diff --git a/CVE-2019-14868.patch b/CVE-2019-14868.patch deleted file mode 100644 index 313568ceb6581a10f716887ec94928401e6f9c19..0000000000000000000000000000000000000000 --- a/CVE-2019-14868.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 808df797a15d7f363ff8f4ee4249a33876694b4a Mon Sep 17 00:00:00 2001 -From: Kurtis Rader -Date: Thu, 12 Dec 2019 18:46:50 -0800 -Subject: [PATCH] Harden env var imports - ---- - src/cmd/ksh93/sh/arith.c | 37 +++++++++++++++++++++++++------------ - src/cmd/ksh93/tests/subshell.sh | 23 +++++++++++++++++++++++ - 2 files changed, 48 insertions(+), 12 deletions(-) - -diff --git a/src/cmd/ksh93/sh/arith.c b/src/cmd/ksh93/sh/arith.c -index 5ca3fce..53eb45e 100644 ---- a/src/cmd/ksh93/sh/arith.c -+++ b/src/cmd/ksh93/sh/arith.c -@@ -567,19 +567,32 @@ Sfdouble_t sh_strnum(Shell_t *shp, const char *str, char **ptr, int mode) { - char *last; - - if (*str == 0) { -- if (ptr) *ptr = (char *)str; -- return 0; -- } -- errno = 0; -- d = number(str, &last, shp->inarith ? 0 : 10, NULL); -- if (*last) { -- if (*last != '.' || last[1] != '.') { -- d = strval(shp, str, &last, arith, mode); -- Varsubscript = true; -+ d = 0.0; -+ last = (char *)str; -+ } else { -+ d = number(str, &last, shp->inarith ? 0 : 10, NULL); -+ if (*last && !shp->inarith && sh_isstate(shp, SH_INIT)) { -+ // This call is to handle "base#value" literals if we're importing untrusted env vars. -+ d = number(str, &last, 0, NULL); -+ } -+ if (*last) { -+ if (sh_isstate(shp, SH_INIT)) { -+ // Initializing means importing untrusted env vars. Since the string does not appear -+ // to be a recognized numeric literal give up. We can't safely call strval() since -+ // that allows arbitrary expressions which would create a security vulnerability. -+ d = 0.0; -+ } else { -+ if (*last != '.' || last[1] != '.') { -+ d = strval(shp, str, &last, arith, mode); -+ Varsubscript = true; -+ } -+ if (!ptr && *last && mode > 0) { -+ errormsg(SH_DICT, ERROR_exit(1), e_lexbadchar, *last, str); -+ } -+ } -+ } else if (d == 0.0 && *str == '-') { -+ d = -0.0; - } -- if (!ptr && *last && mode > 0) errormsg(SH_DICT, ERROR_exit(1), e_lexbadchar, *last, str); -- } else if (!d && *str == '-') { -- d = -0.0; - } - if (ptr) *ptr = last; - return d; -diff --git a/src/cmd/ksh93/tests/subshell.sh b/src/cmd/ksh93/tests/subshell.sh -index b63a805..3faba47 100644 ---- a/src/cmd/ksh93/tests/subshell.sh -+++ b/src/cmd/ksh93/tests/subshell.sh -@@ -856,3 +856,26 @@ for exp in 65535 65536 - do got=$($SHELL -c 'x=$(printf "%.*c" '$exp' x); print ${#x}' 2>&1) - [[ $got == $exp ]] || log_error "large command substitution failed" "$exp" "$got" - done -+ -+# ========== -+# Verify that importing untrusted env vars does not allow evaluating arbitrary expressions but does -+# recognize all integer literals recognized by ksh. -+expect=8 -+actual=$(env SHLVL='7' $SHELL -c 'echo $SHLVL') -+[[ $actual == $expect ]] || log_error "decimal int literal not recognized" "$expect" "$actual" -+ -+expect=14 -+actual=$(env SHLVL='013' $SHELL -c 'echo $SHLVL') -+[[ $actual == $expect ]] || log_error "leading zeros int literal not recognized" "$expect" "$actual" -+ -+expect=4 -+actual=$(env SHLVL='2#11' $SHELL -c 'echo $SHLVL') -+[[ $actual == $expect ]] || log_error "base#value int literal not recognized" "$expect" "$actual" -+ -+expect=12 -+actual=$(env SHLVL='16#B' $SHELL -c 'echo $SHLVL') -+[[ $actual == $expect ]] || log_error "base#value int literal not recognized" "$expect" "$actual" -+ -+expect=1 -+actual=$(env SHLVL="2#11+x[\$($bin_echo DANGER WILL ROBINSON >&2)0]" $SHELL -c 'echo $SHLVL') -+[[ $actual == $expect ]] || log_error "expression allowed on env var import" "$expect" "$actual" --- -1.8.3.1 - diff --git a/backport-Change-default-build-type-to-minsize-to-imporve-the-performance.patch b/backport-Change-default-build-type-to-minsize-to-imporve-the-performance.patch deleted file mode 100644 index 8872793f0eb0b7014dd7753e184532f4e9b778d6..0000000000000000000000000000000000000000 --- a/backport-Change-default-build-type-to-minsize-to-imporve-the-performance.patch +++ /dev/null @@ -1,80 +0,0 @@ -From f967b5a25509d7495445b392307fdaa046e84be7 Mon Sep 17 00:00:00 2001 -From: Kurtis Rader -Date: Sun, 26 Jan 2020 21:00:50 -0800 -Subject: [PATCH] Change default build type to "minsize" - -People (and distros) have been building ksh from this project using the -default "debug" build type since we switched from Nmake to Meson. That -results in a ksh program whose performance is far from optimal. So change -the default build type. If a debugging enabled binary is needed, such as -in a CI environment, it must be requested explicitly. - -Related #1449 - -(cherry picked from commit db54d369002a0e942d695838986af6bf8962d763) ---- - CHANGELOG.md | 3 +++ - meson.build | 11 ++++++++++- - scripts/build-on-docker.sh | 2 +- - scripts/build-on-macos.sh | 2 +- - 4 files changed, 15 insertions(+), 3 deletions(-) - -diff --git a/CHANGELOG.md b/CHANGELOG.md -index 0e38b780456e..8657ab1a2a15 100644 ---- a/CHANGELOG.md -+++ b/CHANGELOG.md -@@ -2,6 +2,9 @@ - - ## Notable fixes and improvements - -+- The default build type is now "minsize" since that dramatically improves the -+ performance of ksh. You can still request a debug build via `meson -+ --buildtype=debug` (issue #1449). - - Fix `history` command behavior when the *~/.sh_history* file has - specific content (issue #1432). - -diff --git a/meson.build b/meson.build -index 0e5dc2483fb1..aecfe737c3f1 100644 ---- a/meson.build -+++ b/meson.build -@@ -1,4 +1,13 @@ --project('ksh93', 'c', default_options: ['b_lundef=false', 'default_library=static']) -+project('ksh9', 'c', default_options: [ -+ # This is the optimal production build type for this project. If you need -+ # a debug build you must explicitly run `meson --buildtype=debug`. This -+ # helps ensure that each distro (or user) gets a performance optimized build -+ # even if they don't know to add the `--buildtype=minsize` option. -+ 'buildtype=minsize', -+ 'b_lundef=false', -+ 'default_library=static', -+ 'c_std=c99', # we require the C99 (aka ISO9899:1999) language standard -+]) - - source_dir = meson.current_source_dir() - cc = meson.get_compiler('c') -diff --git a/scripts/build-on-docker.sh b/scripts/build-on-docker.sh -index cd8138be9ab2..0b5af4a1d698 100755 ---- a/scripts/build-on-docker.sh -+++ b/scripts/build-on-docker.sh -@@ -18,7 +18,7 @@ mkdir build - cd build - - echo ==== Configuring the build --if ! meson -Dwarnings-are-errors=true -+if ! meson -Dwarnings-are-errors=true --buildtype=debug - then - cat meson-logs/meson-log.txt - exit 1 -diff --git a/scripts/build-on-macos.sh b/scripts/build-on-macos.sh -index 2732e370f8d8..163195accfff 100755 ---- a/scripts/build-on-macos.sh -+++ b/scripts/build-on-macos.sh -@@ -15,7 +15,7 @@ mkdir build - cd build - - echo ==== Configuring the build --if ! meson -Dwarnings-are-errors=true -+if ! meson -Dwarnings-are-errors=true --buildtype=debug - then - cat meson-logs/meson-log.txt - exit 1 diff --git a/backport-Fix-handling-of-skipped-directories.patch b/backport-Fix-handling-of-skipped-directories.patch deleted file mode 100644 index 4f76a4edc96bc16cc80ffbf64dd65a0a63542db1..0000000000000000000000000000000000000000 --- a/backport-Fix-handling-of-skipped-directories.patch +++ /dev/null @@ -1,120 +0,0 @@ -From a1e1592ac7028659d09eb3fa6c8a2227cba9f2a9 Mon Sep 17 00:00:00 2001 -From: Kurtis Rader -Date: Wed, 8 Jan 2020 19:14:31 -0800 -Subject: [PATCH] Fix handling of skipped directories - -The bug in `path_opentype()` fixed by this commit may affect other -scenarios but we know it affects autoloaded functions. Hence the unit -test for that scenario. - -Fixes #1454 - -(cherry picked from commit 3bc58164494eecc180e2bad966d7753bfdd1e295) ---- - src/cmd/ksh93/sh/path.c | 16 +++++++++------- - src/cmd/ksh93/tests/autoload.sh | 15 +++++++++++++++ - src/cmd/ksh93/tests/data/skipped_dir | 15 +++++++++++++++ - src/cmd/ksh93/tests/meson.build | 1 + - 4 files changed, 40 insertions(+), 7 deletions(-) - create mode 100644 src/cmd/ksh93/tests/autoload.sh - create mode 100644 src/cmd/ksh93/tests/data/skipped_dir - -diff --git a/src/cmd/ksh93/sh/path.c b/src/cmd/ksh93/sh/path.c -index 69382f9..b7869b3 100644 ---- a/src/cmd/ksh93/sh/path.c -+++ b/src/cmd/ksh93/sh/path.c -@@ -475,28 +475,30 @@ Pathcomp_t *path_get(Shell_t *shp, const char *name) { - // - static_fn int path_opentype(Shell_t *shp, const char *name, Pathcomp_t *pp, int fun) { - int fd = -1; -- struct stat statb; -- Pathcomp_t *oldpp; - - if (!pp && !shp->pathlist) path_init(shp); - if (!fun && strchr(name, '/') && sh_isoption(shp, SH_RESTRICTED)) { - errormsg(SH_DICT, ERROR_exit(1), e_restricted, name); - __builtin_unreachable(); - } -+ -+ // The structure of this loop is slightly odd. It's a consequence of how path_nextcomp() works. -+ Pathcomp_t *next_pp = pp; - do { -- pp = path_nextcomp(shp, oldpp = pp, name, 0); -- while (oldpp && (oldpp->flags & PATH_SKIP)) oldpp = oldpp->next; -- if (fun && (!oldpp || !(oldpp->flags & PATH_FPATH))) continue; -+ pp = next_pp; -+ next_pp = path_nextcomp(shp, pp, name, NULL); -+ if (pp && (pp->flags & PATH_SKIP)) continue; -+ if (fun && (!pp || !(pp->flags & PATH_FPATH))) continue; - fd = sh_open(path_relative(shp, stkptr(shp->stk, PATH_OFFSET)), O_RDONLY | O_CLOEXEC, 0); -+ struct stat statb; - if (fd >= 0 && (fstat(fd, &statb) < 0 || S_ISDIR(statb.st_mode))) { - errno = EISDIR; - sh_close(fd); - fd = -1; - } -- } while (fd < 0 && pp); -+ } while (fd < 0 && next_pp); - - assert(fd < 0 || sh_iovalidfd(shp, fd)); -- - if (fd >= 0 && (fd = sh_iomovefd(shp, fd)) > 0) { - (void)fcntl(fd, F_SETFD, FD_CLOEXEC); - shp->fdstatus[fd] |= IOCLEX; -diff --git a/src/cmd/ksh93/tests/autoload.sh b/src/cmd/ksh93/tests/autoload.sh -new file mode 100644 -index 0000000..6aaa206 ---- /dev/null -+++ b/src/cmd/ksh93/tests/autoload.sh -@@ -0,0 +1,15 @@ -+# Verify the behavior of autoloaded functions. -+ -+# ==================== -+# Verify that directories in the path search list which should be skipped (e.g., because they don't -+# exist) interacts correctly with autoloaded functions. -+# -+# See https://github.com/att/ast/issues/1454 -+expect=$"Func cd called with |$TEST_DIR/usr|\n$TEST_DIR/usr" -+actual=$($SHELL "$TEST_ROOT/data/skipped_dir") -+actual_status=$? -+expect_status=0 -+[[ $actual_status == $expect_status ]] || -+ log_error "autoload function skipped dir test wrong status" "$expect_status" "$actual_status" -+[[ $actual == $expect ]] || -+ log_error "autoload function skipped dir test wrong output" "$expect" "$actual" -diff --git a/src/cmd/ksh93/tests/data/skipped_dir b/src/cmd/ksh93/tests/data/skipped_dir -new file mode 100644 -index 0000000..b8eeddc ---- /dev/null -+++ b/src/cmd/ksh93/tests/data/skipped_dir -@@ -0,0 +1,15 @@ -+# See https://github.com/att/ast/issues/1454 -+ -+mkdir -p "$TEST_DIR/usr/bin" -+print '#!/bin/sh' >"$TEST_DIR/usr/bin/cd" -+print 'builtin cd "$@"' >>"$TEST_DIR/usr/bin/cd" -+prefix="$TEST_DIR/ksh.$$" -+ -+FPATH="$prefix/bad:$prefix/functions" -+mkdir -p "$prefix/functions" -+print 'function cd { echo "Func cd called with |$*|"; command cd "$@"; }' >"$prefix/functions/cd" -+typeset -fu cd -+ -+PATH="/arglebargle:$PATH:$TEST_DIR/usr/bin:$TEST_DIR/bin" -+cd "$TEST_DIR/usr" -+pwd -diff --git a/src/cmd/ksh93/tests/meson.build b/src/cmd/ksh93/tests/meson.build -index 6a07d7c..26f2d43 100644 ---- a/src/cmd/ksh93/tests/meson.build -+++ b/src/cmd/ksh93/tests/meson.build -@@ -48,6 +48,7 @@ all_tests = [ - ['arrays'], - ['arrays2'], - ['attributes'], -+ ['autoload'], - ['basic', 90], - ['case'], - ['comvar'], --- -1.8.3.1 - diff --git a/backport-Fix-hist_nearend.patch b/backport-Fix-hist_nearend.patch deleted file mode 100644 index b95f3c6a46b266c50f677972603436ba8c0af57f..0000000000000000000000000000000000000000 --- a/backport-Fix-hist_nearend.patch +++ /dev/null @@ -1,51 +0,0 @@ -From a754ce08134f92c6f07e28ce7ec95f33135f2074 Mon Sep 17 00:00:00 2001 -From: Kurtis Rader -Date: Thu, 7 Nov 2019 17:48:40 -0800 -Subject: [PATCH] Fix hist_nearend() - -The original code, prior to the fix for issue #1271, called sfreserve() -with just the SF_LOCKR. While fixing the core issue of issue #1271 I -noticed the buffer did not have a read/write mode. Which is wrong. What -I didn't realize was that is equivalent to read+write. I incorrectly -included SF_WRITE rather than SF_RDWR. - -Fixes #1432 - -(cherry picked from commit b2e48a99ec6e2622c9e653bc64f334b2bdcff0f9) - ---- - CHANGELOG.md | 7 +++++++ - src/cmd/ksh93/edit/history.c | 2 +- - 2 files changed, 8 insertions(+), 1 deletion(-) - -diff --git a/CHANGELOG.md b/CHANGELOG.md -index 0f1fcaf3..0e38b780 100644 ---- a/CHANGELOG.md -+++ b/CHANGELOG.md -@@ -1,3 +1,10 @@ -+# ksh 2020.0.1 -+ -+## Notable fixes and improvements -+ -+- Fix `history` command behavior when the *~/.sh_history* file has -+ specific content (issue #1432). -+ - # ksh 2020.0.0 - - This documents changes since the AST code, which includes the `ksh` program, -diff --git a/src/cmd/ksh93/edit/history.c b/src/cmd/ksh93/edit/history.c -index 50ac06a6..7c207c26 100644 ---- a/src/cmd/ksh93/edit/history.c -+++ b/src/cmd/ksh93/edit/history.c -@@ -365,7 +365,7 @@ static int hist_nearend(History_t *hp, Sfio_t *iop, off_t size) { - // Skip to marker command and return the number. Numbering commands occur after a null and begin - // with HIST_CMDNO. - while (true) { -- cp = buff = (unsigned char *)sfreserve(iop, SF_UNBOUND, SF_LOCKR | SF_WRITE); -+ cp = buff = (unsigned char *)sfreserve(iop, SF_UNBOUND, SF_LOCKR | SF_RDWR); - if (!cp) break; - - n = sfvalue(iop); --- -2.19.1 - diff --git a/backport-Fix-interactive-restricted-shell-behavior.patch b/backport-Fix-interactive-restricted-shell-behavior.patch deleted file mode 100644 index 187514e2a4128f2870439706ae8ad19b4cdebdf4..0000000000000000000000000000000000000000 --- a/backport-Fix-interactive-restricted-shell-behavior.patch +++ /dev/null @@ -1,164 +0,0 @@ -From c8a66c70b51f11bfcaeef22dd17b9b86ea1c3dfe Mon Sep 17 00:00:00 2001 -From: Kurtis Rader -Date: Tue, 21 Jan 2020 18:21:08 -0800 -Subject: [PATCH] Fix interactive restricted shell behavior - -Fixes #1459 - -(cherry picked from commit 1fd82bddfd36c8d381d4eb75bc1e6b2d4ccb6750) - ---- - scripts/create_rksh_symlink | 8 +++++ - src/cmd/ksh93/edit/edit.c | 2 ++ - src/cmd/ksh93/meson.build | 6 ++++ - src/cmd/ksh93/tests/meson.build | 6 ++-- - src/cmd/ksh93/tests/restricted.exp | 29 +++++++++++++++++++ - src/cmd/ksh93/tests/restricted.exp.out | 1 + - .../ksh93/tests/util/interactive.expect.rc | 1 + - 7 files changed, 51 insertions(+), 2 deletions(-) - create mode 100755 scripts/create_rksh_symlink - create mode 100644 src/cmd/ksh93/tests/restricted.exp - create mode 100644 src/cmd/ksh93/tests/restricted.exp.out - -diff --git a/scripts/create_rksh_symlink b/scripts/create_rksh_symlink -new file mode 100755 -index 00000000..03c013c4 ---- /dev/null -+++ b/scripts/create_rksh_symlink -@@ -0,0 +1,8 @@ -+#!/bin/sh -+# This is used by a Meson custom_target() to create a "rksh" symlink to the -+# "ksh" binary. This is slightly convoluted to support platforms, such as -+# Cygwin, where the ksh binary might have an extension such as ".exe". -+cmd=$(basename "$1") -+cd "$(dirname "$1")" || exit 1 -+rm -f "r$cmd" -+ln -s "$cmd" "r$cmd" -diff --git a/src/cmd/ksh93/edit/edit.c b/src/cmd/ksh93/edit/edit.c -index 666719a9..9c62b1a7 100644 ---- a/src/cmd/ksh93/edit/edit.c -+++ b/src/cmd/ksh93/edit/edit.c -@@ -451,9 +451,11 @@ void ed_setup(Edit_t *ep, int fd, int reedit) { - if (!ep->e_term) ep->e_term = nv_search("TERM", shp->var_tree, 0); - if (ep->e_term && (term = nv_getval(ep->e_term)) && strlen(term) < sizeof(ep->e_termname) && - strcmp(term, ep->e_termname)) { -+ // Avoid an error from the 2>/dev/null redirection in a restricted shell. - bool r = sh_isoption(shp, SH_RESTRICTED); - if (r) sh_offoption(shp, SH_RESTRICTED); - sh_trap(shp, ".sh.subscript=$(tput cuu1 2>/dev/null)", 0); -+ if (r) sh_onoption(shp, SH_RESTRICTED); - pp = nv_getval(SH_SUBSCRNOD); - if (pp) { - // It should be impossible for the cursor up string to be truncated. -diff --git a/src/cmd/ksh93/meson.build b/src/cmd/ksh93/meson.build -index 491fb9b5..74ace1c7 100644 ---- a/src/cmd/ksh93/meson.build -+++ b/src/cmd/ksh93/meson.build -@@ -32,6 +32,11 @@ ksh93_exe = executable('ksh', ['sh/pmain.c'], c_args: shared_c_args, - dependencies: [libm_dep, libexecinfo_dep, libdl_dep], - install: true) - -+# Create a symlink for a restricted version of the ksh shell. -+create_rksh_symlink = find_program(source_dir + '/scripts/create_rksh_symlink') -+rksh93_exe = custom_target('rksh', input: ksh93_exe, output: 'rksh', build_by_default: true, -+ command: [create_rksh_symlink, '@INPUT@']) -+ - shcomp_exe = executable('shcomp', ['sh/shcomp.c'], c_args: shared_c_args, - include_directories: [configuration_incdir, ksh93_incdir], - link_with: [libksh, libast, libcmd, libdll], -@@ -47,6 +52,7 @@ test_driver = join_paths(test_dir, 'util', 'run_test.sh') - src_root = 'SRC_ROOT=' + source_dir - test_root = 'TEST_ROOT=' + test_dir - shell_var = 'SHELL=' + ksh93_exe.full_path() -+rshell_var = 'RSHELL=' + rksh93_exe.full_path() - shcomp_var = 'SHCOMP=' + shcomp_exe.full_path() - - libast_build_dir = join_paths(build_dir, 'src', 'lib', 'libast') -diff --git a/src/cmd/ksh93/tests/meson.build b/src/cmd/ksh93/tests/meson.build -index 26f2d43c..4f81ef3c 100644 ---- a/src/cmd/ksh93/tests/meson.build -+++ b/src/cmd/ksh93/tests/meson.build -@@ -81,6 +81,7 @@ all_tests = [ - ['readcsv'], - ['recttype'], - ['restricted'], -+ ['restricted.exp'], - ['rksh'], - ['select'], - ['sh_match', 120], -@@ -163,7 +164,8 @@ foreach testspec : all_tests - lang_var = 'LANG=en_US.UTF-8' - test(test_name, ksh93_exe, timeout: timeout, is_parallel: parallel, - args: [test_driver, test_name], -- env: [shell_var, lang_var, src_root, test_root, ld_library_path, libsample_path]) -+ env: [shell_var, lang_var, src_root, test_root, ld_library_path, libsample_path, -+ rshell_var]) - - # The shcomp variants are only applicable to the non-interactive tests. - if not test_name.endswith('.exp') -@@ -180,7 +182,7 @@ foreach testspec : all_tests - test(test_name + '/shcomp', ksh93_exe, timeout: timeout, is_parallel: parallel, - args: [ test_driver, 'shcomp', test_name], - env: [shell_var, lang_var, src_root, test_root, shcomp_var, ld_library_path, -- libsample_path]) -+ rshell_var, libsample_path]) - endif - endif - endif -diff --git a/src/cmd/ksh93/tests/restricted.exp b/src/cmd/ksh93/tests/restricted.exp -new file mode 100644 -index 00000000..4192675b ---- /dev/null -+++ b/src/cmd/ksh93/tests/restricted.exp -@@ -0,0 +1,29 @@ -+# vim: set filetype=expect: -+# -+# Interactive tests of restricted shell behavior. This is primarily to avoid regressions of -+# https://github.com/att/ast/issues/1459. It doesn't need to be a comprehensive test of restricted -+# shell behavior. That is already done in unit test restricted.sh. -+set pid [spawn $rksh] -+expect_prompt -+# Terminal rows and columns may default to zero so ensure sane values. -+send "stty rows 24 cols 80\r" -+expect_prompt -+ -+# ========== -+# Changing a restricted env var should be an error. -+log_test_entry -+send "PATH=/bin\r" -+expect -re ": PATH: restricted\r\n" { -+ puts "modifying PATH is restricted" -+} -+expect_prompt -+ -+# ========== -+# Exit the shell. -+log_test_entry -+send "\r" -+expect_prompt -+send [ctrl D] -+catch {expect default exp_continue} output -+log_debug "EOF output: $output" -+wait -diff --git a/src/cmd/ksh93/tests/restricted.exp.out b/src/cmd/ksh93/tests/restricted.exp.out -new file mode 100644 -index 00000000..d04d3921 ---- /dev/null -+++ b/src/cmd/ksh93/tests/restricted.exp.out -@@ -0,0 +1 @@ -+modifying PATH is restricted -diff --git a/src/cmd/ksh93/tests/util/interactive.expect.rc b/src/cmd/ksh93/tests/util/interactive.expect.rc -index dd039a21..f30e5e19 100644 ---- a/src/cmd/ksh93/tests/util/interactive.expect.rc -+++ b/src/cmd/ksh93/tests/util/interactive.expect.rc -@@ -6,6 +6,7 @@ log_user 0 - log_file -noappend interactive.tmp.log - - set ksh $env(SHELL) -+set rksh $env(RSHELL) - set timeout 2 - set send_human {.05 .1 5 .02 .2} - --- -2.19.1 - diff --git a/backport-functions-with-not-loaded-autoloaded-functions.patch b/backport-functions-with-not-loaded-autoloaded-functions.patch deleted file mode 100644 index 2a42368653c0ee64be308ae28a1a18e1be436857..0000000000000000000000000000000000000000 --- a/backport-functions-with-not-loaded-autoloaded-functions.patch +++ /dev/null @@ -1,75 +0,0 @@ -From a82279db9e49d2c42a95853f38061494df06e33c Mon Sep 17 00:00:00 2001 -From: Kurtis Rader -Date: Tue, 12 Nov 2019 19:45:34 -0800 -Subject: [PATCH] `functions` with not loaded autoloaded functions - -If there are functions marked to be autloaded, but not yet loaded, typing -`typeset -f` or `functions` dereferences a NULL pointer. - -Fixes #1436 - -(cherry picked from commit 7df11dedc5883fa2be1cf217ae6021cac56c81fa) - ---- - src/cmd/ksh93/bltins/typeset.c | 15 +++++++++------ - 1 file changed, 9 insertions(+), 6 deletions(-) - -diff --git a/src/cmd/ksh93/bltins/typeset.c b/src/cmd/ksh93/bltins/typeset.c -index 0862ace4..fba305f1 100644 ---- a/src/cmd/ksh93/bltins/typeset.c -+++ b/src/cmd/ksh93/bltins/typeset.c -@@ -716,7 +716,6 @@ int setall(char **argv, nvflag_t flag, Dt_t *troot, struct tdata *tp) { - static_fn int print_namval(Sfio_t *file, Namval_t *np, bool omit_attrs, struct tdata *tp) { - char *cp; - int indent = tp->indent, outname = 0, isfun; -- struct Ufunction *rp; - - sh_sigcheck(tp->sh); - if (tp->noref && nv_isref(np)) return 0; -@@ -749,11 +748,13 @@ static_fn int print_namval(Sfio_t *file, Namval_t *np, bool omit_attrs, struct t - } - } - if (isfun) { -+ struct Ufunction *rp = FETCH_VT(np->nvalue, rp); - Sfio_t *iop = NULL; - char *fname = NULL; -+ - if (nv_isattr(np, NV_NOFREE)) return 0; - if (!omit_attrs) { -- if (!FETCH_VT(np->nvalue, ip)) { -+ if (!rp) { - sfputr(file, "typeset -fu", ' '); - } else if (!nv_isattr(np, NV_FPOSIX)) { - sfputr(file, "function", ' '); -@@ -763,14 +764,16 @@ static_fn int print_namval(Sfio_t *file, Namval_t *np, bool omit_attrs, struct t - if (tp->wctname) cp += strlen(tp->wctname) + 1; - sfputr(file, cp, -1); - if (nv_isattr(np, NV_FPOSIX)) sfwrite(file, "()", 2); -- rp = FETCH_VT(np->nvalue, rp); -+ -+ // Has the function been defined in which case we know where it came from? Or just marked -+ // to be autoloaded in which case we know we can't print the definition of the function? - if (rp && rp->hoffset >= 0) { - fname = rp->fname; - } else { -- omit_attrs = false; -+ omit_attrs = true; - } -+ - if (omit_attrs) { -- rp = FETCH_VT(np->nvalue, rp); - if (tp->pflag && rp && rp->hoffset >= 0) { - sfprintf(file, " #line %d %s\n", rp->lineno, fname ? sh_fmtq(fname) : ""); - } else { -@@ -778,7 +781,7 @@ static_fn int print_namval(Sfio_t *file, Namval_t *np, bool omit_attrs, struct t - } - } else { - if (nv_isattr(np, NV_FTMP)) { -- fname = 0; -+ fname = NULL; - iop = tp->sh->heredocs; - } else if (fname) { - iop = sfopen(iop, fname, "r"); --- -2.19.1 - diff --git a/ksh-1.0.8.tar.gz b/ksh-1.0.8.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..48fd1da263eacb56d75b5875d9ea50cac96427ea Binary files /dev/null and b/ksh-1.0.8.tar.gz differ diff --git a/ksh-2020.0.0.tar.gz b/ksh-2020.0.0.tar.gz deleted file mode 100644 index e291f504fe8917df31b7800c586a98ea6eba9cd6..0000000000000000000000000000000000000000 Binary files a/ksh-2020.0.0.tar.gz and /dev/null differ diff --git a/ksh.spec b/ksh.spec index fe86692aa40aced77b1de2a3c4665c97c915e029..3a5a78a0a0c64a2fded57ba466f1a279b93d6f81 100644 --- a/ksh.spec +++ b/ksh.spec @@ -1,101 +1,128 @@ Name: ksh -Version: 2020.0.0 -Release: 11 +Version: 1.0.8 +Release: 1 Summary: The Original ATT Korn Shell -License: EPL-1.0 +License: EPL-2.0 URL: http://www.kornshell.com/ -Epoch: 1 -Source0: https://github.com/att/ast/releases/download/%{version}/%{name}-%{version}.tar.gz +Epoch: 2 +Source0: https://github.com/ksh93/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz Source1: kshcomp.conf Source2: kshrc.rhs Source3: dotkshrc - -Patch1: CVE-2019-14868.patch - -Patch6000: backport-Fix-hist_nearend.patch -Patch6001: backport-functions-with-not-loaded-autoloaded-functions.patch -Patch6002: backport-Fix-interactive-restricted-shell-behavior.patch - + Patch9000: skip-some-test.patch -Patch6003: backport-Fix-handling-of-skipped-directories.patch -Patch6004: backport-Change-default-build-type-to-minsize-to-imporve-the-performance.patch - -Provides: /bin/ksh /usr/bin/ksh -BuildRequires: meson gcc glibc-devel ed +Provides: /bin/ksh /bin/rksh +BuildRequires: gcc bison glibc-langpack-ja ncurses procps tzdata util-linux Conflicts: pdksh -Requires(post): grep, coreutils, systemd-units chkconfig +Requires: coreutils, diffutils +Requires(post): grep, coreutils, systemd, chkconfig Requires(preun): chkconfig Requires(postun): sed Provides: ksh-help = %{epoch}:%{version}-%{release} Obsoletes: ksh-help < %{epoch}:%{version}-%{release} %description -KornShell is an interactive command language that provides access to the UNIX system and to -many other systems, on the many different computers and workstations on which it is implemented. +KSH-93 is the most recent version of the KornShell by David Korn of AT&T Bell Laboratories. +KornShell is a shell programming language, which is upward compatible with "sh" (the Bourne Shell). %prep -%autosetup -p1 -n %{name}-%{version} +%autosetup -p1 %build -%meson -Dbuild-api-tests=false -%meson_build +XTRAFLAGS="" +for f in -Wno-unknown-pragmas -Wno-missing-braces -Wno-unused-result -Wno-return-type -Wno-int-to-pointer-cast -Wno-parentheses -Wno-unused -Wno-unused-but-set-variable -Wno-cpp -Wno-maybe-uninitialized -Wno-lto-type-mismatch +do + $CC $f -E - /dev/null 2>&1 && XTRAFLAGS="$XTRAFLAGS $f" +done +export CCFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing $XTRAFLAGS" +export LDFLAGS="$RPM_LD_FLAGS" +bin/package make %install -%meson_install -mv %{buildroot}/%{_bindir}/ksh %{buildroot}/%{_bindir}/ksh93 -mv %{buildroot}/%{_bindir}/shcomp %{buildroot}/%{_bindir}/shcomp93 -mv %{buildroot}/%{_mandir}/man1/ksh.1 %{buildroot}/%{_mandir}/man1/ksh93.1 +mkdir -p %{buildroot}{%{_bindir},%{_mandir}/man1} +install -p -m 755 arch/*/bin/ksh %{buildroot}%{_bindir}/ksh93 +install -p -m 755 arch/*/bin/shcomp %{buildroot}%{_bindir}/shcomp +install -p -m 644 arch/*/man/man1/sh.1 %{buildroot}%{_mandir}/man1/ksh93.1 install -p -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/binfmt.d/kshcomp.conf install -p -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/kshrc install -p -D -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/skel/.kshrc +touch %{buildroot}%{_bindir}/ksh +touch %{buildroot}%{_mandir}/man1/ksh.1.gz + +touch %{buildroot}%{_bindir}/rksh +touch %{buildroot}%{_mandir}/man1/rksh.1.gz + %check -%meson_test +script -q -e -c "bin/package test" %post -for s in /bin/ksh /usr/bin/ksh +for s in /bin/ksh /bin/rksh /usr/bin/ksh /usr/bin/rksh do - if [ ! -f /etc/shells ]; then + if [ ! -f /etc/shells ]; then echo "$s" > /etc/shells - else + else if ! grep -q '^'"$s"'$' /etc/shells ; then - echo "$s" >> /etc/shells + echo "$s" >> /etc/shells fi - fi + fi done /bin/systemctl try-restart systemd-binfmt.service >/dev/null 2>&1 || : -%{_sbindir}/alternatives --install /bin/ksh ksh /bin/ksh93 50 \ - --slave %{_mandir}/man1/ksh.1.gz ksh-man %{_mandir}/man1/ksh93.1.gz \ - --slave /bin/shcomp shcomp93 /bin/shcomp93 2>/dev/null +%{_sbindir}/alternatives --install %{_bindir}/ksh ksh \ + %{_bindir}/ksh93 50 \ + --slave %{_bindir}/rksh rksh \ + %{_bindir}/ksh93 \ + --slave %{_mandir}/man1/rksh.1.gz rksh-man \ + %{_mandir}/man1/ksh93.1.gz \ + --slave %{_mandir}/man1/ksh.1.gz ksh-man \ + %{_mandir}/man1/ksh93.1.gz + +if [ ! -L %{_bindir}/ksh ]; then + %{_sbindir}/alternatives --auto ksh + ln -sf /etc/alternatives/ksh %{_bindir}/ksh + ln -sf /etc/alternatives/ksh-man %{_mandir}/man1/ksh.1.gz +fi %preun -if [ $1 -eq 0 ]; then - %{_sbindir}/alternatives --remove ksh /bin/ksh93 +if [ $1 = 0 ]; then + %{_sbindir}/alternatives --remove ksh %{_bindir}/ksh93 fi %postun -for s in /bin/ksh /usr/bin/ksh +for s in /bin/ksh /bin/rksh /usr/bin/ksh /usr/bin/rksh do - if [ ! -f $s ]; then - sed -i '\|^'"$s"'$|d' /etc/shells - fi + if [ ! -f $s ]; then + sed -i '\|^'"$s"'$|d' /etc/shells + fi done -%triggerpostun -- ksh < 1:2020.0.0-0.1 -%{_sbindir}/alternatives --auto ksh - -%files -%doc src/cmd/ksh93/{COMPATIBILITY,RELEASE,TYPES} -%{_bindir}/{ksh93,shcomp93} -%{_mandir}/man1/* +%files +%doc src/cmd/ksh93/{COMPATIBILITY,RELEASE,TYPES,README} +%doc README.md NEWS +%license LICENSE.md +%{_bindir}/ksh93 +%ghost %{_bindir}/ksh +%ghost %{_bindir}/rksh +%{_bindir}/shcomp +%{_mandir}/man1/ksh93.1* +%ghost %{_mandir}/man1/ksh.1* +%ghost %{_mandir}/man1/rksh.1* %config(noreplace) %{_sysconfdir}/skel/.kshrc %config(noreplace) %{_sysconfdir}/kshrc %config(noreplace) %{_sysconfdir}/binfmt.d/kshcomp.conf %changelog +* Mon Feb 5 2024 wangyuhang - 2:1.0.8-1 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:due to the upstream community no longer maintaining the previous version, + we have rolled back to the stable branch and switched to an active code repository. + new upstream release and update version to 1.0.8 + * Tue Dec 6 2022 wangyuhang - 1:2020.0.0-11 - Type:bugfix - CVE:NA diff --git a/skip-some-test.patch b/skip-some-test.patch index da52076ca810e762ea49389854b235709a576659..8cdd7e620e310317370765bcab09ec16c4a50386 100644 --- a/skip-some-test.patch +++ b/skip-some-test.patch @@ -1,151 +1,33 @@ -From 97795806fda12850b896d2dde4442568f38d7c48 Mon Sep 17 00:00:00 2001 -From: wangjiang -Date: Fri, 11 Mar 2022 14:34:29 +0800 +From 882029ce930456be2b954fa8467be3e0494504da Mon Sep 17 00:00:00 2001 +From: wangyuhang +Date: Sun, 4 Feb 2024 16:53:58 +0800 Subject: [PATCH] openEuler-skip-some-test +Offering:EulerOS Server +CVE: +Reference: +Type:bugfix/CVE/requirement/cleancode/testcode +DTS/AR: +reason: --- - src/cmd/ksh93/tests/b_ulimit.sh | 4 ++-- - src/cmd/ksh93/tests/b_uname.sh | 6 +++--- - src/cmd/ksh93/tests/bracket.sh | 8 ++++---- - src/cmd/ksh93/tests/builtins.sh | 2 +- - src/cmd/ksh93/tests/meson.build | 4 ---- - src/cmd/ksh93/tests/path.sh | 2 +- - 6 files changed, 11 insertions(+), 15 deletions(-) + src/cmd/ksh93/tests/shtests | 4 ++++ + 1 file changed, 4 insertions(+) -diff --git a/src/cmd/ksh93/tests/b_ulimit.sh b/src/cmd/ksh93/tests/b_ulimit.sh -index 0250926..4c9dd0f 100644 ---- a/src/cmd/ksh93/tests/b_ulimit.sh -+++ b/src/cmd/ksh93/tests/b_ulimit.sh -@@ -66,7 +66,7 @@ actual=$(ulimit -t) - - # ========== - # -v The number of K-bytes for virtual memory. --if [[ $OS_NAME != openbsd ]] -+if [[ $OS_NAME != linux ]] - then - ulimit -v unlimited - expect=unlimited -@@ -76,7 +76,7 @@ fi - - # ========== - # -M, --as The address space limit in Kibytes. --if [[ $OS_NAME != openbsd ]] -+if [[ $OS_NAME != linux ]] - then - ulimit -M unlimited - expect=unlimited -diff --git a/src/cmd/ksh93/tests/b_uname.sh b/src/cmd/ksh93/tests/b_uname.sh -index 4c9c06a..69ef430 100644 ---- a/src/cmd/ksh93/tests/b_uname.sh -+++ b/src/cmd/ksh93/tests/b_uname.sh -@@ -29,9 +29,9 @@ expect=$($bin_uname -n) - # ========== - # -r, --release|kernel-release - # The kernel release level. --actual=$(uname -r) --expect=$($bin_uname -r) --[[ "$actual" = "$expect" ]] || log_error "'uname -r' failed" "$expect" "$actual" -+#actual=$(uname -r) -+#expect=$($bin_uname -r) -+#[[ "$actual" = "$expect" ]] || log_error "'uname -r' failed" "$expect" "$actual" - - # ========== - # -v, --version|kernel-version -diff --git a/src/cmd/ksh93/tests/bracket.sh b/src/cmd/ksh93/tests/bracket.sh -index 07029f1..6915583 100644 ---- a/src/cmd/ksh93/tests/bracket.sh -+++ b/src/cmd/ksh93/tests/bracket.sh -@@ -99,7 +99,7 @@ then - fi - - chmod 000 $file --if [[ $OS_NAME == cygwin* ]] -+if [[ $OS_NAME == linux ]] - then - log_info 'skipping [[ -r $file ]] test on Cygwin' - else -@@ -114,7 +114,7 @@ then - log_error "-r: $file should be owned by me" - fi - --if [[ $OS_NAME == cygwin* ]] -+if [[ $OS_NAME == linux ]] - then - log_info 'skipping [[ -w $file ]] test on Cygwin' - else -@@ -124,7 +124,7 @@ else - fi - fi - --if [[ $OS_NAME == cygwin* ]] -+if [[ $OS_NAME == linux ]] - then - log_info 'skipping [[ -x $file ]] test on Cygwin' - else -@@ -134,7 +134,7 @@ else - fi - fi - --if [[ $OS_NAME == cygwin* ]] -+if [[ $OS_NAME == linux ]] - then - log_info 'skipping [[ -w $file || -r $file ]] test on Cygwin' - else -diff --git a/src/cmd/ksh93/tests/builtins.sh b/src/cmd/ksh93/tests/builtins.sh -index 55b1f4f..8f9fbba 100644 ---- a/src/cmd/ksh93/tests/builtins.sh -+++ b/src/cmd/ksh93/tests/builtins.sh -@@ -551,7 +551,7 @@ print ". $TEST_DIR/evalbug" >$TEST_DIR/envfile - [[ $(ENV=$TEST_DIR/envfile $SHELL -i -c : 2> /dev/null) == ok ]] || log_error 'eval inside dot script called from profile file not working' - - # test cd to a directory that doesn't have execute permission --if [[ $OS_NAME == cygwin* ]] -+if [[ $OS_NAME == linux ]] - then - log_warning 'skipping test of cd to dir without execute permission on Cygwin' - else -diff --git a/src/cmd/ksh93/tests/meson.build b/src/cmd/ksh93/tests/meson.build -index 6a07d7c..7728b88 100644 ---- a/src/cmd/ksh93/tests/meson.build -+++ b/src/cmd/ksh93/tests/meson.build -@@ -9,7 +9,6 @@ all_tests = [ - ['b_alias'], - ['b_basename'], - ['b_cat'], -- ['b_chmod'], - ['b_cmp'], - ['b_command'], - ['b_cut'], -@@ -34,7 +33,6 @@ all_tests = [ - ['b_sleep'], - ['b_sync'], - ['b_test.exp'], -- ['b_test'], - ['b_time.exp'], - ['b_times.exp'], - ['b_ulimit'], -@@ -49,8 +47,6 @@ all_tests = [ - ['arrays2'], - ['attributes'], - ['basic', 90], -- ['bracket'], -- ['builtins'], - ['case'], - ['comvar'], - ['comvario'], -diff --git a/src/cmd/ksh93/tests/path.sh b/src/cmd/ksh93/tests/path.sh -index 6920f19..4999d8f 100644 ---- a/src/cmd/ksh93/tests/path.sh -+++ b/src/cmd/ksh93/tests/path.sh -@@ -276,7 +276,7 @@ exp=126 - # - # TODO: Figure out if there is some way to make ksh behave on Cygwin like it does on real UNIX/POSIX - # compliant systems for these edge cases without greatly complicating the code. --if [[ $OS_NAME != cygwin* ]] -+if [[ $OS_NAME != linux ]] - then - - : > $scr +diff --git a/src/cmd/ksh93/tests/shtests b/src/cmd/ksh93/tests/shtests +index 6bbe2ef..86cd3e8 100755 +--- a/src/cmd/ksh93/tests/shtests ++++ b/src/cmd/ksh93/tests/shtests +@@ -340,6 +340,10 @@ typeset -A tests + typeset -i total_e=0 + for i in ${*-*.sh} + do [[ $i == *.sh ]] || i+='.sh' ++ if [[ $i == "pty.sh" ]] ++ then ++ continue ++ fi + if [[ ! -r $i ]] + then echo $0: $i: not found >&2 + (( ++total_e )) -- -1.8.3.1 +2.33.0