SECURITY: make “unset HISTFILE” really work

additionally, make “HISTFILE=” the same, document the truncation and
re-reading process’ further and already-known bugs; this needs work
This commit is contained in:
tg
2015-03-07 20:46:31 +00:00
parent d3f3c3ec22
commit be147e3426
5 changed files with 36 additions and 15 deletions

View File

@@ -1,4 +1,4 @@
# $MirOS: src/bin/mksh/check.t,v 1.682 2015/03/01 15:23:03 tg Exp $
# $MirOS: src/bin/mksh/check.t,v 1.683 2015/03/07 20:46:26 tg Exp $
# -*- mode: sh -*-
#-
# Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
@@ -30,7 +30,7 @@
# (2013/12/02 20:39:44) http://openbsd.cs.toronto.edu/cgi-bin/cvsweb/src/regress/bin/ksh/?sortby=date
expected-stdout:
@(#)MIRBSD KSH R50 2015/03/02
@(#)MIRBSD KSH R50 2015/03/07
description:
Check version of shell.
stdin:
@@ -39,7 +39,7 @@ name: KSH_VERSION
category: shell:legacy-no
---
expected-stdout:
@(#)LEGACY KSH R50 2015/03/02
@(#)LEGACY KSH R50 2015/03/07
description:
Check version of legacy shell.
stdin:

View File

@@ -27,7 +27,7 @@
#include <sys/file.h>
#endif
__RCSID("$MirOS: src/bin/mksh/histrap.c,v 1.139 2015/02/06 10:09:06 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/histrap.c,v 1.140 2015/03/07 20:46:28 tg Exp $");
Trap sigtraps[NSIG + 1];
static struct sigaction Sigact_ign;
@@ -563,7 +563,7 @@ sethistfile(const char *name)
return;
/* if the name is the same as the name we have */
if (hname && strcmp(hname, name) == 0)
if (hname && name && !strcmp(hname, name))
return;
/*
@@ -581,6 +581,7 @@ sethistfile(const char *name)
hist_source->line = 0;
}
if (name)
hist_init(hist_source);
}
#endif
@@ -712,8 +713,10 @@ hist_init(Source *s)
hist_source = s;
#if HAVE_PERSISTENT_HISTORY
if ((hname = str_val(global("HISTFILE"))) == NULL)
if (((hname = str_val(global("HISTFILE"))) == NULL) || !*hname) {
hname = NULL;
return;
}
strdupx(hname, hname, APERM);
hs = hist_init_first;

23
mksh.1
View File

@@ -1,4 +1,4 @@
.\" $MirOS: src/bin/mksh/mksh.1,v 1.351 2015/03/05 13:30:57 tg Exp $
.\" $MirOS: src/bin/mksh/mksh.1,v 1.352 2015/03/07 20:46:29 tg Exp $
.\" $OpenBSD: ksh.1,v 1.156 2015/01/16 15:32:32 schwarze Exp $
.\"-
.\" Copyright © 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
@@ -74,7 +74,7 @@
.\" with -mandoc, it might implement .Mx itself, but we want to
.\" use our own definition. And .Dd must come *first*, always.
.\"
.Dd $Mdocdate: March 5 2015 $
.Dd $Mdocdate: March 7 2015 $
.\"
.\" Check which macro package we use, and do other -mdoc setup.
.\"
@@ -1862,7 +1862,8 @@ See
below for more information.
.It Ev HISTFILE
The name of the file used to store command history.
When assigned to, history is loaded from the specified file.
When assigned to or unset, the file is opened, history is truncated
then loaded from the file; subsequent new lines are appended.
Also, several invocations of the shell will share history if their
.Ev HISTFILE
parameters all point to the same file.
@@ -1870,7 +1871,7 @@ parameters all point to the same file.
.Sy Note :
If
.Ev HISTFILE
isn't set, no history file is used.
is unset or empty, no history file is used.
This is different from
.At
.Nm ksh .
@@ -6500,8 +6501,20 @@ is immediately printed on suspension (but not later after an
$ /bin/sleep 666 && echo fubar
.Ed
.Pp
The truncation process involved when changing
.Ev HISTFILE
does not free old history entries (leaks memory) and leaks
old entries into the new history if their line numbers are
not overwritten by same-numer entries from the persistent
history file; truncating the on-disc file to
.Ev HISTSIZE
lines has always been broken and prone to history file corruption
when multiple shells are accessing the file; the rollover process
for the in-memory portion of the history is slow, should use
.Xr memmove 3 .
.Pp
This document attempts to describe
.Nm mksh\ R50e
.Nm mksh\ R50f
and up,
.\" with vendor patches from insert-your-name-here,
compiled without any options impacting functionality, such as

4
sh.h
View File

@@ -169,9 +169,9 @@
#endif
#ifdef EXTERN
__RCSID("$MirOS: src/bin/mksh/sh.h,v 1.714 2015/03/01 15:23:05 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/sh.h,v 1.715 2015/03/07 20:46:30 tg Exp $");
#endif
#define MKSH_VERSION "R50 2015/03/02"
#define MKSH_VERSION "R50 2015/03/07"
/* arithmetic types: C implementation */
#if !HAVE_CAN_INTTYPES

7
var.c
View File

@@ -28,7 +28,7 @@
#include <sys/sysctl.h>
#endif
__RCSID("$MirOS: src/bin/mksh/var.c,v 1.186 2015/02/06 10:56:49 tg Exp $");
__RCSID("$MirOS: src/bin/mksh/var.c,v 1.187 2015/03/07 20:46:31 tg Exp $");
/*-
* Variables
@@ -1351,6 +1351,11 @@ unsetspec(struct tbl *vp)
*/
switch (special(vp->name)) {
#if HAVE_PERSISTENT_HISTORY
case V_HISTFILE:
sethistfile(NULL);
return;
#endif
case V_IFS:
setctypes(TC_IFSWS, C_IFS);
ifs0 = ' ';