fix swprintf handling of nul character in output

[musl] / src / misc / wordexp.c

diff --git a/src/misc/wordexp.c b/src/misc/wordexp.c
index 15adddb..db83a69 100644 (file)
--- a/src/misc/wordexp.c
+++ b/src/misc/wordexp.c
@@ -7,7 +7,15 @@
 #include <stdlib.h>
 #include <sys/wait.h>
 #include <signal.h>
-#include <pthread.h>
+#include <errno.h>
+#include <fcntl.h>
+#include "pthread_impl.h"
+
+static void reap(pid_t pid)
+{
+       int status;
+       while (waitpid(pid, &status, 0) < 0 && errno == EINTR);
+}
 
 static char *getword(FILE *f)
 {
@@ -22,18 +30,19 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
        size_t np=0;
        char *w, **tmp;
        char *redir = (flags & WRDE_SHOWERR) ? "" : "2>/dev/null";
-       int err = 0, status;
+       int err = 0;
        FILE *f;
        size_t wc = 0;
        char **wv = 0;
        int p[2];
        pid_t pid;
+       sigset_t set;
 
        if (flags & WRDE_REUSE) wordfree(we);
 
        if (flags & WRDE_NOCMD) for (i=0; s[i]; i++) switch (s[i]) {
        case '\\':
-               if (!sq) i++;
+               if (!sq && !s[++i]) return WRDE_SYNTAX;
                break;
        case '\'':
                if (!dq) sq^=1;
@@ -62,6 +71,7 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
                if (!(sq|dq|np)) return WRDE_BADCHAR;
                break;
        case '$':
+               if (sq) break;
                if (s[i+1]=='(' && s[i+2]=='(') {
                        i += 2;
                        np += 2;
@@ -80,25 +90,26 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
        i = wc;
        if (flags & WRDE_DOOFFS) {
                if (we->we_offs > SIZE_MAX/sizeof(void *)/4)
-                       return WRDE_NOSPACE;
+                       goto nospace;
                i += we->we_offs;
        } else {
                we->we_offs = 0;
        }
 
-       if (pipe(p) < 0) return WRDE_NOSPACE;
+       if (pipe2(p, O_CLOEXEC) < 0) goto nospace;
+       __block_all_sigs(&set);
        pid = fork();
+       __restore_sigs(&set);
        if (pid < 0) {
                close(p[0]);
                close(p[1]);
-               return WRDE_NOSPACE;
+               goto nospace;
        }
        if (!pid) {
-               dup2(p[1], 1);
-               close(p[0]);
-               close(p[1]);
+               if (p[1] == 1) fcntl(1, F_SETFD, 0);
+               else dup2(p[1], 1);
                execl("/bin/sh", "sh", "-c",
-                       "eval \"printf %s\\\\\\\\0 $1 $2\"",
+                       "eval \"printf %s\\\\\\\\0 x $1 $2\"",
                        "sh", s, redir, (char *)0);
                _exit(1);
        }
@@ -108,12 +119,19 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
        if (!f) {
                close(p[0]);
                kill(pid, SIGKILL);
-               waitpid(pid, &status, 0);
-               return WRDE_NOSPACE;
+               reap(pid);
+               goto nospace;
        }
 
        l = wv ? i+1 : 0;
 
+       free(getword(f));
+       if (feof(f)) {
+               fclose(f);
+               reap(pid);
+               return WRDE_SYNTAX;
+       }
+
        while ((w = getword(f))) {
                if (i+1 >= l) {
                        l += l/2+10;
@@ -127,27 +145,29 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
        if (!feof(f)) err = WRDE_NOSPACE;
 
        fclose(f);
-       waitpid(pid, &status, 0);
-       if (WEXITSTATUS(status)) {
-               if (!(flags & WRDE_APPEND)) {
-                       free(wv);
-                       return WRDE_SYNTAX;
-               } else if (wv==we->we_wordv) {
-                       return WRDE_SYNTAX;
-               }
-       }
+       reap(pid);
+
+       if (!wv) wv = calloc(i+1, sizeof *wv);
 
        we->we_wordv = wv;
        we->we_wordc = i;
 
-       for (i=we->we_offs; i; i--)
-               we->we_wordv[i-1] = 0;
-
-       if (flags & WRDE_DOOFFS) we->we_wordc -= we->we_offs;
+       if (flags & WRDE_DOOFFS) {
+               if (wv) for (i=we->we_offs; i; i--)
+                       we->we_wordv[i-1] = 0;
+               we->we_wordc -= we->we_offs;
+       }
        return err;
+
+nospace:
+       if (!(flags & WRDE_APPEND)) {
+               we->we_wordc = 0;
+               we->we_wordv = 0;
+       }
+       return WRDE_NOSPACE;
 }
 
-int wordexp(const char *s, wordexp_t *we, int flags)
+int wordexp(const char *restrict s, wordexp_t *restrict we, int flags)
 {
        int r, cs;
        pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cs);