nvdisc.c: Fix crash after an error or signal in discipline function (#356)

This patch fixes the crashes experienced when a discipline function exited because of a signal or an error from a special builtin. The crashes were caused by ksh entering an inconsistent state after performing a longjmp away from the assign() and lookup() functions in nvdisc.c. Fixing the crash requires entering a new context, then setting a nonlocal goto with sigsetjmp(3). Any longjmps that happen while running the discipline function will go back to assign/lookup, allowing ksh to do a proper cleanup afterwards. Resolves: https://github.com/ksh93/ksh/issues/346
2025-02-13 11:42:21 +00:00 · 2021-12-01 20:43:41 -08:00 · 2021-12-01 20:43:41 -08:00 · 0a343244c1
commit 0a343244c1
parent 520f530198
3 changed files with 21 additions and 5 deletions
--- a/6
+++ b/6
@ -3,6 +3,12 @@ For full details, see the git log at: https://github.com/ksh93/ksh

 Any uppercase BUG_* names are modernish shell bug IDs.

+2021-12-01:
+
+- Fixed a memory fault that occurred when a discipline function exited
+  with an error from a special builtin or when a discipline function exited
+  because of a signal.
+
 2021-11-29:

 - Fixed a memory fault that prevented ksh from functioning on ARM-based Macs.
--- a/src/cmd/ksh93/include/version.h
+++ b/src/cmd/ksh93/include/version.h
@ -21,7 +21,7 @@

 #define SH_RELEASE_FORK	"93u+m"		/* only change if you develop a new ksh93 fork */
 #define SH_RELEASE_SVER	"1.0.0-beta.2"	/* semantic version number: https://semver.org */
-#define SH_RELEASE_DATE	"2021-11-29"	/* must be in this format for $((.sh.version)) */
+#define SH_RELEASE_DATE	"2021-12-01"	/* must be in this format for $((.sh.version)) */
 #define SH_RELEASE_CPYR	"(c) 2020-2021 Contributors to ksh " SH_RELEASE_FORK

 /* Scripts sometimes field-split ${.sh.version}, so don't change amount of whitespace. */
--- a/src/cmd/ksh93/sh/nvdisc.c
+++ b/src/cmd/ksh93/sh/nvdisc.c
@ -283,11 +283,16 @@ static void	assign(Namval_t *np,const char* val,int flags,Namfun_t *handle)
 		nq =  vp->disc[type=UNASSIGN];
 	if(nq && !isblocked(bp,type))
 	{
-		int bflag=0, savexit=sh.savexit;
+		int bflag=0, savexit=sh.savexit, jmpval=0;
+		struct checkpt buff;
 		block(bp,type);
 		if (type==APPEND && (bflag= !isblocked(bp,LOOKUPS)))
 			block(bp,LOOKUPS);
-		sh_fun(nq,np,(char**)0);
+		sh_pushcontext(&sh,&buff,1);
+		jmpval = sigsetjmp(buff.buff,0);
+		if(!jmpval)
+			sh_fun(nq,np,(char**)0);
+		sh_popcontext(&sh,&buff);
 		unblock(bp,type);
 		if(bflag)
 			unblock(bp,LOOKUPS);
@ -376,7 +381,8 @@ static char*	lookup(Namval_t *np, int type, Sfdouble_t *dp,Namfun_t *handle)
 	union Value		*up = np->nvalue.up;
 	if(nq && !isblocked(bp,type))
 	{
-		int		savexit = sh.savexit;
+		int		savexit = sh.savexit, jmpval = 0;
+		struct checkpt	buff;
 		node = *SH_VALNOD;
 		if(!nv_isnull(SH_VALNOD))
 		{
@ -389,7 +395,11 @@ static char*	lookup(Namval_t *np, int type, Sfdouble_t *dp,Namfun_t *handle)
 			nv_setsize(SH_VALNOD,10);
 		}
 		block(bp,type);
-		sh_fun(nq,np,(char**)0);
+		sh_pushcontext(&sh,&buff,1);
+		jmpval = sigsetjmp(buff.buff,0);
+		if(!jmpval)
+			sh_fun(nq,np,(char**)0);
+		sh_popcontext(&sh,&buff);
 		unblock(bp,type);
 		if(!vp->disc[type])
 			chktfree(np,vp);