[PATCH v4 6/8] ash: use BB_EXECVPE to execute commands with FEATURE_SH_STANDALONE
Ron Yorston
rmy at pobox.com
Wed Jan 29 09:14:59 UTC 2025
Nadav Tasher <tashernadav at gmail.com> wrote:
> static void
>-tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char **argv, char **envp)
>+tryexec(const char *cmd, char **argv, char **envp)
> {
> #if ENABLE_FEATURE_SH_STANDALONE
>- if (applet_no >= 0) {
>- if (APPLET_IS_NOEXEC(applet_no)) {
>- clearenv();
>- while (*envp)
>- putenv(*envp++);
>- popredir(/*drop:*/ 1);
>- run_noexec_applet_and_exit(applet_no, cmd, argv);
>- }
>- /* re-exec ourselves with the new arguments */
>- execve(bb_busybox_exec_path, argv, envp);
>- /* If they called chroot or otherwise made the binary no longer
>- * executable, fall through */
>- }
This removes the call to popredir() without providing any replacement.
Since it's an internal ash function it can't be called from BB_EXECVPE.
The call was introduced in commit b31b61bb9b with this description:
ash: fix redir_leak.tests if STANDALONE=y
If STANDALONE and we run a NOEXEC applet, saved copies of redirected fds
were visible for the child. They have CLOEXEC bit, yes, but we do not exec
in this case.
Although the patch set doesn't touch hush, the _other_ shell in BusyBox,
it has a similar requirement. Before running a NOEXEC applet it calls
two internal functions: close_saved_fds_and_FILE_fds() and
switch_off_special_sigs().
Cheers,
Ron
More information about the busybox
mailing list