1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-03-09 15:50:02 +00:00
cde/src/cmd/ksh93
Johnothan King 01c01fe8f6
Fix buffer overflows and memory leaks caught by ASAN (#282)
The changes in this commit allow ksh to be built and run with
ASan[*], although for now it only works under vmalloc. Example
command to build ksh with ASan:
$ bin/package make CCFLAGS='-O0 -g -fsanitize=address'

[*] https://en.wikipedia.org/wiki/AddressSanitizer

src/cmd/INIT/mamake.c:
- Fix a few memory leaks in mamake. This doesn't fix all of the
  memory leaks ASan complains about (there is one remaining in the
  view() function), but it's enough to get ksh to build under ASan.

src/lib/libast/features/map.c,
src/lib/libast/misc/glob.c:
- Rename the ast globbing functions to _ast_glob() and
  _ast_globfree(). Without this change the globbing tests fail
  under ASan. See: 2c49eb6e

src/cmd/ksh93/sh/{init,io,nvtree,subshell}.c:
- Fix buffer overflows by using strncmp(3) instead of memcmp(3).

src/cmd/ksh93/sh/name.c:
- Fix another invalid usage of memcmp by using strncmp instead.
  This change is also in one of Red Hat's patches:
  https://git.centos.org/rpms/ksh/blob/c8s/f/SOURCES/ksh-20120801-nv_open-memcmp.patch

Resolves: https://github.com/ksh93/ksh/issues/230
2021-04-22 18:13:12 +01:00
..
bltins Yet more fixes for subshell directory handling (re: feaf718f) 2021-04-20 05:39:10 +01:00
data Fix the exit status returned when a command isn't executable (#273) 2021-04-15 03:37:57 +01:00
edit emacs: Fix digits input after completion (re: 16e4824c, e8b3274a) 2021-04-16 14:46:07 +01:00
features Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
fun Fix for no-argument use of 'cd' in .../fun/dirs 2020-06-14 10:39:48 +02:00
include shcomp: fix redirection with process substitution 2021-04-22 03:25:24 +01:00
sh Fix buffer overflows and memory leaks caught by ASAN (#282) 2021-04-22 18:13:12 +01:00
tests shcomp: fix redirection with process substitution 2021-04-22 03:25:24 +01:00
builtins.mm Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
COMPATIBILITY Don't import/export readonly attribute via magic A__z env var 2021-04-21 04:11:55 +01:00
DESIGN Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
ksh-regress.rt Version: 2012-08-01-master 2016-01-11 15:54:23 -05:00
ksh-regress.tst Version: 2012-08-01-master 2016-01-11 15:54:23 -05:00
mamexec Fix various minor problems and update the documentation (#237) 2021-03-21 14:39:03 +00:00
Mamfile Update #include-related dependencies in Mamfiles 2021-03-25 01:55:59 +00:00
mamstate.c Version: 2012-08-01-master 2016-01-11 15:54:23 -05:00
nval.3 Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
OBSOLETE Fix many spelling errors and word repetitions (#188) 2021-02-20 03:22:24 +00:00
PROMO.mm Fix many spelling errors and word repetitions (#188) 2021-02-20 03:22:24 +00:00
README Disable SHOPT_EDPREDICT compile-time option by default 2021-04-22 17:37:12 +01:00
RELEASE Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
RELEASE88 Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
RELEASE93 Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
sh.1 sh.1: Backport login shell addition from ksh93v- (#266) 2021-04-10 14:17:12 +01:00
sh.memo Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
shell.3 Fix more compiler warnings, typos and other minor issues (#260) 2021-04-08 19:58:07 +01:00
SHOPT.sh Disable SHOPT_EDPREDICT compile-time option by default 2021-04-22 17:37:12 +01:00
TYPES Allow proper tilde expansion overrides (#225) 2021-03-17 21:07:14 +00:00

This directory, and its subdirectories contain the source code
for ksh-93; the language described in the second addition of
the book, "The KornShell Command and Programming Language," by
Morris Bolsky and David Korn which is published by Prentice Hall.
ksh-93 has been compiled and run on several machines with several
operating systems.  The end of this file contains a partial list of
operating systems and machines that ksh-93 has been known to run on.

Most of the source code for ksh is in the src/cmd/ksh93/sh
directory. For information on what's where, see the file DESIGN.

A new '-o posix' shell option has been added to ksh 93u+m that makes the
ksh language more compatible with other shells by following the POSIX
standard more closely. See the manual page for details. It is enabled by
default if ksh is invoked as sh, otherwise it is disabled by default.

The SHOPT.sh file contains several compilation options that can be set
before compiling ksh.  Options are of the form SHOPT_option and become
#define inside the code.  These options are set to their recommended
value and some of these may disappear as options in future releases.
A value of 0 represents off, 1 represents on, no value means probe. For
options where no feature probe is available, probe is the same as off.

The options have the following defaults and meanings:
    2DMATCH      on  Two-dimensional ${.sh.match} for ${var//pat/str}.
    ACCT         off Shell accounting.
    ACCTFILE     off Enable per user accounting info.
    AUDIT	 off For auditing specific users
    AUDITFILE	 "/etc/ksh_audit"
    BGX          on  Enables background job extensions. Noted by "J" in the
                     version string when enabled. (1) JOBMAX=n limits the
                     number of concurrent background jobs to n; the (n+1)th
                     background job will block until a running background job
                     completes. (2) SIGCHLD traps are queued so that each
                     completing background job gets its own trap; $! is set to
                     the job pid and $? is set to the job exit status at the
                     beginning of the trap.
    BRACEPAT     on  C-shell type abc{d,e}f style file generation
    CMDLIB_HDR   "<cmdlist.h>"
                     The header in which yuo can provide a custom list of
                     libcmd commands to provide as path-bound built-ins.
    CMDLIB_DIR   "\"/opt/ast/bin\""
                     The default virtual directory prefix for path-bound
                     built-ins. The value must include double quotes.
    CRNL         off <cr><nl> treated as <nl> in shell grammar.
    DEVFD            Use the more secure /dev/fd mechanism instead of FIFOs for
                     process substitutions. On by default on OSs with /dev/fd.
    DYNAMIC      on  Dynamic loading of builtins. (Requires dlopen() interface.)
    ECHOPRINT    off Make echo equivalent to print.
    EDPREDICT    off Enables history pattern search menu. As you begin a line
                     with a #, the following characters are treated as a shell
                     pattern and cause matching lines from the history file to
                     be displayed as a numbered list as you type. You can
                     scroll up and down this list or you can use <ESC>nTAB to
                     make this the current line (n defaults to 1 if omitted).
                     Experimental. Bugs: https://github.com/ksh93/ksh/issues/233
    ESH          on  Compile with emacs command line editing.  The original
                     emacs line editor code was provided by Mike Veach at IH.
    FILESCAN     on  Experimental option that allows fast reading of files
                     using while < file;do ...; done and allowing fields in
                     each line to be accessed as positional parameters.
    FIXEDARRAY   on  When using typeset, a name in the format NAME[N]
                     creates a fixed-size array and any attempt to access a
                     subscript N or higher is an error. Multidimensional
                     fixed-size arrays NAME[N1][N2]... are also supported.
    GLOBCASEDET      Adds the 'globcasedetect' shell option. When this shell
                     option is turned on, file name generation (globbing)
                     and file name listing and completion automatically become
                     case-insensitive on file systems where the difference
                     between upper- and lowercase is ignored for file names.
                     This compile-time option is enabled by default on operating
                     systems that can support case-insensitive file systems.
    HISTEXPAND   on  Enable !-style history expansion similar to csh(1).
    KIA          off Allow generation of shell cross reference database with -R.
    MULTIBYTE    on  Multibyte character handling.  Requires mblen() and
                     mbctowc().
    NAMESPACE    on  Allows namespaces.  This is experimental, incomplete
                     and undocumented.
    NOECHOE      off Disable the '-e' option to the 'echo' command,
                     unless SHOPT_ECHOPRINT is enabled.
    OLDTERMIO    off Use either termios or termio at runtime.
    OPTIMIZE     on  Optimize loop invariants for with for and while loops.
    PFSH         off Compile with support for profile shell. (Solaris; obsolete)
    P_SUID       off If set, all real uids, greater than or equal to this
                     value will require the -p flag to run suid/sgid scripts.
    RAWONLY      on  Turn on if the vi line mode doesn't work right unless
                     you do a set -o viraw.
    REGRESS      off Enable the __regress__ built-in command and instrumented
                     intercepts for testing.
    REMOTE       off Set --rc (read profile scripts) even if ksh was invoked
                     with standard input on a socket, i.e. as a remote shell.
    SPAWN        on  Use posix_spawn(3) as combined fork/exec if job control
                     is not active. Improves speed.
    STATS	 on  Add .sh.stats compound variable.
    SUID_EXEC    on  Execute /etc/suid_exec for setuid, setgid script.
    SYSRC            Source /etc/ksh.kshrc on initializing an interactive
                     shell. This is on by default if /etc/ksh.kshrc or
                     /etc/bash.bashrc exists at compile time.
    TEST_L           Add 'test -l' as an alias for 'test -L'. This is on by
                     default if the OS's external 'test' command supports it.
    TIMEOUT      off Set this to the number of seconds for timing out and
                     exiting the shell when you don't enter a command.  If
                     non-zero, TMOUT can not be set larger than this value.
    TYPEDEF	 on  Enable typeset type definitions.
    VSH          on  Compile with vi command line editing.  The original vi
                     line editor code was provided by Pat Sullivan at CB.

To build ksh (as well as libcmd and libast libraries on which ksh depends),
cd to the top directory and run:

	bin/package make

The compiled binaries are stored in the arch directory, in a subdirectory
that corresponds to your architecture. The command 'bin/package host type'
outputs the name of this subdirectory.

If you have trouble or want to tune the binaries, you may pass additional
compiler and linker flags. It is usually best to export these as environment
variables before running bin/package as they could change the name of the
build subdirectory of the arch directory, so exporting them is a convenient
way to keep them consistent between build and test commands. Note that this
system uses CCFLAGS instead of the usual CFLAGS. An example that makes
Solaris Studio cc produce a 64-bit binary:

	export CCFLAGS="-xc99 -m64 -O" LDFLAGS="-m64"
	bin/package make

Alternatively you can append these to the command, and they will only be
used for that command. You can also specify an alternative shell in which to
run the build scripts this way. For example:

	bin/package make SHELL=/bin/bash CCFLAGS="-O2 -I/opt/local/include" \
		LDFLAGS="-L/opt/local/lib"

For more information, run:

	bin/package help

Many other commands in this repo self-document via the --help, --man and
--html options; those that do have no separate manual page.

Automated installation is not supported. To install manually:

	cp arch/$(bin/package host type)/bin/ksh /usr/local/bin/
	cp src/cmd/ksh93/sh.1 /usr/local/share/man/man1/ksh.1

(adapting the destination directories as required).

The build should also generate shcomp, a program that will precompile
a script.  ksh93 is able to recognize files in this format and process
them as scripts.  You can use shcomp to send out scripts when you
don't want to give away the original script source.

To be able to run setuid/setgid shell scripts, or scripts without read
permission, the SUID_EXEC compile option must be on, and ksh must be installed
in the /bin directory, the /usr/bin directory, the /usr/lbin directory,
or the /usr/local/bin directory and the name must end in sh. The program
suid_exec must be installed in the /etc directory, must be owned by root,
and must be a suid program.  If you must install ksh in some other directory
and want to be able to run setuid/setgid and execute only scripts, then
you will have to change the source code file sh/suid_exec.c explicitly.
If you do not have ksh in one of these secure locations, /bin/sh will
be invoked with the -p options and will fail when you execute a setuid/setgid
and/or execute only script.  Note, that ksh does not read the .profile
or $ENV file when it the real and effective user/group id's are not
equal.

The tests subdirectory contains a number of regression tests for ksh.
To run all these tests with the shell you just built, run the command
	bin/shtests
For help and more options, type
	bin/shtests --man

The file PROMO.mm is an advertisement that extolls the virtues of ksh.
The file sh.1 contains the troff (man) description of this Shell.
The file nval.3 contains the troff (man) description of the name-value
pair library that is needed for writing built-ins that need to
access shell variables.

The file sh.memo contains a draft troff (mm) memo describing ksh.  The
file RELEASE88 contains the changes made for ksh88.  The file RELEASE93
contains the changes made in this release since ksh-88.  The file
RELEASE contains bug fixes made in this release since ksh-88.  The file
COMPATIBILITY contains a list of incompatibilities with ksh-88.  The
file bltins.mm is a draft troff (mm) memo describing how to write
built-in commands that can be loaded at run time.

Please report any problems or suggestions to:

https://github.com/ksh93/ksh


ksh 93u+m 1.0.0 has been compiled and alpha tested on the following.
An asterisk signifies minor regression test failures (one or two minor
things amiss), two asterisks signify moderate regression test failures
(some functionality does not work), and three asterisks signify serious
failures (crashes, and/or essential functionality does not work).

*	AIX 7.1 on RISC (PowerPC)
*	DragonFly BSD 5.8 on x86_64
	FreeBSD 12.2 on x86_64
	FreeBSD 12.2 on arm64 (thanks to hyenias for donating access to a Pi)
	GNU/Linux: Alpine 3.12.3 (musl C library) on x86_64
	GNU/Linux: CentOS 8.2 on x86_64
	GNU/Linux: Debian 10.7 on x86_64
	GNU/Linux: Gentoo 2.7 on i386
	GNU/Linux: NixOS 19.09 on x86_64
	GNU/Linux: Slackware 14.2 on x86_64
	GNU/Linux: Ubuntu 16.04 on x86_64
	GNU/Linux: Void Linux (musl C library) on x86_64
***	HP-UX B.11.11 on pa-risc
*	illumos: OmniOS 2020-08-19 (gcc) on x86_64
	macOS 10.14.6 (Mojave) on x86_64
***	NetBSD 8.1 and 9.0 on x86_64
*	OpenBSD 6.8 on x86_64
**	QNX 6.5.0 on i386
*	Solaris 11.4 (gcc) on x86_64
	Solaris 11.4 (Solaris Studio 12.5 cc) on x86_64
*	UnixWare 7.1.4 on x86
***	Windows 7 using Cygwin on x86

Good luck!!

The ksh 93u+m contributors
https://github.com/ksh93/ksh

Originally written by:
David Korn
dgk@research.att.com