Re: [PATCH] var: ensure variables are fully initialised when unset

[Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>]

Harald van Dijk <harald@xxxxxxxxxxx> wrote:
> [-- text/plain, encoding 7bit, charset: utf-8, 29 lines --]
> 
> On 12/11/2018 12:53, Ron Yorston wrote:
>> When a variable is unset by calling setvar(name, 0, 0) the code
>> to initialise the new, empty variable omits the trailing '='.
> 
> It's supposed to. A trailing = means the variable is set to an empty 
> string. That's different from unset. You can see the difference with
> set -u, or with ${var+set}. However, ...
> 
>> Attempts to read the contents of the unset variable will result
>> in the uninitialised character at the end of the string being
>> accessed.
> 
> ...this is indeed a bug which I've noticed as well. The code needs two 
> trailing null bytes, not just one. Because of glibc internals, the 
> out-of-bounds byte being read will almost certainly be zero on x86-64, 
> but it's not a guarantee, and it could probably break more easily on 
> other platforms.
> 
> It only affects shell-internal uses of variables, only for variables 
> explicitly unset by a script (rather than unset by default), only for 
> uses where the code does not explicitly check for unset beforehand. As 
> far as scripts go, that just means PATH (as you found) I think, for 
> interactive shells there are some more variables such as PS1/PS2/PS4/MAIL.
> 
> My patch is attached.

Thanks for the patch Harald!

Could you please repost it with a new Subject line? patchwork
is no longer picking up patches posted as a reply.

Please also add a Signed-off-by tag.

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt