Commit Graph

4120 Commits

Author SHA1 Message Date
ryo 3a239caa20 field width of blocksize and inode can be changed by #define 2020-08-21 16:40:02 +00:00
wiz 5946912f7b Remove unmatched .El and mark up signal name with Dv. 2020-08-21 08:14:45 +00:00
kre 50794fe6c1 Man page enhancements.
Better describe the command search procedure.
Document "trap -P"
Describe what works as a function name.
More accurate description of reserved word recognition.
Be more accurate about when field splittng happens after
expansions (and in particular note that tilde expansions are
not subject to field splitting).   Be clear that "$@" is
not field split, it simply produces multiple fields as part
of its expansion (hence IFS is irrelevant to this), but if
used as $@ (unquoted) each field produced is potentially subject
to field splitting.   Other minor wording changes.
2020-08-20 23:19:34 +00:00
kre 4a370dce6a Be less conservative about when we do clear_traps() when we have
traps_invalid (that is, when we actually nuke the parent shell's
caught traps in a subshell).  This allows more reasonable use of
"trap -p" (and similar) in subshells than existed before (and in
particular, that command can be in a function now - there can also
be several related commands like
	traps=$(trap -p INT; trap -p QUIT; trap -p HUP)
A side effect of all of this is that
	(eval "$(trap -p)"; ...)
now allows copying caught traps into a subshell environment, if desired.

Also att the ksh93 variant (the one not picked by POSIX as it isn't
generally as useful) of "trap -p" (but call it "trap -P" which extracts
just the trap action for named signals (giving more than one is usually
undesirable).   This allows
	eval "$(trap -P INT)"
to run the action for SIGINT traps, without needing to attempt to parse
the "trap -p" output.
2020-08-20 23:09:56 +00:00
kre 7a2f8a050c Add lots of comments explaining what is happening in here.
Also enhance some of the DEBUG mode trace output (nothing visible
in a normal shell build).

A couple of very minor code changes that no-one should ever notice
(eg: one less wait() call in the case that there is nothing pending).
2020-08-20 23:03:17 +00:00
kre 20122b0e7d Whitespace. NFCI. 2020-08-20 16:15:50 +00:00
kre 36d40de856 For now, probably forever, prohibit unquoted $ and ` in the names of
functions being defined (they can still be included if quoted).

If we parsed the way POSIX specifies (leaving the exact input text of
$ and ` expansions unaltered, until required to be expanded) this would
not be needed, as the name of a function being defined does not underbo
parameter, command, or arith expansions, so xxx$3() { : ; } would just
work.   But for many reasons we don't do that (and are unlikely to ever,
though maintaing both forms might be an option someday) - which led to
very obscure behaviour (if sh were compiled in DEBUG mode, even an abort())
and certainly nothing useful.   So just prohibit these uses for now.
(A portable function name must be a "name" so this makes no difference
at all to posix compat applications/scripts).

A doc update is pending (the updated sh.1 also contains updates in other
areas not yet appropriate to commit).
2020-08-19 22:41:47 +00:00
dholland 00826baa83 Use the right size for several calloc calls.
When allocating for a Char **, it should use sizeof(Char *), not
sizeof(Char **). This doesn't actually affect the results except
on DS9000 though :-)

(part 2, the instance in this file was as far as I can tell
inexplicably missed by CVS on the first go...)
2020-08-09 00:53:38 +00:00
dholland eadef030c6 Clarify some comments. 2020-08-09 00:51:12 +00:00
dholland 7f63690a47 Use the right size for several calloc calls.
When allocating for a Char **, it should use sizeof(Char *), not
sizeof(Char **). This doesn't actually affect the results except
on DS9000 though :-)
2020-08-09 00:34:21 +00:00
dholland 85bd10cb24 Don't cast the value returned from *malloc. No change to compiler output. 2020-08-09 00:22:53 +00:00
kre b95d46c220 Remove a redundant set of parentheses that were added (along with a
extra && or || or something ... forgotten now) as part a failed attempt
to fix an earlier bug (later fixed a better way) - when the extra
test (never committed) was removed, the now-redundant parentheses got
forgotten...

NFC.
2020-08-01 17:56:56 +00:00
kre b76256406d PR bin/55526
Fix a bug that has existed since the "command" command was added in
2003.   "command foo" would cause the definition of a function "foo"
to be lost (not freed, simply discarded) if "foo" is (in addition to
being a function) a filesystem command.   The case where "foo" is
a builtin was handled.

For now, when a function exists with the same name as a filesystem
command, the latter can never appear in the command hash table, and
when used (which can only be via "command foo", just "foo" finds
the function) will always result in a full PATH search.

XXX pullup everything (from NetBSD 2.0 onwards).   (really -8 and -9)
2020-08-01 17:51:18 +00:00
christos 1d895808a5 Fix skipping of directories that begin with a '.' in -R mode.
It is not enough to avoid displaying the contents of the directory,
we need to set FTS_SKIP to avoid descending into any subdirs too.
Otherwise, if a ".foo" directory has a subdirectory "bar", ls will
descend into bar and display its contents. From Todd Miller
2020-07-07 14:29:06 +00:00
riastradh 88d5cead87 Note that -h is an extension to POSIX. Bump date. 2020-06-24 17:00:58 +00:00
riastradh 7f9ee4a0a0 New mv -h option.
`mv -h source target' just issues rename(source, target) without
discriminating on whether target resolves to a directory; this way
you can atomically replace a symlink to a directory.
2020-06-24 16:58:12 +00:00
wiz 7c0103ad20 Sync usage with manpage. 2020-06-18 19:44:01 +00:00
wiz f28f16fcc6 Sort option descriptions. Sort options in SYNOPSIS. Fix xrefs.
Comment out acl(9) which we don't have.
2020-06-18 19:43:53 +00:00
wiz 55f1f0071b Fix xrefs, comment out acl(9) which we don't have. 2020-06-18 19:36:13 +00:00
kamil 784b5b6759 Fix typo 2020-06-11 13:08:07 +00:00
christos c4078bc63f fix reversed test. 2020-05-22 14:54:30 +00:00
joerg 4fc302656d Mark usage as dead 2020-05-22 01:28:44 +00:00
joerg fb222b1585 Don't return from dead functions. 2020-05-22 01:28:00 +00:00
christos f6a91933fb No ACL support for install media (SMALLPROG) 2020-05-17 23:34:11 +00:00
christos 9aa2a9c323 Add ACL support for FFS. From FreeBSD. 2020-05-16 18:31:45 +00:00
msaitoh 8012ca3f0e Remove extra semicolon. 2020-05-14 08:34:17 +00:00
aymeric c79f400cf4 In sink(), upon error, avoid multiple replies to the source as this
would lead to a desynchronization of the protocol and further files or
directories to be ignored or corrupted.

Reported by Daniel Goujot, Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.
2020-05-06 18:15:40 +00:00
kre fff8f00d1b Bump date for previous change... I frequently forget that bit. 2020-05-06 13:13:50 +00:00
kre 45f67043e6 kill is built-in to more than just csh(1).
While here, add missing Xr sh 1 (which was previously needed, moreso now)
and also include STOP and CONT in the list of common signals.
2020-05-06 09:07:15 +00:00
kre 4685ad7904 Stop forcing the -e option off in the subshell createds for a command
substitution.  This was inherited in the big "-e" fixup patch set (rev 1.50)
of Jan 2000, which came from dash.   dash no longer acts this way.
2020-04-23 09:01:33 +00:00
simonb ccc205ceda Add '-t' option for tcsh-style time output. 2020-04-23 07:54:53 +00:00
joerg e5e328a1f9 Don't depend on common declarations. 2020-04-03 18:11:29 +00:00
joerg 761b9f9565 Don't define max_user_fd in the header. 2020-04-03 16:22:23 +00:00
joerg d79fbfb9e8 Move definition of chdname and do_chroot to options.c 2020-04-03 16:13:32 +00:00
wiz 9a9e6da05a Add some commas. 2020-02-26 07:14:47 +00:00
gutteridge 22b0f33ce3 echo.1: add a note about other echo implementations
The other BSDs all have a note reminding that many shells have their
own internal echo implementations which may vary from this utility, so
add one. (Much of the wording is borrowed from FreeBSD's man page.)

(The other BSDs also have notes about the -n option not really being
portable, and printf[1] being preferable, we might want to add
something about that, too.)
2020-02-26 02:09:46 +00:00
pgoyette 5df404349f Typo: s/./,/ 2020-02-20 18:24:20 +00:00
kre c69ada4cb6 When expanding a here-doc (NXHERE - the type with an unquoted end delim)
the output will not be further processed (at all) so there is no need
to escape magic chars in the output, and doing so leaves stray CTLESC
chars in the here doc text.  Not good.   So don't do that...

To save a strlen() of the result, to determine the size of the here doc,
make rmescapes() return the length of the resulting string (this isn't
needed for other uses, so didn't happen previously).

Reported on current-users@ (2020-02-06) by Jun Ebihara

XXX pullup -9
2020-02-13 05:19:05 +00:00
kre 7aa4a7e25f Avoid a core dump if a child process that is not one of our
children happens to exit while we are waiting for another child
to exit.

This can happen with code like

	sh -c '
		sleep 5 &
		exec sh -c "sleep 10 & wait !$"
	      '

when the inner "sh" is waiting for the 10 second sleep to be
done, the 5 second sleep started earlier terminates.   It is
a child of our process, as the inner shell is the same process
as the outer one, but not a known child (the inner shell has no
idea what the outer one did before it started).

This was observed in the wild by Martijn Dekker (where the outer
shell was bash but that's irrelevant).

XXX pullup -9
2020-02-07 02:06:12 +00:00
fox 4de0c10694 bin/sh: Fixes -Werror=shadow causing build breaks.
Conflicting variable name, sigset_t sigs has been renamed to sigset_t mask

Reviewed by: kamil@
2020-02-07 01:25:08 +00:00
kre 8a62489758 Actually, the issue with bash (in previous) is more likely that the
SIGCHLD is blocked rather than ignored.   We want neither.   Make sure
SIGCHLD is unblocked as well as SIG_DFL.

XXX pullup -9
2020-02-06 20:08:28 +00:00
kre 0b0dde195c If we are invoked with SIGCHLD ignored, we fail badly, as we assume
that we can always wait(2) for our children, and an ignored SIGCHLD
prevents that.   Recent versions of bash can be convinced (due to a
bug most likely) to invoke us that way.   Always return SIGCHLD to
SIG_DFL during init - we already prevent scripts from fiddling it.

All ash derived shells apparently have this problem (observed by
Martijn Dekker, and notified on the bash-bug list).  Actual issue
diagnosed by Harald van Dijk (same list).
2020-02-06 19:51:59 +00:00
fox bbacb4192b bin/csh: Fix the -Wclobber warning.
Mark the variable as volatile as it can be clobbered when a vfork occurs.

Error was reported when build.sh was run with MKLIBCSANITIZER=yes flag.

Reviewed by: kamil@
2020-02-05 20:06:17 +00:00
kre 92dfd40c67 Oops, the previous didn't do what was promised. Rather that ignoring
just "--" for exec & "." it ignored any first arg starting '-'.
Do it properly.
2020-02-05 14:56:25 +00:00
kre ebc4cf1cc6 After bug report 262 (from 2010)
https://austingroupbugs.net/view.php?id=252
the Austin Group decided to require processing of "--" by the "."
and "exec" commands to solve a problem where some shells did
option processing for those commands (permitted) and others did
not (also permitted) which left no safe way to process a file
with a name beginning with "-".

This has finally made its way into what will be the next version of
the POSIX standard.

Since this shell did no option processing at all for those commands,
we need to update.   This is that update.

The sole effect is that a "--" 'option' (to "." or "exec") is ignored.
This means that if you want to use "--" as the arg to one of those
commands, it needs to be given twice ". -- --".   Apart from that there
should be no difference at all (though the "--" can now be used in other
situations, where we did not require it before, and still do not).
2020-02-04 16:06:59 +00:00
christos f550769e95 Add file completion. 2020-01-12 18:42:41 +00:00
christos 08c40aa982 remove unused 2020-01-12 18:36:55 +00:00
christos a02ac89d43 PR/54853: Greg Oster: unable to 'unset filec' or 'unset edit' in csh
While here allow set edit=vi
2020-01-12 03:50:30 +00:00
kre a6dacc2280 Use fork() rather than vfork() when forking to run a background
process with redirects.   If we use vfork() and a redirect hangs
(eg: opening a fifo) which the parent was intended to unhang,
then the parent never gets to continue to unhang the child.

eg:  mkfifo f; cat <f &; echo foo>f

The parent should not be waiting for a background process, even
just for its exec() to complete.   if there are no redirects there
is (should be) nothing left that might be done that will cause any
noticeable delay, so vfork() should be safe in all other cases.
2019-12-21 18:54:15 +00:00
kre 7af1d9b731 Correct a typo in a comment, 08x0 was meant to be 0x80 (duh!). NFC. 2019-12-10 09:18:37 +00:00
kre ff46268c6a PR bin/54743
If a builtin command or function is the final command intended to be
executed, and is interrupted by a caught signal, the trap handler for
that signal was not executed - the shell simply exited (an exit trap
handler would still have been run - if there was one the handler
for the signal may have been invoked during the execution of the
exit trap handler, which, if it happened, is incorrect sequencing).

Now, if we're exiting, and there are pending signals, run their handlers
just before running the EXIT trap handler, if any.

There are almost certainly plenty more issues with traps that need
solving.   Later,

XXX pullup -9

(-8 is too different in this area, and this problem suitably obscure,
that we won't bother)     (the -7 sh is simply obsolete).
2019-12-09 00:14:30 +00:00
kre 6fc2ffa023 PR bin/54743
Having traps set should not enforce a fork for the next command,
whatever that command happens to be, only for commands which would
normally fork if they weren't the last command expected to be
executed (ie: builtins and functions shouldn't be exexuted in a
sub-shell merely because a trap is set).

As it was (for example)
	trap 'whatever' SIGANY; wait $anypid
was guaranteed to fail the wait, as the subshell it was executed
in could not have any children.

XXX pullup -9
2019-12-09 00:14:24 +00:00
joerg 039ca0edea Avoid arithmetics on strings. 2019-10-29 16:19:59 +00:00
christos d08d589de9 remove masking and cast (requested by kre@) 2019-10-14 13:34:14 +00:00
christos 7a3a738c59 prevent sign extension from making expression always false. 2019-10-13 20:55:04 +00:00
mrg de11d87641 introduce some common variables for use in GCC warning disables:
GCC_NO_FORMAT_TRUNCATION    -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION  -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW    -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE   -Wno-cast-function-type (GCC 8)

use these to turn off warnings for most GCC-8 complaints.  many
of these are false positives, most of the real bugs are already
commited, or are yet to come.


we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."
2019-10-13 07:28:04 +00:00
kre e291c05efd Remove a (completely harmless) duplicate assignment introduced in a
code merge from FreeBSD in 2017.   NFC.

Pointed out by Roland Illig.
2019-10-08 03:53:57 +00:00
kre 7dca2b7edd Open code the validity test & copy of the character class name in
a bracket expression in a pattern (ie: [[:THISNAME:]]).   Previously
the code used strspn() to look for invalid chars in the name, and
then memcpy(), now we do the test and copy a character at a time.
This might, or might not, be faster, but it now correctly handles
\ quoted characters in the name (' and " quoting were already
dealt with, \ was too in an earlier version, but when the \ handling
changes were made, this piece of code broke).

Not exactly a vital bug fix (who writes [[:\alpha:]] or similar?)
but it should work correctly regardless of how obscure the usage is.

Problem noted by Harald van Dijk

XXX pullup -9
2019-10-08 03:52:44 +00:00
mrg 924b11844c copy libc's swab.c into dd as dd_swab(), and remove the restrict.
our implementation was fine, but the restrict marker is problematic
as gcc 8 is now more strict about checking for restrict issues.

this is the only actual consumer of swab(3) in our tree, though,
besides the test for it.  oh well.
2019-10-04 08:57:37 +00:00
mrg 21303c93e9 convert HAVE_GCC == 7 to HAVE_GCC >= 7. 2019-09-29 23:44:58 +00:00
mlelstv 6883e45b87 Fix FALLTHROUGH comments. 2019-09-26 11:01:09 +00:00
christos 7790b32131 PR/54564: Jan Schaumann: cp of a fifo yields an empty file
Don't short-circuit 0 sized stat entries if they don't belong to regular files.
Also don't try to mmap non-regular files.
2019-09-23 18:01:09 +00:00
christos 104d898ec7 we don't need root anymore. 2019-09-23 15:24:44 +00:00
christos 02cdd248ec Add a new member to struct vfsstat and grow the unused members
The new member is caled f_mntfromlabel and it is the dkw_wname
of the corresponding wedge. This is now used by df -W to display
the mountpoint name as NAME=
2019-09-22 22:59:37 +00:00
wiz d83135eb3e file system police. Fix typo. Fix macro use. 2019-09-20 13:43:47 +00:00
christos dc03ac3f22 It is not just root, it is device read access (kre) 2019-09-18 23:43:23 +00:00
christos 47f3b76374 mention that -W needs root. 2019-09-18 20:17:46 +00:00
christos d06f528c83 Print the wedge name with -W instead of mntfrom 2019-09-18 20:14:44 +00:00
kamil 597efdbfe5 Drop -D_INCOMPLETE_XOPEN_C063 from dd(1) 2019-09-15 23:58:31 +00:00
kamil 5626006fd5 ps(1): Guard freeing the memory of pinfo with __NO_LEAKS.
No more leaks are detected by LSan/NetBSD as of the LLVM snapshot
(clang10svn) from 2019-09-15.
2019-09-15 15:27:50 +00:00
kamil fd0c6ecff6 Plug memory leak in ps(1)
pinfo is allocated in setpinfo() with calloc(3).

Free it when no longer used, just before the program termination.

Detected with LSan.
2019-09-11 17:02:53 +00:00
christos 0282eceed1 Don't fail when the line discipline ioctl fails (since it secondary
like the other tty ioctls that we only warn about). Do the main
ioctl (tcgetattr) first, since that provides a better error message
(ENOTTY instead of EINVAL).
2019-09-06 16:28:53 +00:00
uwe 9028c79eae Install manual pages for tar and cpio only if ${MKBSDTAR} == "no"
PR bin/54468
2019-08-15 21:05:16 +00:00
kamil 37157e31f8 Restore maxrss, idrss, isrss, ixrss printing in ps(1)
The RSS related statistics are now back in the NetBSD kernel.

These values were disabled since day0 until today.

libkvm(3) users will still receive inappropriate values as RSS statistics
are updated upon sysctl(3) call.

Patch submitted by <Krzysztof Lasocki>
2019-08-06 18:07:51 +00:00
kamil 41a1344d4e Add a fallback definition of LSDEAD in ps(1)
The symbol is no longer available in headers.

Requested by <mrg>
2019-06-19 21:25:50 +00:00
kamil 561652851d Make LSDEAD usage conditional
LSDEAD is not used since NetBSD-5.0 and will be gone.

The same conditional usage is already in ps.c in the same program.
2019-06-18 02:23:29 +00:00
kre c531b5689e When a return occurs in the test part of a loop statement (while/until)
(inside a function or dot script) the exit status of that return
statement should become the exit status of the function (or dot
script) - we were ignoring it,

That is
	fn() { while return 7; do return 9; done; return 11; }
should exit with status 7.   It was exiting 0.

This is apparently another old ash bug that has been fixed
everywhere else in the past.

Issue pointed out by Martijn Dekker, (fairly obvious) fix borrowed
from FreeBSD, due for return sometime next century.
2019-05-04 02:52:55 +00:00
kre b7fc669e75 Fix an (apparent) ancient ash bug, that was apparently fixed sometime
in the past, but managed to re-surface...

The expression "${0+\}}" should expand to "}" not "\}"
Almost all other shells handle it that way (incl FreeBSD & dash).

Issue pointed out by Martijn Dekker.

Add ATF sub-tests for the 4 old var expand operators (${var+word}
${var-word} ${var-word} and ${var?word} - including the forms
with the ':' included) and amongst those tests include test cases
for this issue, so if the bug tries to appear again, we can squash
it quicker.   (The newer pattern matching operators are already
well tested as part of testing patterns.)
2019-05-04 02:52:22 +00:00
kre e904ec4095 Better interactive SIGINT handling (when a trap is set), and other
cleanups to the trap code.   No longer silently ignore attempts to
do anything other than set SIGKILL or SIGSTOP to the default ('-")
state.   Don't include those in trap or trap -p output (the former
because they cannot be other than in default state, so simply aren't
included, the latter because it is pointless) but do list them
when requested with trap -p SIG.

Interactive mode SIGINT traps are now run ASAP, rather than after
a command has been entered (so the sequence ^C \n is no longer needed
to generate one).   Further, when trapped, in interactive mode,
while waiting for a user command, a SIGINT acts (aside from the
trap being run) just like when not trapped, aborts the command being
entered (rather than leaving it, which it did when libedit was in use)
prints a new prompt, and starts again (which is what should happen.)

Traps other than SIGINT (which has always been handled special in
interactive mode) are unaffected by this change, as are SIGINT traps
in non-interactive shells.    Or that is the intent anyway.

Fix an in_dotrap ref count bug (was never being decremented... that
was inserted in a place never executed) (relatively harmless) and
add/improve some trap/signal related DEBUG mode tracing.
2019-04-25 03:54:10 +00:00
cheusov f8f9f44113 Fix compilation failure with gcc-8.
Equal pointers to 'struct sigaction' should not be passed to sigaction(2).
  So, we pass NULL as an "old sigaction" structure.
2019-04-24 17:27:08 +00:00
kre bb952598c8 Bump date for previous. 2019-04-22 04:10:33 +00:00
kre 15fbfbbfd4 PR standards/40554
Update the description of the <& and >& redirection operators
(as indicated would happen in a message appended to the PR a week ago,
which received no opposition - no feedback).

Some rewriting of the section on redirects (including how the word
expansion of the "file" works) to make this simpler & more accurate.
2019-04-22 04:04:35 +00:00
uwe 2dbf991860 -compact must come last 2019-04-15 20:35:25 +00:00
kre 265b061776 PR bin/54112
Fix handling of "$@" (that is, double quoted dollar at), when it
appears in a string which will be subject to field splitting.

Eg:
	${0+"$@" }

More common usages, like the simple "$@" or ${0+"$@"} end up
being entirely quoted, so no field splitting happens, and the
problem was avoided.

See the PR for more details.

This ends up making a bunch of old hack code (and some that was
relatively new) vanish - for now it is just #if 0'd or commented out.
Cleanups of that stuff will happen later.

That some of the worst $@ hacks are now gone does not mean that processing
of "$@" does not retain a very special place in every hackers heart.
RIP extreme ugliness - long live the merely ordinary ugly.

Added a new bin/sh ATF test case to verify that all this remains fixed.
2019-04-10 08:13:11 +00:00
kre da46072561 Fix a logic botch that prevented "wait -n" (with no pid args) from
finding a job that had previously terminated.

Now in that case JOBWANTED is set on all jobs (since any will do)
which then simplifies a later test which no longer needs to special
case "wait -n".   Further, we always look to see if any wanted
job has already terminated, even if there are still running jobs
we can wait upon - if anything is already ready, that's where we start
harvesting (and finish, if -n is specified).
2019-03-26 13:32:26 +00:00
mlelstv a7b9d4bbeb When buffers are at least page sized, explicitely request page alignment. 2019-03-23 09:33:16 +00:00
gutteridge ee05db8218 pax: fix typos in comments in file_subs.c & tar.c
Stamp out "greengrocers' apostrophes" in various places (arguably there
are still more present, but style guides vary on that, and my energies
spent corralling wayward punctuation marks could be spent elsewhere).
2019-03-20 03:13:39 +00:00
gutteridge 01205dd53a pax: minor adjustments to comments in pat_rep.c
Amend several comments to match present reality (the functionality was
added back in 2007).
2019-03-20 02:50:50 +00:00
wiz c9960b6dc5 Whitespace nits. 2019-03-19 10:14:46 +00:00
gutteridge b96bf3b04c pax.1 & tar.1: add a minor clarification about "-s"
As a somewhat pedantic clarification, "-s" does not accept backslashes
as delimiters. (While here, also make the macro use of an expression
shared between pax.1 and tar.1 consistent.)
2019-03-19 00:36:14 +00:00
gutteridge 76144f4ebd pax.1: document the "s" flag of the "s" option
Note the "s" option has an "s" flag that "prevents substitutions from
being performed on symbolic link destinations". Carry over r. 1.25 from
christos@ and part of r. 1.26 from wiz@ from tar.1, since this
functionality is available in pax as well as tar.
2019-03-19 00:12:08 +00:00
kre b0172d2346 Deal with overflow when the sleep duration given is a simple
integer (previously it was just clamped at the max possible value).
This would have caused
	sleep 10000000000000000000
(or anything bigger) to have only actually slept for 9223372036854775807
secs.   Someone would have noticed that happen, one day, in some other
universe.

This is now an error, as it was previously if this had been entered as
	sleep 1e19

Also detect an attempt to sleep for so long that a time_t will no longer
be able to represent the current time when the sleep is done.

Undo the attempts to work around a broken kernel nanosleep()
implementation (by only ever issuing shortish sleep requests,
and looping).   That code was broken (idiot botch of mine) though
you would have had to wait a month to observe it happen.  I was going
to just fix it, but sanity prevailed, and the kernel got fixed instead.

That allows this to be much simplified, only looping as needed to
handle dealing with SIGINFO.   Switch to using clock_nanosleep()
to implement the delay, as while our nanosleep() uses CLOCK_MONOTONIC
the standards say it should use CLOCK_REALTIME, and if that we
ever changed that, the old way would alter "sleep 5" from
"sleep for 5 seconds" to "sleep until now + 5 secs", which is
subtly different.

Always use %g format to print the original sleep duration in reports of how
much time remains - this works best for both long and short durations.
A couple of other minor (frill) mods to the SIGINFO report message as well.
2019-03-10 15:18:45 +00:00
kre 8d9b075152 The previous commit was obviously made by a broken mindless automoton
with an IQ that underflows when one attempts to enter it as an
unnormalised 160 bit long long double...

Whoever would believe that (~0 & anything) was a meaningful thing
to write?   And three times in one #define.   That could not possibly
have been me, could it?

Simplify, simplify, simplify.		NFC.
2019-03-01 06:15:01 +00:00
kre f2dc75406d Inspired by (really the need for) Maya's patch to pkgsrc/shells/bash
to allow bash to build fdflags on Solaris 10, here are some mods that
fix that, and some other similar issues in the NetBSD version of fdflags.

The bash implementation of fdflags is based upon the one Christos did for
the NetBSD sh, so the issues are similar ... the NetBSD sh cannot yet
(easily anyway) build on anything except NetBSD, so this change makes
no current difference at all (just adds some compile time tests (#ifdef)
which always work out the way things did before, when built on NetBSD).

However, there is no system on which any modern shell can hope to work
which does not support close on exec, or fcntl(F_SETFD,...) to set it.
The O_CLOEXEC and FD_CLOEXEC definitions might not exist, but close on
exec can still be manipulated.   Since the primary rationale for
the fdflags builtin was to be able to manipulate that state bit from
scripts, it would be annoying to lose that one, and keep all the (less
important) others, just because O_CLOEXEC is not defined, so do the
fix (workaround) a different way than was done in the bash patch.

Further, more than fdflags() will fail if O_CLOEXEC is not defined,
so handle that as well.

Also fix another oddity ... (noticed by reading the code) - if
fcntl(F_GETFL,...) returned any bits set that we don't understand,
the code was supposed to simply print their values as a hex constant,
when fdflags is run with -v.    However, the getflags() function was
clearing all bits that the code did not know about ... so there is
no way any unknown bit could ever make it out to be printed.  Handle
that a different way - instead of clearing unknown bits, clear any
bits that get returned which we understand, but do not want to deal
with (stuff like O_WRONLY, which should not be returned from the
fcntl(), but who knows...)   Leave any unknown bits that happen to be
set, set, so that printone() can display them if appropriate.
(This is most likely to happen when running an older shell on a new
kernel where the kernel supports some new flag that the shell has
not been taught to understand).

NFCI that anyone should notice anytime soon.
2019-03-01 05:23:35 +00:00
kre 256d645df3 Finish the fixes from Feb 4 for handling of random data that
matches the internal CTL* chars.

The earlier fixes handled CTL* char values in var expansions,
but not in various other places they can occur (positional
parameters, $@ $* -- even potentially $0 and ~ expansions,
as well as byte strings generated from a \u in a $'' string).

These should all be correctly handled now.   There is a new
ISCTL() macro to make the test, rather than using the old
BASESYNTAX[c]==CCTL form (which us still a viable alternative)
as the new way allows compiler optimisations, and less mem
references, so it should be smaller and faster.

Also, be sure in all cases to remove any CTLESC (or other)
CTL* chars from all strings before they are made available
for any external use (there was one case missed - which didn't
matter when we weren't bothering to escape the CTL* chars at
all.)

XXX pullup-8 (will need to be via a patch) along with the Feb 4 fixes.
2019-02-27 04:10:56 +00:00
kre 2ec3f71485 DEBUG mode only change. When pretty-printing a word from a parse
tree, don't display a CTLESC which is there only to protect a CTL*
char (a data char that happens to have the same value).  No actual
CTL* chars are printed as data, so no escaping is needed to protect
data which just happens to look the same.  Dropping this avoids the
possibility of confusion/ambiguity in what the word actually contains.

NFC for any normal shell build (very little of this file gets compiled there)
2019-02-14 13:27:59 +00:00
kre 727a664bee Add the "specialvar" built-in command. Discussed (well, mentioned
anway) on tech-userlevel with no adverse response.

This allows the magic of vars like HOSTNAME SECONDS, ToD (etc) to be
restored should it be lost - perhaps by having a var of the same name
imported from the environment (which needs to remove the magic in case
a set of scripts are using the env to pass data, and the var name chosen
happens to be one of our magic ones).

No change to SMALL shells (or smaller) - none of the magic vars (except
LINENO, which is exempt from all of this) exist in those, hence such a
shell has no need for this command either.
2019-02-14 11:15:24 +00:00
kre ec83c7c484 Delete a no-longer-used #define that referred to a struct field that
no longer exists.   Also correct a couple of typos in comments.    NFC.
2019-02-13 21:40:50 +00:00
kre 72c6780ab3 Remove a function prototype which was added to <histedit.h> in 2005.
I think we can trust it to be stable by now, and doin't need the dup.
2019-02-10 19:21:52 +00:00
kre 4d2988311a Add a check that the file descriptor mentioned in a N> or N< type
redirect operator is within range of what the code tree node can
hold.   Currently this is a no-op change (the new error can never
occur) as the code already checks that N is in range for an int
(and errors if not) and the field in the node in which we store N
is also an int, so we cannot overflow - but fd's do not really need
to be that big (the max a typical kernel supports is < 10000) so
this just adds validation in case it ever happens that we decide we
can save some node size (ie: sh memory) by making that field smaller.

Note this is parse time error detection, and has no bearing upon
the execution time error that will occur if a script attempts to use
an fd that exceeds the process's max fd limit.

NFCI (for now anyway.)
2019-02-09 09:50:31 +00:00
kre 83735e242c DTRT when dynamically generated variables return "unset" instead of
a value.   There are none which do that at the minute, so this is a NFCI
change, which is just making the code correct even though nothing
currently triggers any bugs.
2019-02-09 09:38:11 +00:00
kre 733a465e66 DEBUG mode change only. Add one extra trace point. NFC for normal builds. 2019-02-09 09:34:43 +00:00
kre 750dbf249a When an interactive shell exits due to an EOF on stdin, send a newline
to stderr (to follow the previous prompt) and cleanup more nicely.
2019-02-09 09:33:20 +00:00
kre ccf5ffdbe9 In the unlikely event that restarting a job fails (the fg bg and various
%x commands) generate the most useful error message (from errno value)
rather than whichever happened last.

In posix mode, cause the "jobs" command to delete records of completed
jobs it reports on (as posix requires) as is done in interactive shells.
We don't (won't) do this in !posix mode, as the ability to throw in a
"jobs" command in a script to debug what is happening is too useful to
lose -- and any script that is relying on "jobs" instead of "wait" to
cleanup background processes (from the sh jobs table, sh always collects
zombies from the kernel) is absurd and not worth considering (besides
which I've never seen one).
2019-02-09 09:31:33 +00:00
kre b4a242b5e2 KNF - white space changes, indent using tabs not spaces. NFC. 2019-02-09 09:20:47 +00:00
kre 39879a1c65 DEBUG mode build changes - add extra trace output.
NFC for any normal shell build.
2019-02-09 09:17:59 +00:00
kre f42ddab0ac Delete extern decl for trap[] - hasn't been needed for a while now. 2019-02-09 09:15:22 +00:00
kre 3dbd860142 Allocate alias pointers for qsort() to use on the stack, rather than
directly via malloc() so they get cleaned up correctly on error/intr.

NFCI.
2019-02-09 09:11:07 +00:00
kre e8999de45c INTON / INTOFF audit and cleanup.
No visible differences expected - there is a remote chance that
some internal lossage may no longer occur in interactive shells
that receive SIGINT (untrapped) at inopportune times, but you would
have had to have been very unlucky to have ever suffered from that.
2019-02-09 03:35:55 +00:00
wiz 169c18b89d Remove leading zero from date. 2019-02-04 12:18:36 +00:00
kre 4084f829ec PR bin/53919
Suppress shell error messages while expanding $ENV (which also causes
errors while expanding $PS1 $PS2 and $PS4 to be suppressed as well).

This allows any random garbage that happens to be in ENV to not
cause noise when the shell starts (which is effectively all it did).

On a parse error (for any of those vars) we also use "" as the result,
which will be a null prompt, and avoid attempting to open any file for ENV.

This does not in any way change what happens for a correctly parsed command
substitution (either when it is executed when permitted for one of the
prompts, or when it is not (which is always for ENV)) and commands run
from those can still produce error output (but shell errors remain suppressed).
2019-02-04 11:16:41 +00:00
kre 513431119a Add a couple of comments. NFC. 2019-02-04 09:56:48 +00:00
kre 58e34de6bb Fix an old bug (very old) that was made worse in 1.128 (the "${1+$@}"
fixes) where a variable containing a CTL char (the only possibility used
to be CTLESC (0x81)) would lose that character if the variable was expanded
when "set -f" (noglob) was in effect.

1.128 made this worse by adding more 0x8z values (a couple more) which would
see the same behaviour, and one of those was noticed by Martijn Dekker.

The reasoning was that when noglob is on, when a var is expanded, there are
no magic chars, so (apparently) no need to escape anything.  Hence nothing
was escaped .. including any CTL chars that happened to be present.  When
we later rmescapes() the CTL chars that we expect might occur are summarily
removed - even if they weren't really CTL chars, but just data masquerading.

We must *always* escape any CTL char clones that are in the var value,
no matter what other conditions apply, and what we expect to happen next.

While here, fix rmescapes() (and its $(()) clone, rmescapes_nl()) to
be more robust, less likely to forget to delete anything (which was
not the issue here, just the reverse) and in a DEBUG shell, have the
shell abort() if it encounters something in rmescapes() it is not
anticipating, so the code can be made to handle it, or if it should
not happen, we can find out why it did.

XXX pullup -8 (but will need to be via patch, code is quite different).
2019-02-04 09:56:26 +00:00
mrg f0885992ce - bump buffer sizes to avoid potential truncation issues 2019-02-04 04:36:41 +00:00
mrg 1fcf7be45f - use -Wno-error=implicit-fallthrough with GCC7. 2019-02-04 04:05:15 +00:00
mrg 684b182f81 compare pointers with NULL not '\0'. 2019-02-01 08:29:03 +00:00
wiz 539951b361 Fix typos; use American spelling consistently. Remove an unnecessary macro. 2019-01-30 10:28:50 +00:00
mrg d9150b46de adjust the open flags available for dd to match actual reality
of what matters.  remove "search" for now, since O_SEARCH has
no backend.  document them all.
2019-01-30 01:40:02 +00:00
wiz d7fa63f1ef Sort sections. 2019-01-27 17:42:53 +00:00
christos 4b72dcea07 cast to intmax_t instead of long, since time_t is "long long" 2019-01-27 02:00:45 +00:00
martin 4d553ef408 Explicitly cast time_t to match format string - should fix the build on
some 32bit architectures.
2019-01-26 18:14:22 +00:00
kre a7fe3a0309 While cute, the previous version is not really safe.
After all, a system might want to sleep for several
thousand years on a spaceship headed to a distant
solar system...

So, remove the pause() code, deal with limits on the
range (it is just an int) that can be passed to sleep()
by looping, and do a much better job of checking for
out of range input values.

With this change sleep(1) should work for durations
up to something more than 250 billion years.  It
fails (at startup, with an error) if the requested
duration is beyond what can be handled.

Here no changes at all related to locales and arg
parsing.    Still for another day.
2019-01-26 15:20:50 +00:00
kre 6f62877535 Adjust the way the arg string is parsed in the "not entirely
integer" case, so we avoid adjusting the locale of sleep,
and generally be more reliable and simpler.

In addition, deal with weirdness in nanosleep() when the
interval gets long, by avoiding using it.  In this version
when the sleep interval < 10000 seconds, we use nanosleep()
as before, for delays longer than that we use sleep() instead,
and ignore any fractional seconds.

We avoid overflow problems here by not bothering to sleep
at all for delays longer than 135 years (approx) and simply
pause() instead.   That sleep never terminates in such a
case is unlikely to ever be observed.

This commit makes no decision on the question of whether
the arg should be interpreted in the locale of the user,
or always in the C locale.   That is for another day.
2019-01-26 15:19:08 +00:00
kre 4e25d54034 lexical analysis fixes. This fixes the tests just committed in
src/tests/bin/sh/t_here.sh

The "magicq" magic was all wrong - it cannot be simply a parameter
to readtoken1() as its value needs to alter during that routine
(eg: when magicq is set - processing here doc text, or whatever)
and we encountered ${var%pattern} "magicq" needs to be off for
"pattern" - and it wasn't.

To handle this magicq needs to be included in the token stack struct,
and simply init'd from the arg to readtoken1 (which we rename).
Then it can be manipulated as required.

Once we no longer have that problem, some other issues can be cleaned
up as well (some of this unbelievably fragile code was attempting to
cope with this in various ad-hoc - and mostly broken - ways).

Also, remove the magicq parameter from parsebackq() - it was not
used (at all) and should never be, a command substitution, wherever
it appears, always starts a new parsing context.  How that applies
to old style command substitutions is less clear, but until we see
some real examples where we're not doing the right thing (slightly
less likely now than before ... nothing has changed here in the
way command substitutions are parsed, but quoting in general is
slightly better) I don't plan on worrying about it.

There are a couple of other minor cleanups, which make no actual
difference (like adding () around the use of the parameter in the
RETURN macro ... which is generally better, but makes no difference
here as the param is always a simple constant.

All the current ATF tests pass.
2019-01-22 14:32:17 +00:00
kre a672c6e148 NFCI - DEBUG mode only change.
Add tracing of lexical analyser operations.   This is deliberately
kept out of the normal "all on" set as it makes a *lot* of noise
when enabled (especially in verbose mode) - but when needed, it
helps (evidence for which is coming soon).

As usual, no doc, you need the sources (and of course, a specially
built sh to even be able to enable it.)
2019-01-22 13:48:28 +00:00
kre f2dc4639fa DEBUG mode shell cleanups (NFC for any normal shell).
Add an error DEBUG trace in exraise() (when the shell has detected
some error or signal, and is aborting what it is doing)

Fix an arith error in DEBUG bit assignments (harmless as we haven't
reached the limit of flags yet), and add some missing (recently added)
debug flags so they are turned on when the user (ie: me) asks for
"everything".
2019-01-21 14:29:12 +00:00
kre 9cef82b269 Fix an amazing crazy botch (of mine) when expanding prompt strings
(PS1 etc) which, if the shell were already exiting, and a prompt
were to be expanded (which only really happens if -x is enabled,
and an exit trap is set, so the commands in the trap need PS4
expanded and written, last thing, before the shell exits) the shell
would instead simply exit when it finished expanding PS4 (before
even writing it, or the xtrace output).

There were more conditions required to set up the environment for
this to actually occur (it seems to only happen when the exit trap
is set in a function, called in a command substitution) but that's
unimportant, the code was nonsense.

Problem noticed by Martijn Dekker.

XXX pullup -8
2019-01-21 14:24:44 +00:00
kre 6b3f958390 When we are about to execute something, and the traps are invalid
(which means this is the very first execution in a new subshell)
clear the traps completely, unless the command is "trap".   We were
allowing any special builtin, which was probably harmless, but not
intended.

Also (though not required) permit "command trap" and "eval trap"
and combinations thereof, because they might be useful, and there is
no particular reason why not.   This is all a part of making t=$(trap)
work as POSIX requires, but almost nothing beyond that.  The "trap"
command must be alone (modulo eval and command) in the subshell for
the exception to apply, no t=$(trap; echo) or anything like that.

Martijn Dekker asked for "command trap" to work (no idea why though,
it converts "trap" from being a special builtin, to a normal one,
which means an error won't cause the shell to exit ... if there's
an error, the "trap" command won't do anything useful, and as we
permit no more commands (for this special treatment) the shell is
going to exit anyway, this difference is not really significant.
2019-01-21 14:18:59 +00:00
kre f499a5853f Add an explanation of the error (warning)
RANDOM initialisation failed
when the shell might print after RANDOM has been reseeded
(which includes at sh startup) the next time RANDOM is accessed.
It indicates that /dev/urandom was not available or did not
provide data - in that case, sh uses a (weak) seed made out of
the pid and time (but otherwise nothing else changes).
2019-01-21 14:09:24 +00:00
kre dd761e12dc Fix an off by one buffer length problem. Fortunately, it was off by
one in the "safe" way (it was ensuring the buffer always ended in 2 \0
characters ... one is enough.)   This could affect the expansions of
LINENO RANDOM and SECONDS, though only if they have at least 8 digits
(and then, only sometimes).   RANDOM thus is safe, as it never produces
a number with more than 5 digits, you'd need a script with 10000000
lines before there might be an issue with LINENO (and even autoconf
generated scripts don't generally get that bit) and a shell would need
to be running for almost 4 months for SECONDS to climb that high.

Nevertheless: XXX pullup -8.
2019-01-21 13:27:29 +00:00
kre 66ac24c3bf When we exit from running off the end of the input file (which
includes typing ^D) make sure LINENO is set to indicate the last
(actually one past last) line in the input file, rather than
whatever it was set to by the last command that was actually
executed (which could be some line in a function defined in
some other file).

No effect on exit via an explicit exit command - that would already
set the line number correctly.
2019-01-19 14:20:22 +00:00
kre f04239a697 Allow the decimal radix character '.' to work, regardless of
what the current locale's radix character happens to be,
while still allowing locale specific entry of fractional
seconds (ie: if you're in locale where the radix character
is ',' you san use "sleep 2.5" or "sleep 2,5" and they
accomplish the same thing).

This avoids issues with the "sleep 0.05" in rc.subr which
generated usage messages when a locale that does not use
'.' as its radix character was in use.

Reported on netbsd-users by Dima Veselov, with the problem
diagnosed by Martin Husemann

While here, tighten the arg validity checking (3+4 is
no longer permitted as a synonym of 3) and allow 0.0
to mean the same thing as 0 rather than being an error.

Also, make the SIGINFO reports a little nicer (IMO).

The ATF tests for sleep all pass (not that that means a lot).
2019-01-19 13:27:12 +00:00
kre cf75e20323 Add some error checking, and stop assuming what the input
will necessarily contain.   Allow defined nodes to use any
intN_t or unintN_t (as well as plain old int) data types
in fields (along with the others that are permitted).

Note: this script is a part of the build procedure for /bin/sh,
the modified version generates the exact same output files
(for the unaltered input specifications) as the previous one
did, hence no visible change is expected (or even possible).

While there is a tiny chance that some host shell will fail
to be able to run this script while building, the script still
uses nothing even slightly exotic, and is much more conservative
than other scripts used during the build process, so there should
be no issues there either.
2019-01-19 13:08:50 +00:00
kre e8ed7c888d Finish (hopefully) the second half of 1.47 ... make sure
that when traps are marked as invalid, we never use them
for anything except output from the trap command.

Fixes issues where sub-shells of shells which use traps
(eg: to trap SIGPIPE) can end up looping forever if the
signal occurs in a sub-shell (where the trap is supposed
to be reset to its default).   Reported, and mostly
analyzed by Martijn Dekker.
2019-01-18 06:28:09 +00:00
kre 1a9b5ae61d Redo 1.65 in a simpler way. This is the bit rot avoidance code
that is #if 0'd and (still) has never been compiled (most likely
never will be.)

While here, in the same uncompiled code, deal with line number
counting.   Whether this is correct depends upon how this code
is used, and as it never is (and never has been since line numbers
first started being counted), this is somewhat speculative, but
it seems likely to be the correct way to handle things.

NFC (this code is still all #if 0).
2019-01-16 07:14:17 +00:00
kre 20c0839ae2 Don't use quoteflag when deciding if the word after an alias
should be looked up as a potential following alias - if the first
expands to a string that ends with a space (any space, quoted or
not) then the next word is to be treated as an alias candidate.
(POSIX was to specify only unquoted spaces, but is now going to
leave that unspecified, and the "any space" version turns out to
be more useful.

And besides, the quoteflag test didn't work properly, and would
have been very messy to fix ... if in a word (as if we have a
quoted space) it means that the word has been quoted, which meant
that quoted spaces were correctly detected, but it outside a word,
it just means that the previous word was quoted, so it would sometimes
reject alias lookup on the next word in cases where it is unquestioned
it should be done.
2019-01-15 14:23:56 +00:00
kre be7c7b5cbb pgetc_linecont() needs to use pgetc() rather than pgetc_macro()
so the fake char returned by the latter when an alias ends (which
is there so we can correctly avoid alias recursion) is correctly
ignored where it is not wanted.
2019-01-15 14:17:49 +00:00
kre 39225745fe Correct an (old) typo in a comment. NFC - it is just a comment. 2019-01-09 11:09:16 +00:00
kre ed405f1d4e Fix the code taken from FreeBSD 2 revisions back, which fixed
aliases, to actually do what it was supposed to do, and not just
come close by accident.   (How broken this was, while still seeming
to work perfectly most of the time was truly amazing!)

This corrects the behaviour of an alias defined with a blank char
as the last of its value, to correctly do an alias lookup on the
word that follows the alias.
2019-01-09 11:08:09 +00:00
kre 6046dde455 Update some dead (#if 0'd) code that is never called to
cope with the changes made in the previous revision, in an
attempt to avoid bit rot.

Untested (uncompiled) - though it should work.

NFC: this change doesn't get compiled, let alone used.
2019-01-09 11:04:54 +00:00
kre a559cfeaae A similar fix to that added in 1.169 of eval.c, but here for when
processing command substitutions.   If there is an error while processing,
the any pending queued input should be discarded.   From FreeBSD.
2019-01-09 10:59:20 +00:00
kre a582e232a9 When an error occurs in a builtin from which we do not exit
(a normal builtin, though those are not genrally an issue for
this problem, or a special builtin that has been prefixed by "command")
make sure that we discard any pending input that might have been
queued up, but not yet processed.

We had the mechanism to fix this from when expansion of PS1 etc
was added (which has a similar problem to deal with) - all taken
from FreeBSD - but did not bother to use it here until now...

This fixes an error detected by newly added ATF tests of the eval
builtin, where
	eval 'syntax error
		another command'
would go ahead and evaluate "another command" which should not
happen (note: only when there was a \n between the two).
2019-01-09 10:57:43 +00:00
christos ab87f51e55 PR/53837: Michael Scholz: src/bin/csh/func.c from current has a superfluous
fprintf
2019-01-06 01:22:50 +00:00
christos afec7330e3 put back x in xrealloc 2019-01-05 16:56:25 +00:00
christos 1767ce60a2 Welcome to the 21th century csh: retire "ptr_t" now that we have "void *" 2019-01-05 16:54:00 +00:00
maya bd073e6366 Remove Free, s/xfree/free/.
Standard C says that free should be a no-op for a NULL pointer, so
we don't need an extra function to do this.

While here, add an XXX about a wrong sounding comment
2019-01-05 10:51:06 +00:00
maya e814216d15 Unifdef compatibility for broken realloc.
No binary change
2019-01-04 19:13:58 +00:00
gutteridge 6326f9f26c Clarify a sentence about the error handling of cp(1)'s -p option.
Addresses PR bin/40336.
2018-12-23 01:29:23 +00:00
kre af2cfdd7cf Reverse a decision made when the printsignals() routines from
kill and sh were merged so that the shell (for trap -l) and
kill (for kill -l) can use the same routine, and site that function
in the shell, rather than in kill (use the code that is in kill as
the basis for that routine).   This allows access to sh internals,
and in particular to the posix option, so the builtin kill can
operate in posix mode where the standard requires just a single
character (space of newline) between successive signal names (and
we prefer nicely aligned columns instead)..

In a SMALL shell, use the ancient sh printsignals routine instead,
it is smaller (and very much dumber).

/bin/kill still uses the routine that is in its source, and is
not posix compliant.   A task for some other day...
2018-12-12 20:22:43 +00:00
kre 0e129c91e0 More fixes for the SYNPOSIS of the readonly built-in.
The SYNOPSIS for "readonly -q" cannot have the -q be
optional ...   Also harmonise the output appearance with
that of the export command.

wiz: have at it...
2018-12-12 12:56:17 +00:00
kre 80657b2503 Fix Oo Op Oc syntax error (which seemed to work OK to me....)
Pointed out by wiz@
2018-12-12 12:30:59 +00:00
kre 95f39b9c19 The time has come, the Walrus said... (but no shoes,
ships, or sealing wax required).   No oysters either.

I have not taken the Magical Mystery Tour, but I
say it anyway...
2018-12-12 12:16:42 +00:00
kre 150d8297c3 Implement:
readonly -q VAR...
	readonly -p VAR...
	export -q [-x] VAR...
	export -p [-x] VAR...

all available only in !SMALL shells - and while here, limit
"export -x" to full sized shells as well.

Also, do a better job of arg checking and validating of the
export and readonly commands (which is really just one built-in)
and of issuing error messages when something bogus is detected.

Since these commands are special builtin commands, any error
causes shell exit (for non-interactive shells).
2018-12-12 11:51:33 +00:00
kre 64c9a713d8 Fix a botch made in 1.70 (a bit over a week ago) where
var=foo; readonly var=new
now fails.

If var was already set, an attempt to make it readonly, and assign it
a new value at the same time, failed - the readonly flag was set too soon.

Pointed out by Martijn Dekker (thanks).

Also, while here, add a couple of comments.
2018-12-12 07:56:57 +00:00
kre e3847ee4a9 PR standards/42829
Implement parameter and arithmetic expansion of $ENV
before using it as the name of a file from which to
read startup commands for the shell.   This continues
to happen for all interactive shells, and non-interactive
shells for which the posix option is not set (-o posix).

On any actual error, or if an attempt is made to use
command substitution, then the value of ENV is used
unchanged as the file name.

The expansion complies with POSIX XCU 2.5.3, though that
only requires parameter expansion - arithmetic expansion
is an extension (but for us, it is much easier to do, than
not to do, and it allows some weird stuff, if you're so
inclined....)   Note that there is no ~ expansion (use $HOME).
2018-12-11 13:31:20 +00:00
christos eb31074ab5 comment out unused. 2018-12-09 17:33:38 +00:00
kre 78cb4ed28f evert previous, linux build problem confirmed fixed by
update to mkinit.sh (to 1.10).

Or more correctly, revert & fix - turns out that there was an off by one
(failure to adjust for other changes -- in a value printed by debug mode
trace output).

NFC.
2018-12-05 22:25:38 +00:00
kre 02e7608416 Use printf, rather than echo (via echo redefined as a function that
uses printf for simplicity).

This script runs using the build host's shell, and echo, and so must
deal with all of the absurdity that different versions of echo dumb
upon us.

This is the underlying cause of the linux build failure that gson@ reported.
2018-12-05 09:20:18 +00:00
kre 24e0ca1d07 NFC (except that it should, I am guessing, fix compilation on
some versions of liux) - DEBUG mode change:  Delete a (relatively new)
trace point (temporarily anyway) which mkinit (a script run using the
host's /bin/sh) apparently cannot handle correctly on (some release of)
linux (it is fine with the NetBSD shell).

I don't know which linux version has a shell with this problem
(or whether it is a mkinit issue that only works by fluke on NetBSD)

Problem reported by gson@
2018-12-05 03:14:28 +00:00
kre 370f00cafc Alter a design botch when magic (self modifying) variables
were added to sh ... in other shells, setting such a variable
(for most of them) causes it to lose its special properties,
and act the same as any other variable.   I had assumed that
was just implementor laziness...   I was wrong.

From now on the NetBSD shell will act like the others, and if vars
like HOSTNAME (and SECONDS, etc) are used as variables in a script
or whatever, they will act just like normal variables (and unless
this happens when they have been made local, or as a variable-assignment
as a prefix to a command, the special properties they would have had
otherwise are lost for the remainder of the life of the (sub-)shell
in which the variables were set).

Importing a value from the environment counts as setting the
value for this purpose (so if HOSTNAME is set in the environment,
the value there will be the value $HOSTNAME expands to).

The two exceptions to this are LINENO and RANDOM.   RANDOM
needs to be able to be set to (re-)set its seed.  LINENO needs to
be able to be set (at least in the "local" command) to achieve
the desired functionality.   It is unlikely that any (sane) script
is going to want to use those two as normal vars however.

While here, fix a minor bug in popping local vars (fn return) that need
to notify the shell of changes in value (like PATH).

Change sh(1) to reflect this alteration.  Also add doc of the
(forgotten) magic var EUSER (which has been there since the others
were added), and add a few more vars (which are documented
in other places in sh(1) - like ENV) into the defined or used
variable list (as well as wherever else they appear).

XXX pullup -8
2018-12-04 14:03:30 +00:00
martin 75d47b0d94 Make pendingsigs forward declaration match the definition. 2018-12-03 10:53:29 +00:00
kre 13fc5c1bcd Cleanup traps a bit - attempt to handle weird uses in traps, such
as traps that issue break/continue/return to cause the loop/function
executing when the trap occurred to break/continue/return, and
generating the correct exit code from the shell including when a
signal is caught, but the trap handler for it exits.

All that from FreeBSD.

Also make
	T=$(trap)
work as it is supposed to (also trap -p).

For now this is handled by the same technique as $(jobs) - rather
than clearing the traps in subshells, just mark them invalid, and
then whenever they're invalid, clear them before executing anything
other than the special blessed "trap" command.   Eventually we will
handle these using non-subshell command substitution instead (not
creating a subshell environ when the commands in a command-sub alter
nothing in the environment).
2018-12-03 06:43:19 +00:00
kre 522d163154 Fix "export -x" (and its consequences) to behave as originally
intended (and as documented) rather than how it has been behaving
(which was not very rational.)   Since it is unlikely that anyone
is using this, the change should be mostly invisible.

While here, a couple of other minor cleanups:
	. One call of geteuid() is enough in choose_ps1()
	. Fix a typo in a comment
	. Improve appearance (whitspace changes) in find_var()
2018-12-03 06:42:25 +00:00
kre c9f333ad14 Yet another foray into the mysterious world of $@ -- this time
to fix the (unusual) idiom "${1+$@}"  (the quotes are part of it).
This seems to have broken about 5 or 6 years ago (somewhere
between -6 and -7), I believe.

Note this is not the same as "$@" and also not the same as ${1+"$@"}
(much more common idioms) which both worked.

Also attempt to deal with "" more correctly, especially when it
appears adjacent to "$@" (or one of the similar constructs.)

This stuff is still all as ugly and hackish (and fragile) as is
possible to imagine, but in an effort to allow some of the weirdness
to eventually go away, the parser output has been made more
regular and all quoted (parts of) words always now start with
CTLQUOTEMARK and end with CTLQUOTEEND regardless of where the
quotes appear.

This allows us to tell the difference between """$@" and "$@"
which was impossible before - yet they are required to generate
different output when there are no args (when "$@" simply vanishes).

Needless to say that change had ramifications all over the place.
To simplify any similar change in the future, there are some new
macros that can generally be used to detect the "noise" data when
processing words, rather than open coding that every time (which
meant that there would *always* be one which missed getting
updated...)

Several other bugs (of my making, and older ones) are also fixed.

The aim is that (aside from anything that is detecting the cases
that were broken before - which were all unlikely uses of sh
syntax) these changes should have no external visible impact.

Sure...
2018-12-03 06:41:30 +00:00
kre 021ba5091c Revamp aliases - as dumb an idea as they are, if we're going
to have them, they should work as documented, not cause core
dumps, reference after free, incorrect replacements, failing
to implement alias after alias, ...

The big comment that ended:
	  This is a good idea ------- ***NOT***
and the hack it was describing are gone.

Note that most of this was from original CVS version 1.1
code (ie: came from the original import, even before 4.4-Lite
was merged.   That is, May 1994.  And no-one in 24.5 years
noticed (or at least complained about)  all the bugs (or at
least, most of them)).

With these changes, aliases ought to work (if you can call it
that) as they are expected to by POSIX.   Now if only we could
get POSIX to delete them (or make them optional)...

Changes partly inspired by similar changes made by FreeBSD,
(as was the previous change to alias.c, forgot ack in commit
log for that one, apologies) but done a little differently,
and perhaps with a slightly better outcome.
2018-12-03 06:40:26 +00:00
kre 7f63ac72c5 When forking a child shell, arrange for errors/exit to always unwind
to the main handler, rather than wherever the parent shell would go.

nb: not needed for vfork(), after vfork() we never go that path - which
is good or we'd be corrupting the parent's handler.

This allows the child to always exit (when it should) rather than being
caught up doing something else (and while it would eventually exit, the
status would be incorrect in some cases).

One test is:
	sh -c 'trap "(! :) && echo BUG || echo nobug" EXIT'
from Martijn Dekker

Fix from FreeBSD (missed earlier).

XXX - 2b part of the 48875 pullup to -8
2018-12-03 02:38:30 +00:00
kre 154c1ed72b Fix the worst of the bugs in alias processing. This has been in sh
since this code was first imported (May 1994) (ie: before 4.4-Lite)

There is (much) more coming soon (the big ugly comment is going away).

This one has been separated out, as it can easily cause sh
core dumps, so needs:

XXX pullup-8

(the other changes to aliases probably will not get that.)
2018-12-02 10:27:58 +00:00
kre 17e8cd6768 Rename the internal function "makename" to "makeword" to better reflect
what it actually does (makearg would have been an alternative).
While here, notice the one remaining place where it should have been
used, but was left open coded, and consume that one.

NFCI.
2018-12-01 07:02:23 +00:00
kre ae1a47886f NFC. Need a grain of const 2018-12-01 01:21:06 +00:00
kre c074191fdd NFC. KNF. return (x) -> return x 2018-12-01 01:20:05 +00:00
kre d02195817d It is not only the EXIT trap we need to check for when deciding no
fork is required, but any trap   (dumb mistake...)

XXX - include in 48875 pullup to -8
2018-11-30 23:22:45 +00:00
christos a4c163faee Add base-256 decoding support (Micha Gorny) 2018-11-30 00:53:11 +00:00
kamil e405eb35a7 Fix typo: O_ALTIO -> O_ALT_IO
Noted by @jbeich via GitHub.
2018-11-26 20:03:39 +00:00
kre d7fa5d2fb9 Make it be that an empty command is treated as a regular builtin
for the purposes of any redirects it might have -- ie: as posix
requires, make the redirects appear to have been executed in a subshell
environment, so if one fails, aside from a diagnositc msg, all the
running script sees is a command that failed ($? != 0), rather
that having the shell exit which used to happen (the empty command was
being treated as a special builtin).

Continue to treat the empty command as special for the purposes of
var assigns it might contain (those are not executed in a sub-shell
and persist) - an error there (eg: assigning to a readonly var) will
continue to cause the shell (non-interactive shell) to exit.

This makes the NetBSD shell behave like all other (reasonably modern)
shells - fix method (not the implementation, details differ) taken from
FreeBSD who fixed this back in early 2010.    Problem pointed out
in (non-list) mail by Martijn Dekker.
2018-11-26 13:47:39 +00:00
kre 00655d6c45 Fix the <> redirection operator, which has been broken since it was
first implemented in response to PR bin/4966  (PR Feb 1998, fix Feb 1999).

The file named should not be truncated.

No other shell truncates the file (<> was added to FreeBSD sh in Oct 2000,
and did not include O_TRUNC) and POSIX certainly does not suggest that
should happen (just that the file is to be created if it does not exist.)

Bug pointed out in off-list e-mail by Martijn Dekker
2018-11-23 23:41:20 +00:00
kre c43d5e9f9c Handle eval $'continue\ncommand' (and similar) in a loop correctly ...
"command" should not be executed.  (The issue affects multi-line
eval strings only - ie: commands after the next \n are not skipped).

Bug noted by Martijn Dekker in off-list e-mail.

Fix from FreeBSD:
src/bin/sh/eval.c: Revision 272983 Sun Oct 12 13:12:06 2014 UTC by jilles
2018-11-23 23:37:22 +00:00
kre 30bfb81c65 Avoid long option names that differ only in character case.
Change Xtrace (the name) to xlock instead.  Aside from the different
name, there is no change to functionality.
2018-11-23 20:40:06 +00:00
kre df073671e8 Rationalise (slightly) the way that expansions are processed
to hide meta-characters in the result when the expansion was
in (double) quotes, and so should not be further processed.

Most of this has been OK for a long while, but \ needs hiding
as well, which complicates things, as \ cannot simply be hidden
in the syntax tables as one of the group of random special characters.

This was fixed earlier for simple variable expansions, but
every variety has its own code path ($var uses different code
than $n which is different than $(...), which is different
again from ~ expansions, and also from what $'...' produces).

This could be fixed by moving them all to a common code path,
but that's harder than it seems.  The form in which the data
is made available differs, so one common routine would need
a whole bunch of different "get the next char or indicate end"
methods - probably via passing in an accessor function.
That's all a lot of churn, and would probably slow the shell.

Instead, just make macros for doing the standard tests, and
use those instead of open coding (differently) each time.
This way some of the code paths don't end up forgetting to
handle '\' (which is different than all the others).

This removes one optimisation ... when no escaping is needed
(like just $var (unquoted) where magic chars (think '*') in
the value are intended to remain magic), the code avoided doing
two tests for each char ("do we need escapes" and "is this char
one that needs escaping") by choosing two different syntax
tables (choice made outside the loop) - one of which never
returns the magic "needs escaping" result, and the other does
when appropriate, and then just avoiding the "do we need escapes"
test for each character processed.   Then when '\' was fixed,
there needed to be another test for it, as it cannot (for other
reasons) be the same as all the others for which "this char
need escaping" is true.   So that added a 2nd test for each char...
Not all the code paths were updated.   Hence the bugs...

nb: this is all rarely seen in the wild, so it is no big
surprised that no-one ever noticed.

Now the "use two different syntax tables" is gone (the two
returned the same for '\' which is why '\' needed special
processing) - and in order to avoid two tests for each
char (plus the \ test) we duplicate the loops, one of which
tests each char to see if it needs an escape, the 2nd just
copies them.   This should be faster in the "no escapes"
code path (though that is not the point) and perhaps also
in the "escapes needed" path (no indirect reference to
the syntax table - though that would probably be in a
register) but makes the code slightly bigger.  For /bin/sh
the text segment (on amd64) has grown by 48 bytes.  But
it still uses the same number of 512 byte pages (and hence
also any bigger page size).  The resulting file size
(/bin/sh) is identical before and after.  So is /rescue/sh
(or /rescue/anything-else).
2018-11-18 17:23:37 +00:00
kre 7ba0d30a60 PR bin/53712
Avoid crash from redirect on null compound command.
2018-11-09 02:11:04 +00:00
kre 375f4ceb14 Allow shells forked to run command substitutions while expanding
prompts to exit when they're done, rather than forcing them to
turn into interactive shells and start reading input ...

Completes a part of the previous changes (just 10+ weeks late...)

Should fix the prompt expansion issue reported by Caóc on
current-users.
2018-11-08 18:37:42 +00:00
kre 33a05de6b0 Switch from using two printsignals() functions, one in trap.c
and one in (the included from bin/kill) kill.c and use just
the one in kill.c (which is amended slightly so it can work
the way that trap.c needs it to work).    This one is chosen as
it was a much nicer implementation, and because while kill is
always built into the shell, kill also exists without the shell.

Leave the old implementation #if 0'd in trap.c (but updated to
match the calling convention of the one in kill.c) - for now.

Delete references of sys_signame[] from sh/trap.c and along with
that several uses of NSIG (unfortunately, there are still more)
and replace them with the newer libc functional interfaces.
2018-10-28 18:26:52 +00:00
kre 185226c2be Use strsignal() rather than direct reference to sys_siglist[]
(apart from being cleaner, it also simplifies the code, as
strsignal() never fails ... it also removes one reference to NSIG).
2018-10-28 18:16:01 +00:00
kre 7800af09a4 Change the (commented out) setting of -DDEBUG to the form that
is most likely to be useful if someone other than me wants to
build a DEBUG shell.   NFC (it is a comment in a Makefile!)
2018-10-28 18:13:47 +00:00
kre a7fa4685d3 Delete the old style (no longer used) DEBUG mode TRACE compat macro
definitions (just to avoid any temptation to ever use them again).

Update a comment which would make no sense without following the
preceding comment which is being deleted with the macros it describes.

While here, remove another comment that referred to events that have
long past as if they were still to come.   Also a grammatical comment
correction - paragraphs start with capital letters...

NFC (even with DEBUG defined).
2018-10-18 05:28:45 +00:00
kre bc7bc5b29e Remove a DEBUG mode transition mechanism (for the transition from
the ancient DEBUG TRACE() method, to the newer CTRACE() et. al.)
that turns out never really needed committing - the mechanism, and
the code that obsoleted it, were committed together (May 2017).
[It was useful to me while getting to that state...]

NFC.   Not even with DEBUG shells.
2018-10-18 04:44:27 +00:00
kre e5830c7775 Dynamically detect the way the shell matches \ in a pattern,
and use whatever works for the sh running this script.  Previously
we were using the (broken, and incorrect) method that worked in
old broken NetBSD sh's (and some others) and not the method that
works with the current (fixed) /bin/sh and other correct shells
(like bash).   (For an exotic reason, in the particular use case,
both methods work with ksh93, but it is also generally correct).

This hasn't really mattered, as the difference is only significant
(only causes actual issues - the build fails) when compiling with DEBUG
enabled, which is something that most sane humans would never do, if they
want to retain that sanity.

The problem was detected by Patrick Welche when looking for an
unrelated problem, which was once considered to be a possible sh
problem, but turned out to be something entirely different.

XXX pullup -8
2018-10-18 04:24:43 +00:00
kre 0db5b60ce4 When (about to) send the -x output for the end of a compound command
(which has redirects, and so is included in -x output) use the -x/+x
setting that existed when the comoound started, so if the state of
xtrace changes during the command we don't end up with just half of
the -x output (either the intro, or the conclusion, depending on
which way the change happened).   [this also happens to avoid a core
dump in the previous code, but that could have been done other ways,
this way actually simplifies things (less code)]
2018-10-09 02:43:41 +00:00
rillig 32c623ff75 When listing aliases, sort them alphabetically. 2018-10-07 23:17:52 +00:00
maxv a51b00c421 Don't display l_wchan, either there is something in l_wmesg and we display
it, or there's nothing and we print "-".
2018-09-19 15:20:39 +00:00
kre cf19d2f1a5 Begone unspecified test-a ... and be more obious what it was doing. 2018-09-16 22:31:30 +00:00
rillig a8fe3451b9 Fix "every" typo in quote from The Mythical Man-Month 2018-09-14 05:59:10 +00:00
kre feb6abd7ba A change in rev 1.91 interacted badly with the way that showjobs()
worked, preventing $(jobs) (and more usefully $(jobs -p) from
working.   Fix that.

XXX pullup -8
2018-09-13 22:12:35 +00:00
kre df8e475ae0 Allow SMALL (and TINY) builds of test (for SMALL/TINY builds of sh)
which support only the defined modes of operation of test, to allow
the version of sh on small install media be kept as small as possible.
2018-09-13 22:00:58 +00:00
kre ec9262987a PR standards/34646
Make test(1) always use the POSIX "number of args" evaluation rules
when they apply.

Only fall back to the old expression evaluation when there are more
than 4 args, or when the args given cannot work as a test expression
using the POSIX rules.  That is when the result is unspecified.

Also fix old bug where a string of whitespace is considered to be a
valid number (at least one digit is needed amongst it somewhere...)

XXX pullup -8
2018-09-12 23:33:31 +00:00
kre 3bdbd8da34 Whitespace cleanup from last update. NFC. 2018-09-11 03:30:40 +00:00
kre f53fd6e91f Change the way the pipefail option works. Now it is the setting of
the option when a pipeline is created that controls the way the exit
status of the pipeline is calculated.  Previously it was the state of
the option when the exit status of the pipeline was collected.

This makes no difference at all for foreground pipelines (there is
no way to change the option between starting and completing the
pipeline) but it does for asynchronous (background) pipelines.

This was always the right way to implement it - it was originally
done the other way as I could not find any other shell implemented
this way - they all seemed to do it our previous way, and I could
not see a good reason to be the sole different shell.

However, now I know that ksh93 works as we will now work, and I
am told that if the option is added to the FreeBSD shell (apparently
the code exists, uncommitted) it will be the same.
2018-09-04 23:16:30 +00:00
kre ee301070ed PR bin/38004
Save more characters of command in non-interactive jobs, in case of
core dumps and similar (16 effective chars was a few too little).

Arrange for number to increase if command buffer size increases.
2018-09-04 01:09:28 +00:00
wiz aa29c993fa Bump date for previous. 2018-09-01 07:26:56 +00:00
mlelstv c2909ab6c6 Make tape cache ioctls available to userland command. 2018-09-01 06:56:23 +00:00
sevan 3b26941a44 -G cannot be specified alongside -i or -P.
Heads up by <leot>
2018-08-26 23:34:52 +00:00
sevan 60a4b4b431 Update usage to include -w
Match sequence as per SYNOPSIS in manual
2018-08-26 23:01:06 +00:00
sevan 1f921aefc9 Add -l to SYNOPSIS 2018-08-26 22:52:34 +00:00
sevan 6fc63b1f88 Match SYNOPSIS with usage() 2018-08-26 22:25:37 +00:00
kre b92473bc91 PR bin/48875
Add a paragraph (briefer than previously posted to mailing lists)
to explain that there is no guarantee that the results of a command
substitution will be available before all commands started by the
cmdsub have completed.

Include the original proposed text (much longer) as *roff comments, so
it will at least be available to those who browse the man page sources.

While here, clean up the existing text about command substitutions to
make it a little more accurate (and to advise against using the `` form).
2018-08-25 17:35:31 +00:00
kre ce53a30d9a PR bin/53548
Deal with the new shell internal exit reason EXEXIT in the case of
a shell which has vfork()'d.   It takes a peculiar set of circumstances
to get into a situation where this is ever relevant, but it can be
done.   See the PR for details.
2018-08-25 02:42:49 +00:00
kre 70696c0161 Fix (hopefully) the problem reported on current-users by Patrick Welche.
we had incorrect usage of setstackmark()/popstackmark()

There was an ancient idiom (imported from CSRG in 1993) where code
can do:
	setstackmark(&smark); loop until whatever condition {
		/* do lots of code */ popstackmark(&smark);
	} popstackmark(&smark);

The 1st (inner) popstackmark() resets the stack, conserving memory,
The 2nd one is needed just in case the "whatever condition" was never
true, and the first one was never executed.

This is (was) safe as all popstackmark() did was reset the stack.
That could be done over and over again with no harm.

That is, until 2000 when a fix from FreeBSD for another problem was
imported.  That connected all the stack marks as a list (so they can be
located).  That caused the problem, as the idiom was not changed, now
there is this list of marks, and popstackmark() was removing an entry.

It rarely (never?) caused any problems as the idiom was rarely used
(the shell used to do loops like above, mostly, without the inner
popstackmark()).  Further, the stack mark list is only ever used when
a memory block is realloc'd.

That is, until last weekend - with the recent set of changes.

Part of that copied code from FreeBSD introduced the idiom above
into more functions - functions used much more, and with a greater
possibility of stack marks being set on blocks that are realloc'd
and so cause the problem.   In the FreeBSD code, they changed the idiom,
and always do a setstackmark() immediately after the inner popstackmark().
But not for reasons related to a list of stack marks, as in the
intervening period, FreeBSD deleted that, but for another reason.

We do not have their issue, and I did not believe that their
updated idiom was needed (I did some analysis of exactly this issue -
just missed the important part!), and just continued using the old one.
Hence Patrick's core dump....

The solution used here is to split popstackmark() into 2 halves,
popstackmark() continues to do what it has (recently) done,
but is now implemented as a call of (a new func) rststackmark()
which does all the original work of popstackmark - but not removing
the entry from the stack mark list (which remains in popstackmark()).
Then in the idiom above, the inner popstackmark() turns into a call of
rststackmark() so the stack is reset, but the stack mark list is
unchanged.  Tail recursion elimination makes this essentially free.
2018-08-22 20:08:54 +00:00
kre 8a9a96192a PR bin/48875 (is related, and ameliorated, but not exactly "fixed")
Import a whole set of tree evaluation enhancements from FreeBSD.

With these, before forking, the shell predicts (often) when all it will
have to do after forking (in the parent) is wait for the child and then
exit with the status from the child, and in such a case simply does not
fork, but rather allows the child to take over the parent's role.

This turns out to handle the particular test case from PR bin/48875 in
such a way that it works as hoped, rather than as it did (the delay there
was caused by an extra copy of the shell hanging around waiting for the
background child to complete ... and keeping the command substitution
stdout open, so the "real" parent had to wait in case more output appeared).

As part of doing this, redirection processing for compound commands gets
moved out of evalsubshell() and into a new evalredir(), which allows us
to properly handle errors occurring while performing those redirects,
and not mishandle (as in simply forget) fd's which had been moved out
of the way temporarily.

evaltree() has its degree of recursion reduced by making it loop to
handle the subsequent operation: that is instead of (for any binop
like ';' '&&' (etc)) where it used to
	evaltree(node->left);
	evaltree(node->right);
	return;
it now does (kind of)
	next = node;
	while ((node = next) != NULL) {
		next = NULL;

		if (node is a binary op) {
			evaltree(node->left);
			if appropriate /* if && test for success, etc */
				next = node->right;
			continue;
		}
		/* similar for loops, etc */
	}
which can be a good saving, as while the left side (now) tends to be
(usually) a simple (or simpleish) command, the right side can be many
commands (in a command sequence like a; b; c; d; ...  the node at the
top of the tree will now have "a" as its left node, and the tree for
b; c; d; ... as its right node - until now everything was evaluated
recursively so it made no difference, and the tree was constructed
the other way).

if/while/... statements are done similarly, recurse to evaluate the
condition, then if the (or one of the) body parts is to be evaluated,
set next to that, and loop (previously it recursed).

There is more to do in this area (particularly in the way that case
statements are processed - we can avoid recursion there as well) but
that can wait for another day.

While doing all of this we keep much better track of when the shell is
just going to exit once the current tree is evaluated (with a new
predicate at_eof() to tell us that we have, for sure, reached the end
of the input stream, that is, this shell will, for certain, not be reading
more command input) and use that info to avoid unneeded forks.   For that
we also need another new predicate (have_traps()) to determine of there
are any caught traps which might occur - if there are, we need to remain
to (potentially) handle them, so these optimisations will not occur (to
make the issue in PR 48875 appear again, run the same code, but with a
trap set to execute some code when a signal (or EXIT) occurs - note that
the trap must be set in the appropriate level of sub-shell to have this
effect, any caught traps are cleared in a subshell whenever one is created).

There is still work to be done to handle traps properly, whatever
weirdness they do (some of which is related to some of this.)

These changes do not need man page updates, but 48875 does - an update
to sh.1 will be forthcoming once it is decided what it should say...

Once again, all the heavy lifting for this set of changes comes directly
(with thanks) from the FreeBSD shell.

XXX pullup-8 (but not very soon)
2018-08-19 23:50:27 +00:00
kre 120267c338 PR bin/48875
Revert the changes that were made 19 May 2016 (principally eval.c 1.125)
and the bug fixes in subsequent days (eval.c 1.126 and 1.127) and also
update some newer code that was added more recently which acted in
accordance with those changes (make that code be as it would have been
if the changes now being reverted had never been made).

While the changes made did solve the problem, in a sense, they were
never correct (see the PR for some discussion) and it had always been
intended that they be reverted.   However, in practical sh code, no
issues were reported - until just recently - so nothing was done,
until now...

After this commit, the validate_fn_redirects test case of the sh ATF
test t_redir will fail.   In particular, the subtest of that test
case which is described in the source (of the test) as:
	This one is the real test for PR bin/48875
will fail.

Alternative changes, not to "fix" the problem in the PR, but to
often avoid it will be coming very soon - after which that ATF
test will succeed again.

XXX pullup-8
2018-08-19 11:16:13 +00:00
kre 3a41fe18d0 NFC: DEBUG mode only change. When tracing, show >&- as ">&-"
rather than ">&-1" (the same op as >&n where internally n < 0
means "close")
2018-08-19 10:47:45 +00:00
kre 5f8ba934de In the older debug code (not using the new macros added in the
previous rev) the two values (node name, and node number) were
arbitrarily printed in different formats and orders (depending
upon my mood at the time I guess...)   The new macros will standardise
that usage (in the debug output) once some use of them actually begins.

When the macros were added, I arbitrarily copied the format of one
use I was looking at at that instant (the one which inspired the change),
but after gazing at DEBUG mode output over the intervening time, I
have concluded that I did not pick the easiest to read/follow format.

So, even before they are used, change the style...    Also, conform
to standard PRIxxxx macro style by omitting the leading '%'.

NFC (since they aren't used at all, anywhere, yet, not even the
possibility of anything changing!)
2018-08-18 03:09:37 +00:00
kre ac2f5f225c NFC - a build structure code layout change only.
This generates nodenames.h which is a file that used to begin
	#ifdef DEBUG
(line 1) and end with
	#endif
(last line) with no intervening (matching) #else ... ie: for DEBUG use only.

That led to situations where non-debug code would like to make use
of the info provided, if DEBUG was enabled, needed to add #ifdef DEBUG
at the point of use.

Avoid that by providing new macros that are always defined (DEBUG or not,
so now we have a #else) which allow code to be written to make use of
the extra DEBUG info, if it is available, or not, if not.

While here, add double-include protection on the generated .h file
(just being cautious - nothing is ever going to cause it to get
included anywhere twice - or it shouldn't) and add the traditional
comments on the #else and #endif stuff (which is also really useless
as no-one is really expected to ever read the generated file).  Never mind.

Nothing yet (elsewhere in the sh source) uses the new macros, so there's
even less chance of this changing anything than there would otherwise be.
2018-08-16 15:02:05 +00:00
kre 16ccf0eeff PR bin/42184 PR bin/52687 (detailing the same bug).
Fix "command not found" handling so that the error message
goes to stderr (after any redirections are applied).

More importantly, in

	foo > /tmp/junk

/tmp/junk should be created, before any attempt is made
to execute (the assumed non-existing) "foo".

All this was always true for any command (not found command)
containing a / in its name

	foo/bar >/tmp/junk  2>>/tmp/errs

would have created /tmp/junk, then complained (in /tmp/errs)
about foo/bar not being found.   Now that happens for ordinary
commands as well.

The fix (which I found when I saw differences between our
code and FreeBSD's, where, for the benefit of PR 42184,
this has been fixed, sometime in the past 9 years) is
frighteningly simple.   Simply do not short circuit execution
(or print any error) when the initial lookup fails to
find the command - it will fail anyway when we actually
try running it.   The cost is a (seemingly unnecessary,
except that it really is) fork in this case.

This is what I had been planning, but I expected it would
be much more difficult than it turned out....

XXX pullup-8
2018-08-14 13:36:42 +00:00
kre ab6821e070 NFC: DEBUG (compile time) mode only change:
Add some extra redirection (fd manipulation) tracing.
While here, some white space fixes, and very minor KNF.
2018-08-13 22:13:02 +00:00
kre e2f17f9a72 Fix several bugs in the command / type builtin ( including PR bin/48499 )
1. Make command -pv (and -pV) work (which is not as easy as the PR
   suggests it might be (the "check and cause error" was there because
   it did not work, not in order to prevent it from working).

2. Stop -v and -V being both used (that makes no sense).

3. Stop the "type" builtin inheriting the args (-pvV) that "command" has
   (which it did, as when -v -or -V is used with command, it and type are
    implemented using the same code).

4. make "command -v word" DTRT for sh keywords (was treating them as an error).

5. Require at least one arg for "command -[vV]" or "type" else usage & error.
   Strictly this should also apply to "command" and "command -p" (no -v)
   but that's handled elsewhere, so perhaps some other time.   Perhaps
   "command -v" (and -V) should be limited to 1 command name (where "type"
   can have many) as in the POSIX definitions, but I don't think that matters.

6. With "command -V alias", (or "type alias" which is the same thing),
   (but not "command -v alias") alter the output format, so we get
	ll is an alias for: ls -al
   instead of the old
	ll is an alias for
	ls -al
   (and note there was a space, for some reason, after "for")

   That is, unless the alias value contains any \n characters, in which
   case (something approximating) the old multi-line format is retained.
   Also note: that if code wants to parse/use the value of an alias, it
   should be using the output of "alias name", not command or type.

Note that none of the above affects "command [-p] cmd" (no -v or -V options)
only "command -[vV]" and "type".

Note also that the changes to eval.[ch] are merely to make syspath()
visible in exec.c rather than static in eval.c
2018-07-25 14:42:50 +00:00
kre 14482abc9a Part 2 of pattern matching (glob etc) fixes.
Attempt to correctly deal with \ (both when it is a literal,
in appropriate cases, and when it appears as CTLESC when it was
detected as a quoting character during parsing).

In a pattern, in sh, no quoted character can ever be anything other
than a literal character.   This is quite different than regular
expressions, and even different than other uses of glob matching,
where shell quoting is not an issue.

In something like

	ls ?\*.c

the ? is a meta-character, the * is a literal (it was quoted).  This
is nothing new, sh has handled that properly for ever.

But the same happens with
	VAR='?\*.c'
and
	ls $VAR

which has not always been handled correctly.   Of course, in

	ls "$VAR"

nothing in VAR is a meta-character (the entire expansion is quoted)
so even the '\' must match literally (or more accurately, no matching
happens - VAR simply contains an "unusual" filename).  But if it had
been

	ls *"$VAR"

then we would be looking for filenames that end with the literal 5
characters that make up $VAR.

The same kinds of things are requires of matching patterns in case
statements, and sub-strings with the % and # operators in variable
expansions.

While here, the final remnant of the ancient !! pattern matching
hack has been removed (the code that actually implemented it was
long gone, but one small piece remained, not doing any real harm,
but potentially wasting time - if someone gave a pattern which would
once have invoked that hack.)
2018-07-22 23:07:48 +00:00
kre d211c89f40 NFC: Whitespace cleanups 2018-07-22 21:16:58 +00:00
kre ee4a694a18 PR bin/36532 (perhaps)
This is more or less the same patch as provided in the PR
(just 11 years later, so changed a bit) by woods@...

Since there is no known way to actually cause the reported crash,
we may never know if this change actually fixes anything.   But
even if it doesn't it certainly cannot hurt.

There is a potential race which could possibly explain the issue
(see commentary in the PR) which is not easy to avoid - if that is
the actual cause, this should provide a defence, if not really a fix.
2018-07-22 20:43:58 +00:00
kre 144cb20913 Revert previous, change has nothing to do with DEBUG mode.
COming again (correctly) in a few seconds.
2018-07-22 20:42:50 +00:00
kre bcacfd9a45 DEBUG mode only change (ie: no effect to any normal shell).
Add tracing of pattern matching (aid in debugging various issues.)
2018-07-22 20:38:06 +00:00
kre e442a1a054 Minor cleanups to growstackblock(). This should really change
nothing that matters, but might be slightly more robust/complete.
2018-07-22 20:37:57 +00:00
kre 57731ef9bb NFC: better protect the INTON (etc) macros ( do { } while(0) )
This is just a kind of precaution, none of the uses actually
require the extra protection.
2018-07-22 20:37:52 +00:00
kre c83568a7dc First pass at fixing some of the more arcane pattern matching
possibilities that we do not currently handle all that well.

This mostly means (for now) making sure that quoted pattern
magic characters (as well as quoted sh syntax magic chars)
are properly marked, so they remain known as being quoted,
and do not turn into pattern magic.   Also, make sure that an
unquoted \ in a pattern always quotes whatever comes next
(which, unlike in regular expressions, includes inside []
matches),
2018-07-20 22:47:26 +00:00
darcy 22057652ff Re-order the code to short circuit all the opens and closes if linking.
Discussed on tech-userlevel and agreed to by christos@.
Testing suggests an order of magnitude improvement when linking.
2018-07-17 13:04:58 +00:00
kre c6c29888c4 Remove atoi()
Mostly use number() (no longer implemented using atoi()) when an
unsigned integer is required, but use strtoXXX() when a conversion
is wanted, without the possibility or error (like setting OPTIND
and RANDOM).   Always init OPTIND to 1 when sh starts (overriding
anything in environ.)
2018-07-13 22:43:44 +00:00
kamil 2597218cc4 Add a missing check to handle correctly 0 * 0 in expr(1) 2018-06-27 17:23:36 +00:00
kamil 2b5da4d00d Improve the * operator handling in expr(1)
Fixes overflow detection in expressions INT * -UINT.

Detected with libFuzzer & UBSan.
2018-06-27 17:12:49 +00:00
kre b81009ce62 When processing character classes ([:xxx:] inside []), treat a class name
that is longer than we can handle the same way we treat an unknown
class name (as a valid char class which contains nothing, so never
matches).   Previously a "too long" class name invalidated the
class, so [:very-long-name:] would match any of  '[' ':' 'v'  ...
(note: "very-long-name" is not long enough to trigger this, but you
get the idea!)

However, the name itself has a restricted syntax ([[:***:]] is not a
character class, it is a match for one of a '[' ':' or '*', followed by
a ']') which we did not implement - check the syntax of the name before
treating it as a character class (but we do add '_' to alphanumerics
as legal class name characters).
2018-06-22 18:19:41 +00:00
kre 829cc62a58 When matching a char class ([[:name:]]) in a pattern (for filename
expansion, case patterrns, etc) do not force '[' to be a member of
every class.

Before this fix, try:
	case [ in [[:alpha:]]) echo Huh\?;; esac

XXX pullup-8    (Perhaps -7 as well, though that shell version has
much more relevant bugs than this one.)  This bug is not in -6 as
that has no charclass support.
2018-06-22 17:22:34 +00:00
kre c7c0722af5 Deal with ref after free found by ASAN when a function redefines
itself, or some other function which is still active.
This was a long known bug (fixed ages ago in the FreeBSD sh) which
hadn't been fixed as in practice, the situation that causes the
problem simply doesn't arise .. ASAN found it in the sh dotcmd
tests which do have this odd "feature" in the way they are written
(but where it never caused a problem, as the tests are so simple
that no mem is ever allocated between when the old version of the
function was deleted, and when it finished executing, so its code
all remained intact, despite having been freed.)

The fix is taken from the FreeBSD sh.

XXX -- pullup-8 (after a while to ensure no other problems arise).
2018-06-22 11:04:55 +00:00
christos 8adf28c539 Prevent shell execution also in the 'r ! dobad' case, pointed out by
Martijn van Duren, thanks!

XXX: pullup-8
2018-06-18 14:56:24 +00:00
kre 765ad10c6a NFC: correct typo in a comment. 2018-06-17 17:19:06 +00:00
christos 3ae7054da4 remove notreached 2018-06-14 02:46:56 +00:00
christos 721572cdb2 return to caller instead of exit(2) 2018-06-14 02:44:16 +00:00
kamil 2537a420e6 Detect properly overflow in expr(1) for 0 + INT 2018-06-13 17:35:15 +00:00
christos 448c6863b6 PR/53362: Thomas Barabosch: Use strlcpy() to prevent theoretical buffer
overflow.
2018-06-13 15:14:40 +00:00
kamil 7806b47917 Rework perform_arith_op() in expr(1) to omit Undefined Behavior
The current implementation of operations - + * / % could cause Undefined
Behavior and in narrow cases (INT64_MIN / -1 and INT64_MIN % -1) SIGFPE
and crash duping core.

Detected with MKSANITIZER enabled for the Undefined Behavior variation:
# eval expr '4611686018427387904 + 4611686018427387904'
/public/src.git/bin/expr/expr.y:315:12: runtime error: signed integer overflow: 4611686018427387904 + 4611686018427387904 cannot be represented in type 'long'

All bin/t_expr ATF tests pass now in a sanitized userland.

Sponsored by <The NetBSD Foundation>
2018-06-12 18:12:18 +00:00
kamil d6d5f49c60 Change typ of tilde_ok from int to unsigned int in ksh(1)
UBSan can detect that during switching a login to root there is unportable
left shift operation:

$ su -
Password:
/public/src.git/bin/ksh/eval.c:598:13: runtime error: left shift of 1073741824 by 1 places cannot be represented in type 'int'
#

Sponsored by <The NetBSD Foundation>
2018-06-12 14:13:55 +00:00
christos 2357fc5dd5 use SUBDIR.roff suggested by uwe@ 2018-06-10 17:55:11 +00:00
kamil b9cf72ac86 ksh: Remove symbol clash with libc
Rename local function glob() to ksh_glob().
This is needed for installing interceptors in sanitizers.

Sponsored by <The NetBSD Foundation>
2018-06-03 16:09:31 +00:00
kamil 3eb9a6b77e ksh: Remove symbol clash with libc
Rename local function twalk() to ksh_twak().
This is needed for installing interceptors in sanitizers.

Sponsored by <The NetBSD Foundation>
2018-06-03 12:18:29 +00:00
kamil 0f2b5450fb Stop using the register keyword in ksh(1)
ksh also does some strange things with it, like put it in argument lists.

No functional change intended.

PR bin/53237 ksh: remove register keyword by Nia Alarie
2018-05-08 16:37:59 +00:00
wiz b105f2c163 Remove Pps without effect. 2018-05-03 05:11:43 +00:00
kre 5cf0b51195 Simplify convoluted language, and remove incorrect statement
(that I added a while ago) about what is required by POSIX.
2018-05-03 00:32:11 +00:00
pgoyette d54998bbfe Minor grammatical correction (don't end a sentence/phrase with a
preposition).
2018-05-02 21:43:38 +00:00
kre e76b58b2db In uses like $(( var )) (un-dollared vars in arithmetic) we allow
leading whitespace in the value of var (because strtoimax() does)
but did not allow trailing whitespace.   The effect is that some
cases where $(( ${var:-0} )) would work do not work without the $
expansion.

Fix that - allow trailing whitespace.   However, continue to insist
upon at least one digit (a non-null var that contains nothing but
whitespace is still an error).

Note: posix is not helpful here, it simply requires that the variable
contain "a value that forms a valid integer constant" (with an optional
+ or - sign).
2018-04-21 23:01:29 +00:00
kre d6d059edc2 PR bin/53201
Don't synerr on
	${var-anything
	more}

The newline in the middle of the var expansion is permitted.

Bug reported by Martijn Dekker from his modernish tests.

XXX pullup-8
2018-04-21 21:32:14 +00:00
christos ea7b28924d kvm_geterr() already contains errno, use errx. 2018-04-11 18:52:29 +00:00
christos b02b35c97e use EXIT_FAILURE instead of 1 2018-04-11 18:52:05 +00:00
wiz 883cee82b3 Sort option descripts, fix markups, fix typos. 2018-04-09 06:57:01 +00:00
wiz 051f873718 New sentence, new line. Sort SEE ALSO. Remove Xr to non-existing man page. 2018-04-09 06:54:47 +00:00