don't terminate the buffer and go back to read another character;
allow the NULL to pass through and terminate the read.
Fixes bug report from Stephane Chazelas <stephane.chazelas@gmail.com>
+
+ 5/9
+ ---
+bashhist.c
+ - bash_delete_histent: decrement history_lines_this_session only if
+ remove_history returns a non-null history entry, and return failure
+ if it does return a null entry
+
+builtins/history.def
+ - history_builtin: when checking the argument to -d, display an error
+ if the argument is >= history_base + history_length, since that's
+ what history_get and remove_history check. Fixes issue reported by
+ <jr@saturn.site>
+
+support/shobj-conf
+ - hpux11: change stanza to create shared libraries on later versions of
+ HPUX 11. Contributed by Michael Osipov <michael.osipov@siemens.com>
+
+lib/readline/terminal.c
+ - _rl_init_terminal_io: assume TGETENT_BROKEN defined means that tgetent
+ returns 0 on success, as on HPUX 11. Bug reported by Michael Osipov
+ <michael.osipov@siemens.com>
+
+configure.ac
+ - hpux: add -DTGETENT_BROKEN to LOCAL_CFLAGS. Still need to do this
+ in the readline configure.ac
+
+execute_cmd.c
+ - select_builtin: set executing_builtin around the call to read_builtin
+ so we can run traps if the read call is interrupted. From a report
+ from Andreas Kusalananda Kähäri <andreas.kahari@abc.se>
+
+ 5/12
+ ----
+doc/bashref.texi
+ - The Restricted Shell: add some language detailing the weaknesses of
+ the restricted shell mode in isolation, inspired by a discussion on
+ the zsh mailing list
discard = remove_history (i);
if (discard)
- free_history_entry (discard);
- history_lines_this_session--;
-
- return 1;
+ {
+ free_history_entry (discard);
+ history_lines_this_session--;
+ }
+ return discard != 0;
}
int
}
opt = ind + history_base; /* compensate for opt - history_base below */
}
- else if ((delete_offset < history_base) || (delete_offset > (history_base + history_length)))
+ else if ((delete_offset < history_base) || (delete_offset >= (history_base + history_length)))
{
sh_erange (delete_arg, _("history position"));
return (EXECUTION_FAILURE);
;;
sysv5*) $as_echo "#define SVR5 1" >>confdefs.h
;;
-hpux9*) LOCAL_CFLAGS="-DHPUX9 -DHPUX" ;;
-hpux*) LOCAL_CFLAGS=-DHPUX ;;
+hpux9*) LOCAL_CFLAGS="-DHPUX9 -DHPUX -DTGETENT_BROKEN" ;;
+hpux*) LOCAL_CFLAGS="-DHPUX -DTGETENT_BROKEN" ;;
dgux*) LOCAL_CFLAGS=-D_DGUX_SOURCE; LOCAL_LIBS=-ldgc ;;
isc*) LOCAL_CFLAGS=-Disc386 ;;
rhapsody*) LOCAL_CFLAGS=-DRHAPSODY ;;
AC_DEFINE(SVR4) ;;
sysv4*) AC_DEFINE(SVR4) ;;
sysv5*) AC_DEFINE(SVR5) ;;
-hpux9*) LOCAL_CFLAGS="-DHPUX9 -DHPUX" ;;
-hpux*) LOCAL_CFLAGS=-DHPUX ;;
+hpux9*) LOCAL_CFLAGS="-DHPUX9 -DHPUX -DTGETENT_BROKEN" ;;
+hpux*) LOCAL_CFLAGS="-DHPUX -DTGETENT_BROKEN" ;;
dgux*) LOCAL_CFLAGS=-D_DGUX_SOURCE; LOCAL_LIBS=-ldgc ;;
isc*) LOCAL_CFLAGS=-Disc386 ;;
rhapsody*) LOCAL_CFLAGS=-DRHAPSODY ;;
(@pxref{Shell Scripts}), @code{rbash} turns off any restrictions in
the shell spawned to execute the script.
+The restricted shell mode is only one component of a useful restricted
+environment. It should be accompanied by setting @env{PATH} to a value
+that allows execution of only a few verified commands (commands that
+allow shell escapes are particularly vulnerable), leaving the user
+in a non-writable directory other than his home directory after login,
+not allowing the restricted shell to execute shell scripts, and cleaning
+the environment of variables that cause some commands to modify their
+behavior (e.g., @env{VISUAL} or @{PAGER}).
+
+Modern systems provide more secure ways to implement a restricted environment,
+such as @code{jails}, @code{zones}, or @code{containers}.
+
+
@node Bash POSIX Mode
@section Bash POSIX Mode
@cindex POSIX Mode
Copyright (C) 1988-2019 Free Software Foundation, Inc.
@end ignore
-@set LASTCHANGE Sat Apr 20 12:32:57 EDT 2019
+@set LASTCHANGE Sun May 12 13:29:23 MDT 2019
@set EDITION 5.0
@set VERSION 5.0
-@set UPDATED 20 April 2019
-@set UPDATED-MONTH April 2019
+@set UPDATED 12 May 2019
+@set UPDATED-MONTH May 2019
char *prompt;
int print_menu;
{
- int max_elem_len, indices_len, len;
+ int max_elem_len, indices_len, len, r, oe;
intmax_t reply;
WORD_LIST *l;
char *repl_string, *t;
fflush (stderr);
QUIT;
- if (read_builtin ((WORD_LIST *)NULL) != EXECUTION_SUCCESS)
+ oe = executing_builtin;
+ executing_builtin = 1;
+ r = read_builtin ((WORD_LIST *)NULL);
+ executing_builtin = oe;
+ if (r != EXECUTION_SUCCESS)
{
putchar ('\n');
return ((char *)NULL);
tgetent_ret = tgetent (term_buffer, term);
}
+#ifdef TGETENT_BROKEN
+ if (tgetent_ret < 0)
+#else
if (tgetent_ret <= 0)
+#endif
{
FREE (term_string_buffer);
FREE (term_buffer);
SHLIB_STATUS=unsupported
# If you are using the HP ANSI C compiler, you can uncomment and use
- # this code (I have not tested it)
-# SHOBJ_STATUS=supported
-# SHLIB_STATUS=supported
-#
+ # this code from michael.osipov@siemens.com (I have not tested it)
# SHOBJ_CFLAGS='+z'
-# SHOBJ_LD='ld'
-# SHOBJ_LDFLAGS='-b +s +h $@'
+# SHOBJ_LD='$(CC)'
+# SHOBJ_LDFLAGS='-b -Wl,+s -Wl,+h,$@'
#
-# SHLIB_XLDFLAGS='+b $(libdir)'
-# SHLIB_LIBSUFF='sl'
+# SHLIB_XLDFLAGS='-Wl,+b,$(libdir)'
+# SHLIB_LIBSUFF='so'
# SHLIB_LIBVERSION='$(SHLIB_LIBSUFF).$(SHLIB_MAJOR)'
-
+# SHLIB_LIBS='$(TERMCAP_LIB)'
;;
sysv4*-*gcc*)
projects / thirdparty / bash.git / commitdiff
