pwd
Robert Stroud
robert at cheviot.uucp
Wed Aug 21 05:15:52 AEST 1985
Pat Place reports a rather complex situation in which pwd fails and apparently
gives an infinite loop. In fact the bug he describes has been fixed in 4.2
but there is a similar bug which has not been fixed. There is also a simpler
way of reproducing both bugs.
The problems are caused by "pwd" or "getwd" not checking the return code
on various system calls, and may be reproduced as follows:
Go into a sub-directory whose parent you own, e.g.
cd /tmp ; mkdir 1 1/2 ; cd 1/2
-----------------------------------------------------------------------------
Original Problem
chmod 400 .. ; pwd
4.2 correctly reports "pwd: getwd: cannot chdir to .."
V7 and other versions that do not check the return code on the chdir("..")
call will loop until the output buffer has been filled. The code checks that
it can open ".." which only requires read permission but not that it can
chdir to ".." which requires execute (or search) permission.
PNX on my Perq says "panic: kernel address error"!! (:-)
------------------------------------------------------------------------------
New Problem
chmod 400 . ; pwd
4.2 and other versions which do not check the return code on the stat(".")
call will report "/" because the same buffer has just been used to stat "/"!
Somebody fixed "getwd" to check some, but not all of the return codes!
-----------------------------------------------------------------------------
The fix to both problems is obvious. I'm not sure what will happen with
shells that have the pwd algorithm built in, but some programs which have
the algorithm built in are liable to loop (e.g. rn).
Robert Stroud,
Computing Laboratory,
University of Newcastle upon Tyne.
UUCP ...!ukc!cheviot!robert
ARPA robert%cheviot.newcastle at ucl-cs.ARPA
JANET robert at newcastle.cheviot
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list