– possible integer overflows in memory allocation, mostly
‣ multiplication: all are checked now
‣ addition: reviewed them, most were “proven” or guessed to be
“almost” impossible to run over (e.g. when we have a string
whose length is taken it is assumed that the length will be
more than only a few bytes below SIZE_MAX, since code and
stack have to fit); some are checked now (e.g. when one of
the summands is an off_t); most of the unchecked ones are
annotated now
⇒ cost (MirBSD/i386 static): +76 .text
⇒ cost (Debian sid/i386): +779 .text -4 .data
– on Linux targets, setuid() setresuid() setresgid() can fail
with EAGAIN; check for that and, if so, warn once and retry
infinitely (other targets to be added later once we know that
they are “insane”)
⇒ cost (Debian sid/i386): +192 .text (includes .rodata)
• setmode.c: Do overflow checking for realloc() too; switch back
from calloc() to a checked malloc() for simplification while there
• define -DIN_MKSH and let setmode.c look a tad nicer while here
• deactivate %a and %A since our libc doesn’t have it
• rewrite the mksh integration code to use shf instead of stdio, removing
floating point support always in the process, as shf doesn’t support it
⇒ saves 11114 (6706 text, 168 data, 4240 bss) with dietlibc on Debian
• fix -Wall -Wextra -Wformat -Wstrict-aliasing=2 for gcc (Debian 4.4.4-7)
• fix these and -Wc++-compat for gcc version 4.6.0 20100711 (experimental)
[trunk revision 162057] (Debian 20100711-1) except:
– a few enum warnings that relate to eglibc’s {g,s}etrlimit() functions
taking an enum instead of an int because they’re too stupid to adhere
to POSIX interfaces they design by themselves
– all “request for implicit conversion” involving a "void *" on one side
• tweak the manual page somewhat more
I read, IIRC in the Cederqvist, that 'cvs tag' sets a sticky tag onto
the cwd… it doesn’t, apparently. (I actually like it better this way,
but one needs to know!)
just a "somewhat more POSIX" but also a "/bin/sh legacy kludge" mode
* consistently capitalise POSIX and SUSv3/SUSv4 (same as AT&T ksh) and
Bourne shell
• shell flags are now handled in one single place (sh_flags.h)
• sync comments (between enum and array) and manpage with reality
• FMONITOR is now no longer needed for Hartz IV shells
return information needed to do a real ktremove instead of the pseudo
ktdelete operation which merely unsets the DEFINED flag to mark it as
eligible for texpand garbage collection (even worse, !DEFINED entries
are still counted)
much better avalanche and no known funnels
• improve comments
• fix some types (uint32_t for hash, size_t for sizes)
• optimise ktsort()
no functional change, I think
• expose “#ifdef MKSH_MIDNIGHTBSD01ASH_COMPAT” just in case they decide to
require it and show it in the ksh version automatically
• sync the use of non-ASCII characters over files (unification)
fix the regression test’s results while here, which have been
broken since cid 10049D9BE5254CE65B8
• get rid of separate copyright file which was intended for De-
bian; track down commits in all files of oksh-mirbsd and mksh
to get correct copyright years per-file, as is BSD custom
pass "xerrok" status across the execution call stack to more closely
match what both POSIX and [18]ksh.1 already describe in regards to set
-e/errexit's behavior in determining when to exit from nonzero return
values.
specifically, the truth values tested as operands to &&' and ||', as
well as the resulting compound expression itself, along with the truth
value resulting from a negated command (i.e. a pipeline prefixed !'),
should not make the shell exit when -e is in effect.
issue reported by matthieu.
testing matthieu, naddy.
ok miod (earlier version), otto.
man page ok jmc.
H4sIAAAAAAACA31TTUvDQBC951c804DtIQ0iiFhSPHiwiCDqzUpIuhO6JN2ETSS16n93Np+GFiGE
zM6bN2/fTPQOro5xENYuEVLzBz9eaF6RlWupSpyHaXqzVuvyljbbDCRV0UR7WeLiHEtT4D2GCcUy
pdNFh4pkg4wGZCV8Z6opTPOw3GI+swoq4ZIVZxqkSv0JqRAiWkBkmAJNegHIGG9vcAWcSnjM6dTo
uby8vsL7+wLllhQQKKr4SoFv/8nbXE5pQcdpk4nlwH6AE7zer17uVs/BmHVftnUdxYh0yHbV3ghY
9wh2rQlBkdMm8PmIe57Bjfs7dTW9X/OoEG6lwzwnzYKA7+8jHpsJTuFN4+IjKhKZM6dpZ0xuQ2Nz
7bGB1F74zlebmzTm/PS+OB0GZz4HLcPgz+BeDxyS9S7YU6e3qZaQk5gZgRHvQtI59Eet7QwBWFnL
O/F+ej9Fpmg0ug7OHrnqHy2+7y8x6DGEG3E0Az41RuPlYfXEEx0psrl8PAUebzf6ZklabgD8V3SS
Z7Vo6xfOuQS6gQMAAA==
「mksh -o posix z」 failed in that it continues; 「mksh z」 correctly aborts
let’s see what the obsd people have to say herefore
H4sIAAAAAAACAz1PywrDIBA8m68YgoT20EN7TMixX1F6yGNFIWhRSw2h/95VmuDB2XmsY2oDRVyo
Si1N2uHlMzQK0b8JHaImy4RQwxIITYPiUs4xqcyeGgdfrfumtWX5dMbGSHy0WQgP1PJa49lhdpkV
ynncYSxkOjjxd/V83dmcX9sQtFGRi0zORmO5042HbwnMzlIBqa9lAmfLVBIZ7XqpKBPDnDu+WXpi
wMhnOgQXYvUD+oKHAhUBAAA=
XXX OpenBSD has something different which may DTST or even DTRT (not break
XXX our make(1) wrt <bsd.subdir.mk>), check that
was hard to type and hard to fix, galloc is also hard to fix, and some
things I learned will probably improve things more but make me use the
original form as base (especially for space savings)
* let sizeofN die though, remove even more casts
* optimise, polish
* regen Makefiles
* sprinkle a few /* CONSTCOND */ while here
‣ macro afreechk() is superfluous
• get rid of macro afreechv() by re-doing the “don’t leak that much” code
• some KNF (mostly, whitespace and 80c) while here
• more int → bool
• more regression tests: check if the utf8-hack flag is really disabled
at non-interactive startup, enabled at interactive startup, if the
current locale is a UTF-8 one
• make the mksh-local multibyte handling functions globally accessible,
change their names, syntax and semantics a little (XXX more work needed)
• optimise
• utf_wctomb: src → dst, as we’re writing to that char array (pasto?)
• edit.c:x_e_getmbc(): if the second byte of a 2- or 3-byte multibyte
sequence is invalid utf-8, ungetc it (not possible for the 3rd byte yet)
• edit.c:x_zotc3(): easier (and faster) handling of UTF-8
• implement, document and test for base-1 numbers: they just get the
ASCII (8-bit) or Unicode (UTF-8) value of the octet(s) after the ‘1#’,
or do the same as print \x## or \u#### (depending on the utf8-hack flag),
plus support the PUA assignment of EF80‥EFFF for the MirBSD encoding “hack”
(print doesn’t, as it has \x## and \u#### to distinguish, but we cannot use
base-0 numbers which I had planned to use for raw octets first, as they are
used internally): http://thread.gmane.org/gmane.os.miros.general/7938
• as an application example, add a hexdumper to the regression tests ☺
• apply diff from mirbsdksh-1.11:
#ifdef DUP2_BROKEN
/* Ultrix systems like to preserve the close-on-exec flag */
‣ XXX we do #ifdef __ultrix here (imake-style) instead of mirtoconfing it
(but does anyone know of any other OS with the same problem? plus we’d
see it as we now know the symptoms)
• remove ultrix Build.hs warn=' but might work…' in the hope it DOES
from netbsd via oksh
we had the NULL pointer deref already fixed
• avoid a bogus not-setting the return value of edit.c:x_file_glob()
introduced by the above change in oksh
• escape ? as well (but not ] because that’s wrong)
reminded by cbiere@netbsd via oksh
• Unsetting a non-existent variable is not an error. See
http://www.opengroup.org/onlinepubs/009695399/utilities/unset.html
report from Arkadiusz Miskiewicz; fixed based on
http://cvs.pld-linux.org diff via oksh but modified slightly
• Be more smart waiting for input for non-interactive scripts. Fix
based on a diff from debian: see their bug#296446 (via oksh)
modified slightly
this also fixes cnuke@’s “mksh busy loop” problem, for which I never
received a bug report, but the Debian bug page contains a set of two
scripts to reproduce this before (and no longer after) this commit
• some KNF
• bump version
delivered to the process
• regression test by Clint Pachl, verified against Debian ksh93 by me
• place to fix it in the code discovered by Otto Moerbeek