Jonas Holmberg from axis dot com writes: - forks/busybox - Busybox tree with Carbs Linux patches

diff options

author	Eric Andersen <andersen@codepoet.org>	2004-09-02 23:13:10 +0000
committer	Eric Andersen <andersen@codepoet.org>	2004-09-02 23:13:10 +0000
commit	fd7a4c8c2887187e901809d89997deefb8b99d97 (patch)
tree	70ea04a5934546b070f3e0c403629fe4da7aa444 /docs/busybox.net/download.html
parent	7b08cdd98cdf99b0d2bd622566e9288d44b17529 (diff)
download	busybox-fd7a4c8c2887187e901809d89997deefb8b99d97.tar.gz

Jonas Holmberg from axis dot com writes:

This patch makes msh handle variable expansion within backticks more correctly. Current behaviour (wrong): -------------------------- BusyBox v1.00-rc3 (2004.08.26-11:51+0000) Built-in shell (msh) Enter 'help' for a list of built-in commands. $ A='`echo hello`' $ echo $A `echo hello` $ echo `echo $A` hello $ New behaviour (correct): ------------------------ BusyBox v1.00-rc3 (2004.08.26-11:51+0000) Built-in shell (msh) Enter 'help' for a list of built-in commands. $ A='`echo hello`' $ echo $A `echo hello` $ echo `echo $A` `echo hello` $ The current behaviour (wrong according to standards) was actually my fault. msh handles backticks by executing a subshell (which makes it work on MMU-less systems). Executing a subshell makes it hard to only expand variables once in the parent. Therefore I export all variables that will be expanded within the backticks and let the subshell handle the expansion instead. The bug was found while searching for security leaks in CGI-scripts. Current behaviour of msh makes it easy to expand backticks by mistake in $QUERY_STRING. I recommend appling the patch before release of bb 1.00. /Jonas

Diffstat (limited to 'docs/busybox.net/download.html')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: