system: Add "--" after "-c" for sh (BZ #28519)

Prevent sh from interpreting a user string as shell options if it starts with '-' or '+'. Since the version of /bin/sh used for testing system() is different from the full-fledged system /bin/sh add support to it for handling "--" after "-c". Add a testcase to ensure the expected behavior. Signed-off-by: Joe Simmons-Talbott <josimmon@redhat.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-11-21 12:30:06 +00:00 · 2023-03-22 14:04:30 -04:00 · 2023-03-22 14:04:30 -04:00 · 868506eb42
commit 868506eb42
parent 31bfe3ef4e
4 changed files with 22 additions and 2 deletions
--- a/libio/iopopen.c
+++ b/libio/iopopen.c
@ -87,7 +87,7 @@ spawn_process (posix_spawn_file_actions_t *fa, FILE *fp, const char *command,
    }

  err = __posix_spawn (&((_IO_proc_file *) fp)->pid, _PATH_BSHELL, fa, 0,
-		       (char *const[]){ (char*) "sh", (char*) "-c",
+		       (char *const[]){ (char*) "sh", (char*) "-c", (char*) "--",
 		       (char *) command, NULL }, __environ);
  if (err != 0)
    return err;
--- a/stdlib/tst-system.c
+++ b/stdlib/tst-system.c
@ -146,6 +146,20 @@ do_test (void)
    TEST_COMPARE_STRING (result.out.buffer, "...\n");
  }

+  {
+    struct support_capture_subprocess result;
+    const char *cmd = "-echo";
+    result = support_capture_subprocess (call_system,
+					 &(struct args) { cmd, 127 });
+    support_capture_subprocess_check (&result, "system", 0, sc_allow_stderr |
+			sc_allow_stdout);
+    char *returnerr = xasprintf ("%s: execing -echo failed: "
+				 "No such file or directory",
+				 basename(_PATH_BSHELL));
+    TEST_COMPARE_STRING (result.err.buffer, returnerr);
+    free (returnerr);
+  }
+
  {
    struct support_capture_subprocess result;
    result = support_capture_subprocess (call_system,
--- a/support/shell-container.c
+++ b/support/shell-container.c
@ -455,7 +455,12 @@ main (int argc, const char **argv)
    dprintf (stderr, "  argv[%d] is `%s'\n", i, argv[i]);

  if (strcmp (argv[1], "-c") == 0)
-    run_command_string (argv[2], argv+3);
+    {
+      if (strcmp (argv[2], "--") == 0)
+		run_command_string (argv[3], argv+4);
+      else
+		run_command_string (argv[2], argv+3);
+    }
  else
    run_script (argv[1], argv+2);

--- a/sysdeps/posix/system.c
+++ b/sysdeps/posix/system.c
@ -147,6 +147,7 @@ do_system (const char *line)
  ret = __posix_spawn (&pid, SHELL_PATH, 0, &spawn_attr,
 		       (char *const[]){ (char *) SHELL_NAME,
 					(char *) "-c",
+					(char *) "--",
 					(char *) line, NULL },
 		       __environ);
  __posix_spawnattr_destroy (&spawn_attr);