external/cde
1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-02-15 04:32:24 +00:00
Code Issues Releases Wiki Activity

Fix crash/freeze upon interrupting command substitution with pipe

Browse source 
On some systems (at least Linux and macOS):

1. Run on a command line: t=$(sleep 10|while :; do :; done)
2. Press Ctrl+C in the first 10 seconds.
3. Execute any other command substitution. The shell crashes.

Analysis: Something in the job_wait() call in the sh_subshell()
restore routine may be interrupted by a signal such as SIGINT on
Linux and macOS. Exactly what that interruptible thing is remains
to be determined. In any case, since job_wait() was invoked after
sh_popcontext(), interrupting it caused the sh_subshell() restore
routine to be aborted, resulting in an inconsistent state of the
shell. The fix is to sh_popcontext() at a later stage instead.

src/cmd/ksh93/sh/subshell.c: sh_subshell():
- Rename struct checkpt buff to checkpoint because it's clearer.
- Move the sh_popcontext() call to near the end, just after
  decreasing the subshell level counters and restoring the global
  subshell data struct to its parent. This seems like a logical
  place for it and could allow other things to be interrupted, too.
- Get rid of the if(shp->subshell) because it is known that the
  value is > 0 at this point.
- The short exit routine run if the subshell forked now needs a new
  sh_popcontext() call, because this is handled before restoring
  the virtual subshell state.
- While we're here, do a little more detransitioning from all those
  pointless shp pointers.

Fixes: https://github.com/ksh93/ksh/issues/397
This commit is contained in:
Martijn Dekker 2021-12-27 03:00:15 +00:00
parent f7213f03a2
commit 91a7c2e3e9
3 changed files with 16 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
NEWS
View file

@ -3,6 +3,11 @@ For full details, see the git log at: https://github.com/ksh93/ksh
Any uppercase BUG_* names are modernish shell bug IDs. Any uppercase BUG_* names are modernish shell bug IDs.
2021-12-27:
- Fixed a crash or freeze that would occur on Linux when using Ctrl+C to
interrupt a command substitution containing a pipe in an interactive shell.
2021-12-26: 2021-12-26:
- Listing aliases or tracked aliases in a script no longer corrupts - Listing aliases or tracked aliases in a script no longer corrupts

2
src/cmd/ksh93/include/version.h
View file

@ -21,7 +21,7 @@
#define SH_RELEASE_FORK "93u+m" /* only change if you develop a new ksh93 fork */ #define SH_RELEASE_FORK "93u+m" /* only change if you develop a new ksh93 fork */
#define SH_RELEASE_SVER "1.0.0-beta.2" /* semantic version number: https://semver.org */ #define SH_RELEASE_SVER "1.0.0-beta.2" /* semantic version number: https://semver.org */
#define SH_RELEASE_DATE "2021-12-26" /* must be in this format for $((.sh.version)) */ #define SH_RELEASE_DATE "2021-12-27" /* must be in this format for $((.sh.version)) */
#define SH_RELEASE_CPYR "(c) 2020-2021 Contributors to ksh " SH_RELEASE_FORK #define SH_RELEASE_CPYR "(c) 2020-2021 Contributors to ksh " SH_RELEASE_FORK
/* Scripts sometimes field-split ${.sh.version}, so don't change amount of whitespace. */ /* Scripts sometimes field-split ${.sh.version}, so don't change amount of whitespace. */

20
src/cmd/ksh93/sh/subshell.c
View file

@ -492,7 +492,7 @@ Sfio_t *sh_subshell(Shell_t *shp,Shnode_t *t, volatile int flags, int comsub)
int *saveexitval = job.exitval; int *saveexitval = job.exitval;
char **savsig; char **savsig;
Sfio_t *iop=0; Sfio_t *iop=0;
struct checkpt buff; struct checkpt checkpoint;
struct sh_scoped savst; struct sh_scoped savst;
struct dolnod *argsav=0; struct dolnod *argsav=0;
int argcnt; int argcnt;
@ -509,7 +509,7 @@ Sfio_t *sh_subshell(Shell_t *shp,Shnode_t *t, volatile int flags, int comsub)
} }
shp->curenv = ++subenv; shp->curenv = ++subenv;
savst = shp->st; savst = shp->st;
sh_pushcontext(shp,&buff,SH_JMPSUB); sh_pushcontext(&sh,&checkpoint,SH_JMPSUB);
shp->subshell++; /* increase level of virtual subshells */ shp->subshell++; /* increase level of virtual subshells */
shgd->realsubshell++; /* increase ${.sh.subshell} */ shgd->realsubshell++; /* increase ${.sh.subshell} */
sp->prev = subshell_data; sp->prev = subshell_data;
@ -605,7 +605,7 @@ Sfio_t *sh_subshell(Shell_t *shp,Shnode_t *t, volatile int flags, int comsub)
shp->cpid = 0; shp->cpid = 0;
sh_sigreset(0); sh_sigreset(0);
} }
jmpval = sigsetjmp(buff.buff,0); jmpval = sigsetjmp(checkpoint.buff,0);
if(jmpval==0) if(jmpval==0)
{ {
if(comsub) if(comsub)
@ -681,10 +681,10 @@ Sfio_t *sh_subshell(Shell_t *shp,Shnode_t *t, volatile int flags, int comsub)
sh_trap(trap,0); sh_trap(trap,0);
free(trap); free(trap);
} }
sh_popcontext(shp,&buff); if(sh.subshell==0) /* we must have forked with sh_subfork(); this is the child process */
if(shp->subshell==0) /* must be child process */
{ {
subshell_data = sp->prev; subshell_data = sp->prev;
sh_popcontext(&sh,&checkpoint);
if(jmpval==SH_JMPSCRIPT) if(jmpval==SH_JMPSCRIPT)
siglongjmp(*shp->jmplist,jmpval); siglongjmp(*shp->jmplist,jmpval);
shp->exitval &= SH_EXITMASK; shp->exitval &= SH_EXITMASK;
@ -886,16 +886,14 @@ Sfio_t *sh_subshell(Shell_t *shp,Shnode_t *t, volatile int flags, int comsub)
} }
shp->subshare = sp->subshare; shp->subshare = sp->subshare;
shp->subdup = sp->subdup; shp->subdup = sp->subdup;
if(shp->subshell) sh.subshell--; /* decrease level of virtual subshells */
{
shp->subshell--; /* decrease level of virtual subshells */
shgd->realsubshell--; /* decrease ${.sh.subshell} */ shgd->realsubshell--; /* decrease ${.sh.subshell} */
}
subshell_data = sp->prev; subshell_data = sp->prev;
sh_popcontext(&sh,&checkpoint);
if(!argsav || argsav->dolrefcnt==argcnt) if(!argsav || argsav->dolrefcnt==argcnt)
sh_argfree(shp,argsav,0); sh_argfree(shp,argsav,0);
if(shp->topfd != buff.topfd) if(sh.topfd != checkpoint.topfd)
sh_iorestore(shp,buff.topfd|IOSUBSHELL,jmpval); sh_iorestore(&sh,checkpoint.topfd|IOSUBSHELL,jmpval);
if(sp->sig) if(sp->sig)
{ {
if(sp->prev) if(sp->prev)