system: Add "--" after "-c" for sh (BZ #28519)

Prevent sh from interpreting a user string as shell options if it
starts with '-' or '+'.  Since the version of /bin/sh used for testing
system() is different from the full-fledged system /bin/sh add support
to it for handling "--" after "-c".  Add a testcase to ensure the
expected behavior.

Signed-off-by: Joe Simmons-Talbott <josimmon@redhat.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

diff --git a/libio/iopopen.c b/libio/iopopen.c
index a64033e60fb5ee0c65a1e1063c2fa5fed42dba30..4cc405f2dec47cce1898469fa9de23a13371eb61 100644 (file)
--- a/libio/iopopen.c
+++ b/libio/iopopen.c
@@ -87,7 +87,7 @@ spawn_process (posix_spawn_file_actions_t *fa, FILE *fp, const char *command,
     }
 
   err = __posix_spawn (&((_IO_proc_file *) fp)->pid, _PATH_BSHELL, fa, 0,
-                      (char *const[]){ (char*) "sh", (char*) "-c",
+                      (char *const[]){ (char*) "sh", (char*) "-c", (char*) "--",
                       (char *) command, NULL }, __environ);
   if (err != 0)
     return err;

diff --git a/stdlib/tst-system.c b/stdlib/tst-system.c
index 47a0afe6bf2b118bf52c535f68d8eecc814e0ae5..3a55ec27918eb8ec6bc43c837454c10ffc3f83bb 100644 (file)
--- a/stdlib/tst-system.c
+++ b/stdlib/tst-system.c
@@ -146,6 +146,20 @@ do_test (void)
     TEST_COMPARE_STRING (result.out.buffer, "...\n");
   }
 
+  {
+    struct support_capture_subprocess result;
+    const char *cmd = "-echo";
+    result = support_capture_subprocess (call_system,
+                                        &(struct args) { cmd, 127 });
+    support_capture_subprocess_check (&result, "system", 0, sc_allow_stderr |
+                       sc_allow_stdout);
+    char *returnerr = xasprintf ("%s: execing -echo failed: "
+                                "No such file or directory",
+                                basename(_PATH_BSHELL));
+    TEST_COMPARE_STRING (result.err.buffer, returnerr);
+    free (returnerr);
+  }
+
   {
     struct support_capture_subprocess result;
     result = support_capture_subprocess (call_system,

diff --git a/support/shell-container.c b/support/shell-container.c
index b1f9e793c1db8558128eb0b5f53cddf509b5787c..28437e4206ba23f59e27d42eaffdf0f36e49843f 100644 (file)
--- a/support/shell-container.c
+++ b/support/shell-container.c
@@ -455,7 +455,12 @@ main (int argc, const char **argv)
     dprintf (stderr, "  argv[%d] is `%s'\n", i, argv[i]);
 
   if (strcmp (argv[1], "-c") == 0)
-    run_command_string (argv[2], argv+3);
+    {
+      if (strcmp (argv[2], "--") == 0)
+               run_command_string (argv[3], argv+4);
+      else
+               run_command_string (argv[2], argv+3);
+    }
   else
     run_script (argv[1], argv+2);
 

diff --git a/sysdeps/posix/system.c b/sysdeps/posix/system.c
index d77720a625e0d42a5cdca13961aae9db9c95ea78..488b95163bb4d88bc1e2bac8b41e29fcf1530f96 100644 (file)
--- a/sysdeps/posix/system.c
+++ b/sysdeps/posix/system.c
@@ -147,6 +147,7 @@ do_system (const char *line)
   ret = __posix_spawn (&pid, SHELL_PATH, 0, &spawn_attr,
                       (char *const[]){ (char *) SHELL_NAME,
                                        (char *) "-c",
+                                       (char *) "--",
                                        (char *) line, NULL },
                       __environ);
   __posix_spawnattr_destroy (&spawn_attr);