From dada@pluto.tugraz.at  Mon Jan  8 10:53:54 2007
Return-Path: <dada@pluto.tugraz.at>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 72EAC16A412
	for <freebsd-gnats-submit@freebsd.org>; Mon,  8 Jan 2007 10:53:54 +0000 (UTC)
	(envelope-from dada@pluto.tugraz.at)
Received: from mailrelay1.tugraz.at (mailrelay.tu-graz.ac.at [129.27.2.202])
	by mx1.freebsd.org (Postfix) with ESMTP id 05E5C13C455
	for <freebsd-gnats-submit@freebsd.org>; Mon,  8 Jan 2007 10:53:53 +0000 (UTC)
	(envelope-from dada@pluto.tugraz.at)
Received: from pluto.tugraz.at (pluto.tu-graz.ac.at [129.27.3.200])
	by mailrelay1.tugraz.at (8.13.8/8.13.8) with ESMTP id l08AroLi024202
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-gnats-submit@freebsd.org>; Mon, 8 Jan 2007 11:53:50 +0100 (CET)
Received: from pluto.tugraz.at (localhost.localdomain [127.0.0.1])
	by pluto.tugraz.at (8.13.1/8.13.1) with ESMTP id l08AriQv007661
	for <freebsd-gnats-submit@freebsd.org>; Mon, 8 Jan 2007 11:53:44 +0100
Received: (from dada@localhost)
	by pluto.tugraz.at (8.13.1/8.13.1/Submit) id l08ArhYx007660
	for freebsd-gnats-submit@freebsd.org; Mon, 8 Jan 2007 11:53:43 +0100
Message-Id: <200701081053.l08ArhYx007660@pluto.tugraz.at>
Date: Mon, 8 Jan 2007 11:53:43 +0100
From: Martin Kammerhofer <dada@pluto.tugraz.at>
To: freebsd-gnats-submit@freebsd.org
Subject: sh(1): "type /NONEXISTENT" returns success

>Number:         107674
>Category:       bin
>Synopsis:       [patch] sh(1): "type /NONEXISTENT" returns success
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    stefanf
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 08 11:00:29 GMT 2007
>Closed-Date:    Sun Feb 04 11:10:59 GMT 2007
>Last-Modified:  Sun Feb 04 11:10:59 GMT 2007
>Originator:     Martin Kammerhofer <dada@sbox.tugraz.at>
>Release:        FreeBSD 6.2-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD Martin.liebt.Susi 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #2: Tue Dec 5 13:15:11 CET 2006 toor@Martin.liebt.Susi:/usr/src/sys/i386/compile/P2B-S i386
>Description:

The type shell builtin indicates how each argument would be
interpreted if used as a command name. Shell scripts frequently
redirect the output to /dev/null and take a zero exit code as
confirmation that a command is available. (Similar to "test -x" which
only works with a single path name argument.)

Our sh(1) "forgets" to set the return code ($?) when testing a path
name argument, i.e. something containing the slash (/)
character. Therefore all such tests succeed unconditionally!

This e.g. breaks the hgmerge script installed with the devel/mercurial
port (when there are merge conflicts).

>How-To-Repeat:
$ /bin/sh -c "type /foo/bar && echo WE HAVE FOOBAR"
/foo/bar: No such file or directory
WE HAVE FOOBAR
$ /bin/sh -c "type /* && echo WE HAVE MANY COMMANDS IN /"

>Fix:
Index: exec.c
===================================================================
RCS file: /home/ncvs/src/bin/sh/exec.c,v
retrieving revision 1.29
diff -u -r1.29 exec.c
--- exec.c	9 Apr 2006 12:21:20 -0000	1.29
+++ exec.c	6 Jan 2007 21:47:12 -0000
@@ -780,14 +780,16 @@
 						" a tracked alias for" : "",
 					    name);
 			} else {
-				if (access(argv[i], X_OK) == 0) {
+				if (eaccess(argv[i], X_OK) == 0) {
 					if (cmd == TYPECMD_SMALLV)
 						out1fmt("%s\n", argv[i]);
 					else
 						out1fmt(" is %s\n", argv[i]);
 				}
-				else
+				else {
 					out1fmt(": %s\n", strerror(errno));
+					error |= 127;
+				}
 			}
 			break;
 		}
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->stefanf 
Responsible-Changed-By: remko 
Responsible-Changed-When: Mon Jan 8 19:24:52 UTC 2007 
Responsible-Changed-Why:  
Hello Stefan, this looks like something for you, can you have alook at 
this please? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107674 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/107674: commit references a PR
Date: Thu, 11 Jan 2007 00:19:08 +0000 (UTC)

 stefanf     2007-01-11 00:19:00 UTC
 
   FreeBSD src repository
 
   Modified files:
     bin/sh               exec.c 
   Log:
   Return an error status (127) from the builtins 'type' and 'command' (with
   either -v or -V) if a file with a slash in the name doesn't exist (if there is
   no slash we already did that).
   
   Additionally, suppress the error message for command -v for files with a slash.
   
   PR:             107674
   Submitted by:   Martin Kammerhofer
   
   Revision  Changes    Path
   1.30      +5 -2      src/bin/sh/exec.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: stefanf 
State-Changed-When: Thu Jan 11 00:25:49 UTC 2007 
State-Changed-Why:  
I just checked in a similar patch to current.  Can you please tell me why you 
changed access() to eaccess()? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107674 

From: "Martin Kammerhofer" <mkamm@gmx.net>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/107674: sh(1): "type /NONEXISTENT" returns success
Date: Fri, 12 Jan 2007 18:41:54 +0100

 The access(2) => eacess(2) change is for the "type" builtin
 what revision 1.43 of src/bin/test/test.c was for "test".
 It makes only a difference in the case of a setuid or setgid
 shell.
 
 The semantics of type are roughly "What command (if any) is this?".
 Since execve(2) checks file access permissions against the effective
 uid/gid, eaccess semantics are better than checking against the
 real uid/gid with access(2).
 Most of the sh code predates the availability of eaccess(2), I guess
 that's why the original author did not use it in the first place.
 The access(2) system call is broken by design and - according to the
 man page - "should never be used"! (Although there is/was no security
 problem in the context of the shell - 
 
 Shorter version: Testing with eaccess gives results more consistent
 with execve.
 
 The s/access/eacess/ patch line should have made it into its own PR
 since it is orthogonal (i.e. unrelated) to the subject of this one.
 
 
 -- 
 Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
 Ideal fr Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
State-Changed-From-To: patched->closed 
State-Changed-By: stefanf 
State-Changed-When: Sun Feb 4 11:10:40 UTC 2007 
State-Changed-Why:  
Merged to RELENG_6.  Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107674 
>Unformatted:
