| commit | d489f2e2e98268894a38a1c84da559e74020c47b | |
| author | Herbert Xu <herbert@gondor.apana.org.au> | |
| Fri, 5 Apr 2024 09:55:46 +0000 (5 17:55 +0800) | ||
| committer | Herbert Xu <herbert@gondor.apana.org.au> | |
| Fri, 12 Apr 2024 08:06:02 +0000 (12 16:06 +0800) | ||
| tree | 59426e12de9ac5dec19c90a54f7900d695dcb384 | treesnapshot (tar.gz zip) |
| parent | 419f334520c251fb9cdeac380312d38521dfca5c | commitdiff |
exec: Check executable bit when searching path
Andrej Shadura <andrew.shadura@collabora.co.uk> wrote:
>
> Here's an old bug from 2017, but it was brought to my attention in some
> recent discussion about which "which" is which. There's also a patch in
> one of the follow-ups, but I'm afraid I don't know enough about that
> part of code to judge the consequences of it being applied:
>
> https://bugs.debian.org/874264
>
> -------- Forwarded Message --------
> Subject: dash: 'command -v' mistakenly returns a shell script whose
> executable is not set
> Date: Mon, 04 Sep 2017 10:45:48 -0400
> From: Norman Ramsey <nr@cs.tufts.edu>
> To: Debian Bug Tracking System <submit@bugs.debian.org>
>
> Package: dash
> Version: 0.5.8-2.4
> Severity: normal
>
> Dear Maintainer,
>
>
> I tracked a build bug in s-nail to a problem with dash. Symptom:
> building s-nail tries to run /home/nr/bin/clang, a script whose
> executable bit is not set. We tracked the problem to the result of
> running `command -v clang` with /bin/sh:
>
> nr@homedog ~/n/s-nail> /bin/sh -c 'command -v clang'
> /home/nr/bin/clang
> nr@homedog ~/n/s-nail> ls -l /home/nr/bin/clang
> -rw-rw-r-- 1 nr nr 1009 Aug 29 2011 /home/nr/bin/clang
> nr@homedog ~/n/s-nail> ls -l /bin/sh
> lrwxrwxrwx 1 root root 4 Jan 24 2017 /bin/sh -> dash
> nr@homedog ~/n/s-nail> ksh -c 'command -v clang'
> /usr/bin/clang
> nr@homedog ~/n/s-nail> bash -c 'command -v clang'
> /usr/bin/clang
> nr@homedog ~/n/s-nail> sh -c 'command -v clang'
> /home/nr/bin/clang
> nr@homedog ~/n/s-nail> dash -c 'command -v clang'
> /home/nr/bin/clang
> nr@homedog ~/n/s-nail> fish -c 'command -v clang'
> /usr/bin/clang
>
> When I run `command -v clang` I expect it to answer /usr/bin/clang.
>
> -- System Information:
> Debian Release: 9.1
> APT prefers stable
> APT policy: (990, 'stable'), (500, 'stable'), (1, 'experimental')
> Architecture: i386 (x86_64)
> Foreign Architectures: amd64
>
> Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
> Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to
> en_US.utf8), LANGUAGE=C (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages dash depends on:
> ii debianutils 4.8.1.1
> ii dpkg 1.18.24
> ii libc6 2.24-11+deb9u1
>
> dash recommends no packages.
>
> dash suggests no packages.
>
> -- debconf information:
> * dash/sh: true
This is inherited from NetBSD. There is even a commented-out
block of code that tried to fix this.
Anyway, we now have faccessat so we can simply use it.
Reported-by: Norman Ramsey <nr@cs.tufts.edu>
Reported-by: Nicola Lamacchia <nicola.lamacchia@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Andrej Shadura <andrew.shadura@collabora.co.uk> wrote:
>
> Here's an old bug from 2017, but it was brought to my attention in some
> recent discussion about which "which" is which. There's also a patch in
> one of the follow-ups, but I'm afraid I don't know enough about that
> part of code to judge the consequences of it being applied:
>
> https://bugs.debian.org/874264
>
> -------- Forwarded Message --------
> Subject: dash: 'command -v' mistakenly returns a shell script whose
> executable is not set
> Date: Mon, 04 Sep 2017 10:45:48 -0400
> From: Norman Ramsey <nr@cs.tufts.edu>
> To: Debian Bug Tracking System <submit@bugs.debian.org>
>
> Package: dash
> Version: 0.5.8-2.4
> Severity: normal
>
> Dear Maintainer,
>
>
> I tracked a build bug in s-nail to a problem with dash. Symptom:
> building s-nail tries to run /home/nr/bin/clang, a script whose
> executable bit is not set. We tracked the problem to the result of
> running `command -v clang` with /bin/sh:
>
> nr@homedog ~/n/s-nail> /bin/sh -c 'command -v clang'
> /home/nr/bin/clang
> nr@homedog ~/n/s-nail> ls -l /home/nr/bin/clang
> -rw-rw-r-- 1 nr nr 1009 Aug 29 2011 /home/nr/bin/clang
> nr@homedog ~/n/s-nail> ls -l /bin/sh
> lrwxrwxrwx 1 root root 4 Jan 24 2017 /bin/sh -> dash
> nr@homedog ~/n/s-nail> ksh -c 'command -v clang'
> /usr/bin/clang
> nr@homedog ~/n/s-nail> bash -c 'command -v clang'
> /usr/bin/clang
> nr@homedog ~/n/s-nail> sh -c 'command -v clang'
> /home/nr/bin/clang
> nr@homedog ~/n/s-nail> dash -c 'command -v clang'
> /home/nr/bin/clang
> nr@homedog ~/n/s-nail> fish -c 'command -v clang'
> /usr/bin/clang
>
> When I run `command -v clang` I expect it to answer /usr/bin/clang.
>
> -- System Information:
> Debian Release: 9.1
> APT prefers stable
> APT policy: (990, 'stable'), (500, 'stable'), (1, 'experimental')
> Architecture: i386 (x86_64)
> Foreign Architectures: amd64
>
> Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
> Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to
> en_US.utf8), LANGUAGE=C (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages dash depends on:
> ii debianutils 4.8.1.1
> ii dpkg 1.18.24
> ii libc6 2.24-11+deb9u1
>
> dash recommends no packages.
>
> dash suggests no packages.
>
> -- debconf information:
> * dash/sh: true
This is inherited from NetBSD. There is even a commented-out
block of code that tried to fix this.
Anyway, we now have faccessat so we can simply use it.
Reported-by: Norman Ramsey <nr@cs.tufts.edu>
Reported-by: Nicola Lamacchia <nicola.lamacchia@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| src/bltin/test.c | diffblobblamehistory | |
| src/exec.c | diffblobblamehistory | |
| src/exec.h | diffblobblamehistory |