Discussion:
Bug#922624: tcpreplay: CVE-2019-8376
(too old to reply)
Salvatore Bonaccorso
2019-02-18 14:50:02 UTC
Permalink
Source: tcpreplay
Version: 4.3.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/appneta/tcpreplay/issues/537

Hi,

The following vulnerability was published for tcpreplay.

CVE-2019-8376[0]:
| An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference
| occurred in the function get_layer4_v6() located at get.c. This can be
| triggered by sending a crafted pcap file to the tcpreplay-edit binary.
| It allows an attacker to cause a Denial of Service (Segmentation fault)
| or possibly have unspecified other impact.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-8376
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8376
[1] https://github.com/appneta/tcpreplay/issues/537

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
Dmitry Bogatov
2019-03-07 14:50:01 UTC
Permalink
Christoph Biedl
2019-03-07 18:10:02 UTC
Permalink
Control: 922624 -patch
Control: 922642 +patch

Beware, this should go to #922642 not #922624. Changelog (below) still
needs to be adjusted.

Christoph

Dmitry Bogatov wrote...

control: tags -1 +patch

Hello! Here is debdiff with implementation of proposal -- `execlineb' is
moved to /usr/bin and it includes /usr/lib/execline/bin into PATH. Every
binary in /usr/bin needs a manual, so I conjured one with `help2man',
but it definitely need polishing.

Thank you for packaging and maintaining `execline'.

diff -Nru execline-2.5.0.1/debian/changelog execline-2.5.0.1/debian/changelog
--- execline-2.5.0.1/debian/changelog 2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/changelog 2019-03-06 17:53:53.000000000 +0000
@@ -1,3 +1,11 @@
+execline (2.5.0.1-4) UNRELEASED; urgency=medium
+
+ * Add `/usr/lib/execline/bin' into PATH for scripts, invoked by `execlineb'.
+ (Closes: #922624)
+ * Move execlineb into `/usr/bin'.
+
+ -- Dmitry Bogatov <***@debian.org> Wed, 06 Mar 2019 17:53:53 +0000
+
execline (2.5.0.1-3) unstable; urgency=medium

* Add dep8 autopkgtest script
diff -Nru execline-2.5.0.1/debian/execlineb.1 execline-2.5.0.1/debian/execlineb.1
--- execline-2.5.0.1/debian/execlineb.1 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execlineb.1 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,401 @@
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.8.
+.TH EXECLINEB "1" "March 2019" "Debian" "User Commands"
+.SH NAME
+execlineb \- manual page for execlineb execline
+.SH DESCRIPTION
+execline
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+or in an executable file:
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+set:
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+following components:
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+higher\-level parsing:
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+* The \fB\-P\fR option will bypass positional parameter handling completely:
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+defines $@ as the rest of the command line after nmin arguments have
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
+.PP
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+or in an executable file:
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+set:
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+following components:
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+higher\-level parsing:
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+* The \fB\-P\fR option will bypass positional parameter handling completely:
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+defines $@ as the rest of the command line after nmin arguments have
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
diff -Nru execline-2.5.0.1/debian/execline.manpages execline-2.5.0.1/debian/execline.manpages
--- execline-2.5.0.1/debian/execline.manpages 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execline.manpages 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1 @@
+debian/execlineb.1
diff -Nru execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch
--- execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,48 @@
+--- a/src/execline/execlineb.c
++++ b/src/execline/execlineb.c
+@@ -12,6 +12,7 @@
+ #include <skalibs/djbunix.h>
+ #include <skalibs/skamisc.h>
+ #include <execline/execline.h>
++#include <stdlib.h>
+ #include "exlsn.h"
+
+ #define USAGE "execlineb [ -p | -P | -S nmin | -s nmin ] [ -q | -w | -W ] [ -c commandline ] script args"
+@@ -64,6 +65,27 @@ static int myexlp (stralloc *sa, char co
+ return -1 ;
+ }
+
++/* Add /usr/lib/execline/bin into PATH. See #922642. */
++static int adjust_path(const char *const *envp, stralloc *modif)
++{
++ size_t oldlen = modif->len;
++ const char *old = env_get2(envp, "PATH");
++ stralloc new = STRALLOC_ZERO;
++
++ if (!old) return 1 ;
++
++ if (!stralloc_cats(&new, "/usr/lib/execline/bin:")
++ || !stralloc_cats(&new, old)
++ || !env_addmodif(modif, "PATH", new.s)
++ || setenv("PATH", new.s, 1) == -1)
++ {
++ stralloc_free(&new);
++ modif->len = oldlen;
++ return 0;
++ }
++ return 1;
++}
++
+ int main (int argc, char const *const *argv, char const *const *envp)
+ {
+ stralloc sa = STRALLOC_ZERO ;
+@@ -133,6 +155,9 @@ int main (int argc, char const *const *a
+ goto errenv ;
+ }
+
++ if (!adjust_path(envp, &modif))
++ goto errenv ;
++
+ if (flagpushenv == 3 || flagpushenv == 4)
+ {
+ if (flagstrict && ((unsigned int)argc < nmin))
diff -Nru execline-2.5.0.1/debian/patches/series execline-2.5.0.1/debian/patches/series
--- execline-2.5.0.1/debian/patches/series 2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/patches/series 2019-03-06 17:53:53.000000000 +0000
@@ -1,2 +1,3 @@
0001-fix-library-symlink-referencing.patch
0002-move-lskarnet-from-a-makefile-dependency-to-EXTRA_LI.patch
+move-execlineb-to-usr.patch
diff -Nru execline-2.5.0.1/debian/rules execline-2.5.0.1/debian/rules
--- execline-2.5.0.1/debian/rules 2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/rules 2019-03-06 17:53:53.000000000 +0000
@@ -19,6 +19,11 @@

override_dh_auto_configure-indep:
override_dh_auto_build-indep:
-override_dh_auto_install-indep:
+override_dh_auto_install:
mkdir -p debian/tmp/usr/share/doc/execline
cp -aT doc debian/tmp/usr/share/doc/execline
+ dh_auto_install
+ mkdir -p debian/execline/usr/bin
+ mv debian/tmp/usr/lib/execline/bin/execlineb \
+ debian/execline/usr/bin
+
--
Note, that I send and fetch email in batch, once every 24 hours.
If matter is urgent, try https://t.me/kaction
--
Shengjing Zhu
2019-03-10 09:10:01 UTC
Permalink
On Fri, Mar 8, 2019 at 2:09 AM Christoph Biedl
Post by Christoph Biedl
Control: 922624 -patch
Control: 922642 +patch
Beware, this should go to #922642 not #922624. Changelog (below) still
needs to be adjusted.
Christoph
Dmitry Bogatov wrote...
control: tags -1 +patch
Hello! Here is debdiff with implementation of proposal -- `execlineb' is
moved to /usr/bin and it includes /usr/lib/execline/bin into PATH. Every
binary in /usr/bin needs a manual, so I conjured one with `help2man',
but it definitely need polishing.
Thank you for packaging and maintaining `execline'.
diff -Nru execline-2.5.0.1/debian/changelog execline-2.5.0.1/debian/changelog
--- execline-2.5.0.1/debian/changelog 2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/changelog 2019-03-06 17:53:53.000000000 +0000
@@ -1,3 +1,11 @@
+execline (2.5.0.1-4) UNRELEASED; urgency=medium
+
+ * Add `/usr/lib/execline/bin' into PATH for scripts, invoked by `execlineb'.
+ (Closes: #922624)
+ * Move execlineb into `/usr/bin'.
+
+
execline (2.5.0.1-3) unstable; urgency=medium
* Add dep8 autopkgtest script
diff -Nru execline-2.5.0.1/debian/execlineb.1 execline-2.5.0.1/debian/execlineb.1
--- execline-2.5.0.1/debian/execlineb.1 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execlineb.1 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,401 @@
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.8.
+.TH EXECLINEB "1" "March 2019" "Debian" "User Commands"
+.SH NAME
+execlineb \- manual page for execlineb execline
+.SH DESCRIPTION
+execline
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
+.PP
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
diff -Nru execline-2.5.0.1/debian/execline.manpages execline-2.5.0.1/debian/execline.manpages
--- execline-2.5.0.1/debian/execline.manpages 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execline.manpages 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1 @@
+debian/execlineb.1
diff -Nru execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch
--- execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,48 @@
+--- a/src/execline/execlineb.c
++++ b/src/execline/execlineb.c
+ #include <skalibs/djbunix.h>
+ #include <skalibs/skamisc.h>
+ #include <execline/execline.h>
++#include <stdlib.h>
+ #include "exlsn.h"
+
+ #define USAGE "execlineb [ -p | -P | -S nmin | -s nmin ] [ -q | -w | -W ] [ -c commandline ] script args"
+ return -1 ;
+ }
+
++/* Add /usr/lib/execline/bin into PATH. See #922642. */
++static int adjust_path(const char *const *envp, stralloc *modif)
++{
++ size_t oldlen = modif->len;
++ const char *old = env_get2(envp, "PATH");
++ stralloc new = STRALLOC_ZERO;
++
++ if (!old) return 1 ;
++
++ if (!stralloc_cats(&new, "/usr/lib/execline/bin:")
++ || !stralloc_cats(&new, old)
++ || !env_addmodif(modif, "PATH", new.s)
++ || setenv("PATH", new.s, 1) == -1)
++ {
++ stralloc_free(&new);
++ modif->len = oldlen;
++ return 0;
++ }
++ return 1;
++}
++
+ int main (int argc, char const *const *argv, char const *const *envp)
+ {
+ stralloc sa = STRALLOC_ZERO ;
+ goto errenv ;
+ }
+
++ if (!adjust_path(envp, &modif))
++ goto errenv ;
++
+ if (flagpushenv == 3 || flagpushenv == 4)
+ {
+ if (flagstrict && ((unsigned int)argc < nmin))
diff -Nru execline-2.5.0.1/debian/patches/series execline-2.5.0.1/debian/patches/series
--- execline-2.5.0.1/debian/patches/series 2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/patches/series 2019-03-06 17:53:53.000000000 +0000
@@ -1,2 +1,3 @@
0001-fix-library-symlink-referencing.patch
0002-move-lskarnet-from-a-makefile-dependency-to-EXTRA_LI.patch
+move-execlineb-to-usr.patch
diff -Nru execline-2.5.0.1/debian/rules execline-2.5.0.1/debian/rules
--- execline-2.5.0.1/debian/rules 2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/rules 2019-03-06 17:53:53.000000000 +0000
@@ -19,6 +19,11 @@
mkdir -p debian/tmp/usr/share/doc/execline
cp -aT doc debian/tmp/usr/share/doc/execline
+ dh_auto_install
+ mkdir -p debian/execline/usr/bin
+ mv debian/tmp/usr/lib/execline/bin/execlineb \
+ debian/execline/usr/bin
+
--
Note, that I send and fetch email in batch, once every 24 hours.
If matter is urgent, try https://t.me/kaction
--
Thanks for the patch, it looks good to me. But I think I would apply
it after buster.
--
Shengjing Zhu
Shengjing Zhu
2019-08-11 15:00:02 UTC
Permalink
Post by Christoph Biedl
diff -Nru execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch
--- execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch 1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch 2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,48 @@
+--- a/src/execline/execlineb.c
++++ b/src/execline/execlineb.c
+ #include <skalibs/djbunix.h>
+ #include <skalibs/skamisc.h>
+ #include <execline/execline.h>
++#include <stdlib.h>
+ #include "exlsn.h"
+
+ #define USAGE "execlineb [ -p | -P | -S nmin | -s nmin ] [ -q | -w | -W ] [ -c commandline ] script args"
+ return -1 ;
+ }
+
++/* Add /usr/lib/execline/bin into PATH. See #922642. */
++static int adjust_path(const char *const *envp, stralloc *modif)
++{
++ size_t oldlen = modif->len;
++ const char *old = env_get2(envp, "PATH");
++ stralloc new = STRALLOC_ZERO;
++
++ if (!old) return 1 ;
++
++ if (!stralloc_cats(&new, "/usr/lib/execline/bin:")
++ || !stralloc_cats(&new, old)
++ || !env_addmodif(modif, "PATH", new.s)
++ || setenv("PATH", new.s, 1) == -1)
++ {
++ stralloc_free(&new);
++ modif->len = oldlen;
++ return 0;
++ }
++ return 1;
++}
++
+ int main (int argc, char const *const *argv, char const *const *envp)
+ {
+ stralloc sa = STRALLOC_ZERO ;
+ goto errenv ;
+ }
+
++ if (!adjust_path(envp, &modif))
++ goto errenv ;
++
+ if (flagpushenv == 3 || flagpushenv == 4)
+ {
+ if (flagstrict && ((unsigned int)argc < nmin))
This C patch works for me. But I have another approach now.

Add following script as /usr/bin/execlineb

#!/usr/lib/execline/bin/execlineb -S0
/usr/lib/execline/bin/importas -D
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH
/usr/lib/execline/bin/export PATH /usr/lib/execline/bin:${PATH}
/usr/lib/execline/bin/exec -a $0 /usr/lib/execline/bin/execlineb $@

What do you think?
--
Shengjing Zhu
Dmitry Bogatov
2019-08-12 19:40:01 UTC
Permalink
Post by Shengjing Zhu
This C patch works for me. But I have another approach now.
Add following script as /usr/bin/execlineb
#!/usr/lib/execline/bin/execlineb -S0
/usr/lib/execline/bin/importas -D
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH
/usr/lib/execline/bin/export PATH /usr/lib/execline/bin:${PATH}
What do you think?
Good, very good. But it will only work on Linux. kFreeBSD does not
permit scripts (not ELF binaries) to be used as interpreters.
--
Note, that I send and fetch email in batch, once in a few days.
Please, mention in body of your reply when you add or remove recepients.
Shengjing Zhu
2019-08-13 02:50:02 UTC
Permalink
Post by Dmitry Bogatov
Post by Shengjing Zhu
This C patch works for me. But I have another approach now.
Add following script as /usr/bin/execlineb
#!/usr/lib/execline/bin/execlineb -S0
/usr/lib/execline/bin/importas -D
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH
/usr/lib/execline/bin/export PATH /usr/lib/execline/bin:${PATH}
What do you think?
Good, very good. But it will only work on Linux. kFreeBSD does not
permit scripts (not ELF binaries) to be used as interpreters.
The first time to know that. But execline currently is only
(successfully) built on linux.
--
Shengjing Zhu
Dmitry Bogatov
2019-08-14 19:30:01 UTC
Permalink
Post by Shengjing Zhu
Post by Dmitry Bogatov
Post by Shengjing Zhu
This C patch works for me. But I have another approach now.
Add following script as /usr/bin/execlineb
#!/usr/lib/execline/bin/execlineb -S0
/usr/lib/execline/bin/importas -D
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH
/usr/lib/execline/bin/export PATH /usr/lib/execline/bin:${PATH}
What do you think?
Good, very good. But it will only work on Linux. kFreeBSD does not
permit scripts (not ELF binaries) to be used as interpreters.
The first time to know that. But execline currently is only
(successfully) built on linux.
Okay. Probably you want set 'arch: linux-any' then or re-write
/usr/bin/execlineb script in C, like this:

int main(int argc, char **argv)
{
char *new_argv[argc + 20];
new_argv[0] = "/usr/lib/execline/bin/importas";
new_argv[1] = "/usr/lib/execline/bin/importas";
new_argv[2] = "-D";
// etc.
memcpy(new_argv + ?, argv, argc * sizeof(char*));
execv(new_argv[0], new_argv);
}

I do not have strong opinion, I only use Linux kernel.
--
Note, that I send and fetch email in batch, once in a few days.
Please, mention in body of your reply when you add or remove recepients.
Loading...