external/cde
1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-03-09 15:50:02 +00:00
Code Issues Releases Wiki Activity

Hardening of readonly variables (#239)

Browse source 
Ksh currently restricts readonly scalar variables from having their
values directly changed via a value assignment. However, since ksh
allows variable attributes to be altered, the variable's value can
be indirectly altered. For instance, if TMOUT=900 (for a 15 minute
idle timeout) was set to readonly, all that is needed to alter the
value of TMOUT from 900 to 0 is to issue 'typeset -R1 TMOUT',
perhaps followed by a 'typeset -i TMOUT' to turn off the shell's
timeout value.

In addition, there are problems with arrays. The following is
incorrectly allowed:

        typeset -a arr=((a b c) 1)
        readonly arr
        arr[0][1]=d

        arr=(alphas=(a b c);name=x)
        readonly arr.alphas
        arr.alphas[1]=([b]=5)

        arr=(alphas=(a b c);name=x)
        readonly arr.alphas
        arr.alphas[1]=(b)

        typeset -C arr=(typeset -r -a alphas=(a b c);name=x)
        arr.alphas[1]=()

src/cmd/ksh93/bltins/typeset.c: setall():
- Relocate readonly attribute check higher up the code and widen
  its application to issue an error message if the pre-existing
  name-pair has the readonly bit flag set.
- To avoid compatibility problems, don't check for readonly if
  NV_RDONLY is the only attribute set (ignoring NV_NOFREE). This
  allows 'readonly foo; readonly foo' to keep working.

src/cmd/ksh93/sh/array.c: nv_endsubscript():
- Apply a readonly flag check when an array subscript or append
  assignment occurs, but allow type variables (typeset -T) as they
  utilize '-r' for 'required' sub-variables.

src/cmd/ksh93/tests/readonly.sh:
- New file. Create readonly tests that validate the warning message
  and validate that the readonly variable did not change.

src/cmd/ksh93/sh/streval.c:
- Bump MAXLEVEL from 9 to 1024 as a workaround for arithmetic
  expansion, avoiding a spurious error about too much recursion
  when the readonly.sh tests are run. This change is backported
  from ksh 93v-.
  TODO: debug a spurious increase in arithmetic recursion level
  variable when readonly.sh tests with 'typeset -i' are run.
  That is a different bug for a different commit.

Co-authored-by: Martijn Dekker <martijn@inlv.org>
This commit is contained in:
hyenias 2021-04-05 01:43:19 -04:00 committed by GitHub
parent c4f980eb29
commit 264ba48bdd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 357 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/cmd/ksh93/sh/array.c
View file

@ -1522,6 +1522,15 @@ char *nv_endsubscript(Namval_t *np, register char *cp, int mode)
}
if(mode && np)
{
/* Block an attempt to alter a readonly array via subscript assignment or by appending the array.
However need to allow instances of type variables. This exception is observed when np->nvflag
has NV_BINARY and NV_LJUST set besides NV_RDONLY and NV_ARRAY. */
if(nv_isattr(np,NV_RDONLY) && nv_isattr(np,NV_ARRAY) && mode&NV_ASSIGN && np->nvflag&(NV_BINARY|NV_LJUST)^(NV_BINARY|NV_LJUST))
{
errormsg(SH_DICT,ERROR_exit(1),e_readonly,nv_name(np));
UNREACHABLE();
}
Namarr_t *ap = nv_arrayptr(np);
int scan = 0;
#if SHOPT_FIXEDARRAY

2
src/cmd/ksh93/sh/streval.c
View file

@ -47,7 +47,7 @@
# define SH_DICT "libshell"
#endif
#define MAXLEVEL 9
#define MAXLEVEL 1024
#define SMALL_STACK 12
/*