folgte die letzte Angriffswelle mit erneut 300 US-B-17-Bombern. Zwischen 12:12 Uhr und 12:21 Uhr warfen diese 783 Tonnen Bomben ab. - Das entspricht mehr als 85 Tonnen pro Minute. Nach dem Abwerfen setzten die US-Bomber zum Tiefflug an und beschossen Fluechtende mit ihren Bordwaffen. In diesen drei Angriffsschlaegen, die insgesamt 14 Stunden andauerten, warfen die "Befreier" 650.000 Brandbomben und 200.000 Sprengbomben ab, welche einen Feuersturm von ueber 1000 Grad in der Stadt erzeugten. Obwohl Dresden weder Flugabwehr, noch Ruestungsindustrie oder aehnliche kriegswichtige Ziele besass wurden weit mehr als 350.000 unschuldige deutsche Zivilisten in diesen zwei Tagen kaltbluetig ermordet. Keiner der schuldigen Alliierten wurde jemals fuer dieses brutale Kriegsverbrechen auch nur angeklagt und die Massenmedien und die bundesdeutsche Regierung schweigen diese Taten tot und sehen es nicht als noetig an den Opfern zu gedenken.! ___ Bug-bash mailing list Bug-bash@gnu.org http://lists.gnu.org/mailman/listinfo/bug-bash
Re: Bash-4.3-beta2 available for FTP
On Tue, Oct 15, 2013 at 10:44 PM, Joshuah Hurst wrote: > On Tue, Oct 15, 2013 at 10:36 PM, Chet Ramey wrote: >> On 10/15/13 4:27 PM, Joshuah Hurst wrote: >> >>>>> What happened to the patch for cd -@ to handle NFSv4+Windows alternate >>>>> streams? ksh93 already has this feature since quite some time and >>>>> they're now even extending support even further to the builtin POSIX >>>>> commands... >> >> I have not added it to bash yet. > > How long does it take? > >> >>>> >>>> Do you mean cd -@ as this one in ksh? >>>> - - - - - - - - >>>> -@ Change into the hidden attribute directory of directory >>>> which >>>> may also be a file. CDPATH is ignored. Hidden attribute >>>> directories are file system and operating system >>>> specific. >>>> - - - - - - - - >>>> >>>> That would be great. Where's the patch? >>> >>> Just to be sure, this does use the extended attributes with O_XATTR, right? >> >> Yes, Cedric's patch uses O_XATTR. > > *Great*! :) > > Chester/Cedric: Can you send the patch around so we can ask the Debian > GNU/kOpenSolaris, Solaris and Illumos folks to integrate the patch in > their next bash patch update, please? I'm interested in the patch if cd -@ file works like in ksh. Or whatever, just send the patch that I can test it. Thank you. Simon
Re: Bash-4.3-beta2 available for FTP
On Thu, Oct 17, 2013 at 2:30 PM, Simon Toedt wrote: > On Tue, Oct 15, 2013 at 10:44 PM, Joshuah Hurst wrote: >> On Tue, Oct 15, 2013 at 10:36 PM, Chet Ramey wrote: >>> On 10/15/13 4:27 PM, Joshuah Hurst wrote: >>> >>>>>> What happened to the patch for cd -@ to handle NFSv4+Windows alternate >>>>>> streams? ksh93 already has this feature since quite some time and >>>>>> they're now even extending support even further to the builtin POSIX >>>>>> commands... >>> >>> I have not added it to bash yet. >> >> How long does it take? >> >>> >>>>> >>>>> Do you mean cd -@ as this one in ksh? >>>>> - - - - - - - - >>>>> -@ Change into the hidden attribute directory of directory >>>>> which >>>>> may also be a file. CDPATH is ignored. Hidden attribute >>>>> directories are file system and operating system >>>>> specific. >>>>> - - - - - - - - >>>>> >>>>> That would be great. Where's the patch? >>>> >>>> Just to be sure, this does use the extended attributes with O_XATTR, right? >>> >>> Yes, Cedric's patch uses O_XATTR. >> >> *Great*! :) >> >> Chester/Cedric: Can you send the patch around so we can ask the Debian >> GNU/kOpenSolaris, Solaris and Illumos folks to integrate the patch in >> their next bash patch update, please? > > I'm interested in the patch if cd -@ file works like in ksh. Or > whatever, just send the patch that I can test it. > > Thank you. Again. Any patch or git pull tarball which we could try? Simon
Re: Bash-4.3-beta2 available for FTP
On Tue, Nov 5, 2013 at 10:56 PM, Chet Ramey wrote: >> > I'm interested in the patch if cd -@ file works like in ksh. Or >> > whatever, just send the patch that I can test it. >> > >> > Thank you. >> >> Again. Any patch or git pull tarball which we could try? > > The cd -@ option is available in the `devel' branch of the git tree on > savannah: > > http://git.savannah.gnu.org/cgit/bash.git/?h=devel > > It first appears in the bash-20131025 snapshot. Thank you. But, it does not build. Is that a known problem? Simon
Re: Bash-4.3-beta2 available for FTP
On Thu, Nov 7, 2013 at 12:21 PM, Simon Toedt wrote: > On Tue, Nov 5, 2013 at 10:56 PM, Chet Ramey wrote: >>> > I'm interested in the patch if cd -@ file works like in ksh. Or >>> > whatever, just send the patch that I can test it. >>> > >>> > Thank you. >>> >>> Again. Any patch or git pull tarball which we could try? >> >> The cd -@ option is available in the `devel' branch of the git tree on >> savannah: >> >> http://git.savannah.gnu.org/cgit/bash.git/?h=devel >> >> It first appears in the bash-20131025 snapshot. > > Thank you. But, it does not build. Is that a known problem? Never mind. Lionel's patch fixes the problem. Thank you both! Simon
Re: Bash-4.3-beta2 available for FTP
On Thu, Nov 7, 2013 at 3:10 PM, Chet Ramey wrote: > On 11/7/13 6:21 AM, Simon Toedt wrote: >> On Tue, Nov 5, 2013 at 10:56 PM, Chet Ramey wrote: >>>>> I'm interested in the patch if cd -@ file works like in ksh. Or >>>>> whatever, just send the patch that I can test it. >>>>> >>>>> Thank you. >>>> >>>> Again. Any patch or git pull tarball which we could try? >>> >>> The cd -@ option is available in the `devel' branch of the git tree on >>> savannah: >>> >>> http://git.savannah.gnu.org/cgit/bash.git/?h=devel >>> >>> It first appears in the bash-20131025 snapshot. >> >> Thank you. But, it does not build. Is that a known problem? > > Yes. There are a few issues with the bash-20131025 snapshot. I've > attached a patch that fixes them. Chet, can you push the patch to git to avoid that other people stumble over that build issue, please? Simon
Crash on jobs 2^32-2
Dear all, The following crash was found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). The crash can be reproduced by running: $ ls $ jobs 4278190079 # 2^32-2 We can the crash for - GNU bash, version 4.4.19(1)-release (x86_64-pc-linux-gnu) - GNU bash, version 4.4.23(2) (x86_64-unknown-linux-gnu) - git master branch (commit 64447609994bfddeef1061948022c074093e9a9f) - git devel branch (commit a078e04c3d9163541cce590c3fd00f243fe77613) Credits: Simon Wörner, Sergej Schumilo, Cornelius Aschermann (all of Ruhr-Universität Bochum) Best regards, Simon Wörner
Re: Parallelization of shell scripts for 'configure' etc.
Tim Rühsen writes: > a) The maintainer/contributor/hacker setup > This is when you re-run configure relatively often for the same project(s). > I do this normally and and came up with > https://gitlab.com/gnuwget/wget2/-/wikis/Developer-hints:-Increasing-speed-of-GNU-toolchain. > > It may be a bit outdated, but may help one or the other here. > Btw, I am down to 2.5s for a ./configure run from 25s originally. Wow, I think more developers should known about your final suggestion: https://gitlab.com/gnuwget/wget2/-/wikis/Developer-hints:-Increasing-speed-of-GNU-toolchain#cccflags-dependent-usage-of-configure-caching That is, put this in ~/.bash_aliases: export CONFIG_SITE=~/src/config.site and this in ~/src/config.site: if test "$cache_file" = /dev/null; then hash=`echo $CFLAGS $LDFLAGS $host_alias $build_alias|md5sum|cut -d' ' -f1` cache_file=~/src/config.cache.$CC.$hash fi The top of config.log says which cache file was used, so you can remove it when you hack on autoconf/M4 macros. This appears to save me tons of build time, and I'll run with this now since it is non-obtrusive and doesn't require changes in each project... maybe the CWD should be put into the cache_file string to avoid cache poisining between projects, but that is minor. /Simon signature.asc Description: PGP signature
