Path: csiph.com!xmission!news.snarked.org!news.linkpendium.com!news.linkpendium.com!panix!usenet.stanford.edu!not-for-mail From: Chet Ramey Newsgroups: gnu.bash.bug Subject: Re: History of bash's support for self-modifying shell scripts? Date: Tue, 11 Sep 2018 10:05:00 -0400 Lines: 54 Approved: bug-bash@gnu.org Message-ID: References: <20180910052543.GA4482@localhost> <20180910213921.GC2579@localhost> Reply-To: chet.ramey@case.edu NNTP-Posting-Host: lists.gnu.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Trace: usenet.stanford.edu 1536674726 27330 208.118.235.17 (11 Sep 2018 14:05:26 GMT) X-Complaints-To: action@cs.stanford.edu Cc: chet.ramey@case.edu, bug-bash@gnu.org To: Josh Triplett Envelope-to: bug-bash@gnu.org Openpgp: preference=signencrypt Autocrypt: addr=chet.ramey@case.edu; prefer-encrypt=mutual; keydata= xsDiBEEOsGwRBACFa0A1oa71HSZLWxAx0svXzhOZNQZOzqHmSuGOG92jIpQpr8DpvgRh40Yp AwdcXb8QG1J5yGAKeevNE1zCFaA725vGSdHUyypHouV0xoWwukYO6qlyyX+2BZU+okBUqoWQ koWxiYaCSfzB2Ln7pmdys1fJhcgBKf3VjWCjd2XJTwCgoFJOwyBFJdugjfwjSoRSwDOIMf0D /iQKqlWhIO1LGpMrGX0il0/x4zj0NAcSwAk7LaPZbN4UPjn5pqGEHBlf1+xDDQCkAoZ/VqES GZragl4VqJfxBr29Ag0UDvNbUbXoxQsARdero1M8GiAIRc50hj7HXFoERwenbNDJL86GPLAQ OTGOCa4W2o29nFfFjQrsrrYHzVtyA/9oyKvTeEMJ7NA3VJdWcmn7gOu0FxEmSNhSoV1T4vP2 1Wf7f5niCCRKQLNyUy0wEApQi4tSysdz+AbgAc0b/bHYVzIf2uO2lIEZQNNt+3g2bmXgloWm W5fsm/di50Gm1l1Na63d3RZ00SeFQos6WEwLUHEB0yp6KXluXLLIZitEJM0gQ2hldCBSYW1l eSA8Y2hldC5yYW1leUBjYXNlLmVkdT7CYQQTEQIAIQIbAwYLCQgHAwIDFQIDAxYCAQIeAQIX gAUCRX3FIgIZAQAKCRC7WGnwZOp0q069AKCNDRn+zzN/AHbaynls/Lvq1kH/RQCgkLvF8bDs maUHSxSIPqzlGuKWDxbOwE0EQQ6wbxAEAJCukwDigRDPhAuI+lf+6P64lWanIFOXIndqhvU1 3cDbQ/Wt5LwPzm2QTvd7F+fcHOgZ8KOFScbDpjJaRqwIybMTcIN0B2pBLX/C10W1aY+cUrXZ gXUGVISEMmpaP9v02auToo7XXVEHC+XLO9IU7/xaU98FL69l6/K4xeNSBRM/AAMHA/wNAmRB pcyK0+VggZ5esQaIP/LyolAm2qwcmrd3dZi+g24s7yjV0EUwvRP7xHRDQFgkAo6++QbuecU/ J90lxrVnQwucZmfz9zgWDkT/MpfB/CNRSKLFjhYq2yHmHWT6vEjw9Ry/hF6Pc0oh1a62USdf aKAiim0nVxxQmPmiRvtCmcJJBBgRAgAJBQJBDrBvAhsMAAoJELtYafBk6nSr43AAn2ZZFQg8 Gs/zUzvXMt7evaFqVTzcAJ0cHtKpP1i/4H4R9+OsYeQdxxWxTQ== User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 In-Reply-To: <20180910213921.GC2579@localhost> Content-Language: en-US X-Junkmail-Status: score=8/90, host=mpv4-2015.case.edu X-Junkmail-PrAS-Raw: score=8/90, refid=2.7.2:2018.9.11.132416:17:8.317, ip=, rules=__HAS_REPLYTO, __HAS_CC_HDR, __MULTIPLE_RCPTS_CC_X2, __PHISH_SPEAR_SUBJ_TEAM, __SUBJ_REPLY, __BOUNCE_CHALLENGE_SUBJ, __BOUNCE_NDR_SUBJ_EXEMPT, __TO_MALFORMED_2, __TO_NAME, __TO_NAME_DIFF_FROM_ACC, __REFERENCES, __HAS_FROM, FROM_EDU_TLD, __HAS_MSGID, __SANE_MSGID, DATE_TZ_NA, __USER_AGENT, __MOZILLA_USER_AGENT, __MIME_VERSION, __IN_REP_TO, __CT, __CT_TEXT_PLAIN, __CTE, __REPLYTO_SAMEAS_FROM_ADDY, __REPLYTO_SAMEAS_FROM_ACC, __FROM_DOMAIN_IN_ANY_CC2, __REPLYTO_SAMEAS_FROM_DOMAIN, __ANY_URI, __URI_WITH_PATH, __URI_NO_WWW, __CP_NAME_BODY, __CP_URI_IN_BODY, __STOCK_PHRASE_7, __FRAUD_MONEY_CURRENCY_DOLLAR, __SUBJ_ALPHA_NEGATE, __URI_IN_BODY, __URI_NOT_IMG, __FORWARDED_MSG, __NO_HTML_TAG_RAW, BODYTEXTP_SIZE_3000_LESS, BODY_SIZE_2000_2999, __MIME_TEXT_P1, __MIME_TEXT_ONLY, __URI_NS, HTML_00_01, HTML_00_10, __FRAUD_MONEY_CURRENCY, BODY_SIZE_5000_LESS, IN_REP_TO, [TRUNCATED], so=2010-03-03 19:42:08, dmn=2016-08-03-0138 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic] X-Received-From: 129.22.103.195 X-BeenThere: bug-bash@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Bug reports for the GNU Bourne Again SHell List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Xref: csiph.com gnu.bash.bug:14571 On 9/10/18 5:39 PM, Josh Triplett wrote: >> It happens in only a few cases: 1) when forking a child to run a command; >> 2) when a redirection specifies the same file descriptor as bash is using >> to read a script; and 3) when bash is reading a script from stdin and the >> read builtin is used to read from that file descriptor. >> >> The first case is probably the one you're interested in. It's been there >> even since I wrote the buffered input code in 1992, and it's more about >> making sure parent and child shells have a consistent view of the script >> in case the child expects to read from it. It's about being careful, not >> explicitly allowing self-modifying scripts. > > Interesting. I don't *think* the behavior I observed corresponds to one > of those cases; I observed it by just having a shell script that > carefully used `dd conv=notrunc of=$0 ...` to write code into the > current script after the current command. That seems to be exactly the first case: forking a child to run a command. In this case, the command as written is a command substitution. > >> Previous versions of the shell (through bash-1.12) used stdio, which has >> behavior that varies across systems, especially across parent-child >> boundaries and changing file descriptors due to redirection (which it can't >> really handle at all). >> >> POSIX says you have to do that anyway if the shell is reading from stdin: >> >> "When the shell is using standard input and it invokes a command that also >> uses standard input, the shell shall ensure that the standard input file >> pointer points directly after the command it has read when the command >> begins execution. It shall not read ahead in such a manner that any >> characters intended to be read by the invoked command are consumed by the >> shell (whether interpreted by the shell or not) or that characters that are >> not read by the invoked command are not seen by the shell." > > I did find that, but that only applies to stdin, not to shell scripts. That's not exactly what I think you mean to say; this should certainly produce `output' on stdout cat output when fed to the shell as a script on stdin (and the `cat' should consume the rest of the script as input). Chet -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/