[v4] system.3: Document bug and workaround when the command name starts with a hypen
Message ID | 20210108142209.61938-1-alx.manpages@gmail.com |
---|---|
State | Not applicable |
Headers |
Return-Path: <libc-alpha-bounces@sourceware.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id E930E397304F; Fri, 8 Jan 2021 14:23:10 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E930E397304F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1610115791; bh=WHYae1ZIOoUD+fH72usBuocdaizTJexo9mR+ov/wFxw=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=GQqFdszVF2TIZ0/0k0Kb617oEhWkpguahcEmf3NFAZYCbvW3RQJK2MnexCycHOcs+ 5wu879VSerwoUBDr41D9VK67eozf29X1jC46glSVFNqnd2AHYsi0Xti1C+LW28MEJJ MjagvcLKKF9AoQzGet3euLC3U+vvnkIuQzlQKkQQ= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) by sourceware.org (Postfix) with ESMTPS id 187373842402 for <libc-alpha@sourceware.org>; Fri, 8 Jan 2021 14:23:08 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 187373842402 Received: by mail-wr1-x432.google.com with SMTP id m5so9164147wrx.9 for <libc-alpha@sourceware.org>; Fri, 08 Jan 2021 06:23:08 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WHYae1ZIOoUD+fH72usBuocdaizTJexo9mR+ov/wFxw=; b=FDweWPltgc4nhUosPEhhKjvp6pyu03IDJqstWQuLA1io1dI8NDaK/B05fPP3T08l4g 4FEX/GMXcu/u4KVJSzy6FK/OdES//q9fhM1odUg6PrW+Nfr3y9sPHK+zcZG8eUEzSfuR kVptpYCHaagKyUWRDztv8tgTVY7ZIFIRJl5D+BUemltlxnVvO5GsuUav+QCildS57aLG XT44eJauPablcm5ZxLC+czTJ0VnwVDgNd931aB6dj+woh34B21BUklS+QG8BHzWFxE0J bmUqULORPje2Ci573FOoxpfauEkq4UH3pw6/C2iZbcW8AocNYOtpJQ3TPtbnAk3lIT71 rDvw== X-Gm-Message-State: AOAM5329B2k3YJLSMzMM4hm+nbdQFCrzqyDx7v/qmxOHWAo7CTOTXnvp Pu1TEpFprJ8KnvFnuSA7E6Y= X-Google-Smtp-Source: ABdhPJzz0BuPrzM+eGkVHaoCL85Ne4asXixJesSRlIhD2qdfSa3CXGt2MOksZrSzuDSJLfFWYrrbXA== X-Received: by 2002:a5d:5227:: with SMTP id i7mr4072427wra.68.1610115787279; Fri, 08 Jan 2021 06:23:07 -0800 (PST) Received: from debian.vlc ([170.253.51.130]) by smtp.gmail.com with ESMTPSA id s63sm13863522wms.18.2021.01.08.06.23.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Jan 2021 06:23:06 -0800 (PST) To: mtk.manpages@gmail.com Subject: [PATCH v4] system.3: Document bug and workaround when the command name starts with a hypen Date: Fri, 8 Jan 2021 15:22:11 +0100 Message-Id: <20210108142209.61938-1-alx.manpages@gmail.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210104180420.74092-1-alx.manpages@gmail.com> References: <20210104180420.74092-1-alx.manpages@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-11.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org> List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe> List-Archive: <https://sourceware.org/pipermail/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help> List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>, <mailto:libc-alpha-request@sourceware.org?subject=subscribe> From: Alejandro Colomar via Libc-alpha <libc-alpha@sourceware.org> Reply-To: Alejandro Colomar <alx.manpages@gmail.com> Cc: Alejandro Colomar <alx.manpages@gmail.com>, linux-man@vger.kernel.org, Ciprian Dorin Craciun <ciprian.craciun@gmail.com>, libc-alpha@sourceware.org, Florian Weimer <fweimer@redhat.com> Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" <libc-alpha-bounces@sourceware.org> |
Series |
[v4] system.3: Document bug and workaround when the command name starts with a hypen
|
|
Commit Message
Alejandro Colomar
Jan. 8, 2021, 2:22 p.m. UTC
man-pages bug: 211029
https://bugzilla.kernel.org/show_bug.cgi?id=211029
Complete workaround
(it was too long for the page, but it may be useful here):
......
$ sudo ln -s -T /usr/bin/echo /usr/bin/-echo;
$ cc -o system_hyphen -x c - ;
#include <stdlib.h>
int
main(void)
{
system(" -echo Hello world!");
exit(EXIT_SUCCESS);
}
$ ./system_hyphen;
Hello world!
Reported-by: Ciprian Dorin Craciun <ciprian.craciun@gmail.com>
Cc: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com>
---
D'oh!
man3/system.3 | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
Comments
On 1/8/21 3:22 PM, Alejandro Colomar wrote: > man-pages bug: 211029 > https://bugzilla.kernel.org/show_bug.cgi?id=211029 > > Complete workaround Maybe a bit more readable: Complete workaround example > (it was too long for the page, but it may be useful here): > > ...... > > $ sudo ln -s -T /usr/bin/echo /usr/bin/-echo; > $ cc -o system_hyphen -x c - ; > #include <stdlib.h> > > int > main(void) > { > system(" -echo Hello world!"); > exit(EXIT_SUCCESS); > } > > $ ./system_hyphen; > Hello world! > > Reported-by: Ciprian Dorin Craciun <ciprian.craciun@gmail.com> > Cc: Florian Weimer <fweimer@redhat.com> > Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com> > --- > > D'oh! > > man3/system.3 | 20 ++++++++++++++++++++ > 1 file changed, 20 insertions(+) > > diff --git a/man3/system.3 b/man3/system.3 > index 753d46f7d..ead35ab30 100644 > --- a/man3/system.3 > +++ b/man3/system.3 > @@ -255,6 +255,26 @@ are not executed. > Such risks are especially grave when using > .BR system () > from a privileged program. > +.SH BUGS > +.\" [BUG 211029](https://bugzilla.kernel.org/show_bug.cgi?id=211029) > +.\" [Glibc bug](https://sourceware.org/bugzilla/show_bug.cgi?id=27143) > +.\" [POSIX bug](https://www.austingroupbugs.net/view.php?id=1440) > +If the command name starts with a hyphen, > +.BR sh (1) > +interprets the command name as an option, > +and the behavior is undefined. > +(See the > +.B \-c > +option to > +.BR sh (1).) > +To work around this problem, > +prepend the command with a space as in the following call: > +.PP > +.RS 4 > +.EX > + system(" \-unfortunate\-command\-name"); > +.EE > +.RE > .SH SEE ALSO > .BR sh (1), > .BR execve (2), >
Hi Michael, Ping! And now I noticed a typo in the subject: s/hypen/hyphen/ Thanks, Alex On 1/8/21 3:28 PM, Alejandro Colomar (man-pages) wrote: > > > On 1/8/21 3:22 PM, Alejandro Colomar wrote: >> man-pages bug: 211029 >> https://bugzilla.kernel.org/show_bug.cgi?id=211029 >> >> Complete workaround > > Maybe a bit more readable: > Complete workaround example > > >> (it was too long for the page, but it may be useful here): >> >> ...... >> >> $ sudo ln -s -T /usr/bin/echo /usr/bin/-echo; >> $ cc -o system_hyphen -x c - ; >> #include <stdlib.h> >> >> int >> main(void) >> { >> system(" -echo Hello world!"); >> exit(EXIT_SUCCESS); >> } >> >> $ ./system_hyphen; >> Hello world! >> >> Reported-by: Ciprian Dorin Craciun <ciprian.craciun@gmail.com> >> Cc: Florian Weimer <fweimer@redhat.com> >> Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com> >> --- >> >> D'oh! >> >> man3/system.3 | 20 ++++++++++++++++++++ >> 1 file changed, 20 insertions(+) >> >> diff --git a/man3/system.3 b/man3/system.3 >> index 753d46f7d..ead35ab30 100644 >> --- a/man3/system.3 >> +++ b/man3/system.3 >> @@ -255,6 +255,26 @@ are not executed. >> Such risks are especially grave when using >> .BR system () >> from a privileged program. >> +.SH BUGS >> +.\" [BUG 211029](https://bugzilla.kernel.org/show_bug.cgi?id=211029) >> +.\" [Glibc bug](https://sourceware.org/bugzilla/show_bug.cgi?id=27143) >> +.\" [POSIX bug](https://www.austingroupbugs.net/view.php?id=1440) >> +If the command name starts with a hyphen, >> +.BR sh (1) >> +interprets the command name as an option, >> +and the behavior is undefined. >> +(See the >> +.B \-c >> +option to >> +.BR sh (1).) >> +To work around this problem, >> +prepend the command with a space as in the following call: >> +.PP >> +.RS 4 >> +.EX >> + system(" \-unfortunate\-command\-name"); >> +.EE >> +.RE >> .SH SEE ALSO >> .BR sh (1), >> .BR execve (2), >> >
Hi Alex, On 1/8/21 3:22 PM, Alejandro Colomar wrote: > man-pages bug: 211029 > https://bugzilla.kernel.org/show_bug.cgi?id=211029 > > Complete workaround > (it was too long for the page, but it may be useful here): > > ...... > > $ sudo ln -s -T /usr/bin/echo /usr/bin/-echo; > $ cc -o system_hyphen -x c - ; > #include <stdlib.h> > > int > main(void) > { > system(" -echo Hello world!"); > exit(EXIT_SUCCESS); > } > > $ ./system_hyphen; > Hello world! > > Reported-by: Ciprian Dorin Craciun <ciprian.craciun@gmail.com> > Cc: Florian Weimer <fweimer@redhat.com> > Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com> Thanks for the ping. Patch applied, but see man-pages(7) and my small fix-up in the next commit. Cheers, Michael > --- > > D'oh! > > man3/system.3 | 20 ++++++++++++++++++++ > 1 file changed, 20 insertions(+) > > diff --git a/man3/system.3 b/man3/system.3 > index 753d46f7d..ead35ab30 100644 > --- a/man3/system.3 > +++ b/man3/system.3 > @@ -255,6 +255,26 @@ are not executed. > Such risks are especially grave when using > .BR system () > from a privileged program. > +.SH BUGS > +.\" [BUG 211029](https://bugzilla.kernel.org/show_bug.cgi?id=211029) > +.\" [Glibc bug](https://sourceware.org/bugzilla/show_bug.cgi?id=27143) > +.\" [POSIX bug](https://www.austingroupbugs.net/view.php?id=1440) > +If the command name starts with a hyphen, > +.BR sh (1) > +interprets the command name as an option, > +and the behavior is undefined. > +(See the > +.B \-c > +option to > +.BR sh (1).) > +To work around this problem, > +prepend the command with a space as in the following call: > +.PP > +.RS 4 > +.EX > + system(" \-unfortunate\-command\-name"); > +.EE > +.RE > .SH SEE ALSO > .BR sh (1), > .BR execve (2), >
On 1/8/21 3:28 PM, Alejandro Colomar (man-pages) wrote: > > > On 1/8/21 3:22 PM, Alejandro Colomar wrote: >> man-pages bug: 211029 >> https://bugzilla.kernel.org/show_bug.cgi?id=211029 >> >> Complete workaround > > Maybe a bit more readable: > Complete workaround example Changed. Thanks, Michael > > >> (it was too long for the page, but it may be useful here): >> >> ...... >> >> $ sudo ln -s -T /usr/bin/echo /usr/bin/-echo; >> $ cc -o system_hyphen -x c - ; >> #include <stdlib.h> >> >> int >> main(void) >> { >> system(" -echo Hello world!"); >> exit(EXIT_SUCCESS); >> } >> >> $ ./system_hyphen; >> Hello world! >> >> Reported-by: Ciprian Dorin Craciun <ciprian.craciun@gmail.com> >> Cc: Florian Weimer <fweimer@redhat.com> >> Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com> >> --- >> >> D'oh! >> >> man3/system.3 | 20 ++++++++++++++++++++ >> 1 file changed, 20 insertions(+) >> >> diff --git a/man3/system.3 b/man3/system.3 >> index 753d46f7d..ead35ab30 100644 >> --- a/man3/system.3 >> +++ b/man3/system.3 >> @@ -255,6 +255,26 @@ are not executed. >> Such risks are especially grave when using >> .BR system () >> from a privileged program. >> +.SH BUGS >> +.\" [BUG 211029](https://bugzilla.kernel.org/show_bug.cgi?id=211029) >> +.\" [Glibc bug](https://sourceware.org/bugzilla/show_bug.cgi?id=27143) >> +.\" [POSIX bug](https://www.austingroupbugs.net/view.php?id=1440) >> +If the command name starts with a hyphen, >> +.BR sh (1) >> +interprets the command name as an option, >> +and the behavior is undefined. >> +(See the >> +.B \-c >> +option to >> +.BR sh (1).) >> +To work around this problem, >> +prepend the command with a space as in the following call: >> +.PP >> +.RS 4 >> +.EX >> + system(" \-unfortunate\-command\-name"); >> +.EE >> +.RE >> .SH SEE ALSO >> .BR sh (1), >> .BR execve (2), >> >
On 1/18/21 4:28 PM, Alejandro Colomar (man-pages) wrote: > Hi Michael, > > Ping! > > And now I noticed a typo in the subject: > s/hypen/hyphen/ D'oh! I missed that. In cases like these, where there's already two amendments to the patch, perhaps better is a new complete patch, rather than a ping :-). Thanks, Michael > On 1/8/21 3:28 PM, Alejandro Colomar (man-pages) wrote: >> >> >> On 1/8/21 3:22 PM, Alejandro Colomar wrote: >>> man-pages bug: 211029 >>> https://bugzilla.kernel.org/show_bug.cgi?id=211029 >>> >>> Complete workaround >> >> Maybe a bit more readable: >> Complete workaround example >> >> >>> (it was too long for the page, but it may be useful here): >>> >>> ...... >>> >>> $ sudo ln -s -T /usr/bin/echo /usr/bin/-echo; >>> $ cc -o system_hyphen -x c - ; >>> #include <stdlib.h> >>> >>> int >>> main(void) >>> { >>> system(" -echo Hello world!"); >>> exit(EXIT_SUCCESS); >>> } >>> >>> $ ./system_hyphen; >>> Hello world! >>> >>> Reported-by: Ciprian Dorin Craciun <ciprian.craciun@gmail.com> >>> Cc: Florian Weimer <fweimer@redhat.com> >>> Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com> >>> --- >>> >>> D'oh! >>> >>> man3/system.3 | 20 ++++++++++++++++++++ >>> 1 file changed, 20 insertions(+) >>> >>> diff --git a/man3/system.3 b/man3/system.3 >>> index 753d46f7d..ead35ab30 100644 >>> --- a/man3/system.3 >>> +++ b/man3/system.3 >>> @@ -255,6 +255,26 @@ are not executed. >>> Such risks are especially grave when using >>> .BR system () >>> from a privileged program. >>> +.SH BUGS >>> +.\" [BUG 211029](https://bugzilla.kernel.org/show_bug.cgi?id=211029) >>> +.\" [Glibc bug](https://sourceware.org/bugzilla/show_bug.cgi?id=27143) >>> +.\" [POSIX bug](https://www.austingroupbugs.net/view.php?id=1440) >>> +If the command name starts with a hyphen, >>> +.BR sh (1) >>> +interprets the command name as an option, >>> +and the behavior is undefined. >>> +(See the >>> +.B \-c >>> +option to >>> +.BR sh (1).) >>> +To work around this problem, >>> +prepend the command with a space as in the following call: >>> +.PP >>> +.RS 4 >>> +.EX >>> + system(" \-unfortunate\-command\-name"); >>> +.EE >>> +.RE >>> .SH SEE ALSO >>> .BR sh (1), >>> .BR execve (2), >>> >> > >
diff --git a/man3/system.3 b/man3/system.3 index 753d46f7d..ead35ab30 100644 --- a/man3/system.3 +++ b/man3/system.3 @@ -255,6 +255,26 @@ are not executed. Such risks are especially grave when using .BR system () from a privileged program. +.SH BUGS +.\" [BUG 211029](https://bugzilla.kernel.org/show_bug.cgi?id=211029) +.\" [Glibc bug](https://sourceware.org/bugzilla/show_bug.cgi?id=27143) +.\" [POSIX bug](https://www.austingroupbugs.net/view.php?id=1440) +If the command name starts with a hyphen, +.BR sh (1) +interprets the command name as an option, +and the behavior is undefined. +(See the +.B \-c +option to +.BR sh (1).) +To work around this problem, +prepend the command with a space as in the following call: +.PP +.RS 4 +.EX + system(" \-unfortunate\-command\-name"); +.EE +.RE .SH SEE ALSO .BR sh (1), .BR execve (2),