sys-devel/bc/files/bc-1.07.1-sandbox.patch - third_party/overlays/portage-stable - Git at Google

 this has been sent upstream, but they don't have a mailing list or project site
 to link to.  oh well.

 From e641584767c3c7cc1ff544805acc2562fc56cda9 Mon Sep 17 00:00:00 2001
 From: Mike Frysinger <vapier@chromium.org>
 Date: Mon, 17 Sep 2018 18:57:57 -0400
 Subject: [PATCH 1/2] dc: add a --sandbox option

 Other GNU projects (like sed & gawk) have a --sandbox flag whereby
 access to files and system() are disabled.  This allows people to
 run arbitrary scripts without worrying about them "escaping" and
 executing arbitrary commands on the system.
 ---
  dc/dc.c     | 9 ++++++++-
  dc/dc.h     | 3 +++
  dc/misc.c   | 6 ++++++
  doc/dc.1    | 5 +++++
  doc/dc.texi | 4 ++++
  5 files changed, 26 insertions(+), 1 deletion(-)

 diff --git a/dc/dc.c b/dc/dc.c
 index 6a2bb2639235..592a76be71da 100644
 --- a/dc/dc.c
 +++ b/dc/dc.c
 @@ -54,6 +54,7 @@
  #endif

  const char *progname;	/* basename of program invocation */
 +int dc_sandbox_enabled;	/* whether sandbox mode is enabled */

  static void
  bug_report_info DC_DECLVOID()
 @@ -80,6 +81,7 @@ usage DC_DECLARG((f))
  Usage: %s [OPTION] [file ...]\n\
    -e, --expression=EXPR    evaluate expression\n\
    -f, --file=FILE          evaluate contents of file\n\
 +  -S, --sandbox            disable the ! (system) command\n\
    -h, --help               display this help and exit\n\
    -V, --version            output version information and exit\n\
  \n\
 @@ -252,6 +254,7 @@ main DC_DECLARG((argc, argv))
  	static struct option const long_opts[] = {
  		{"expression", required_argument, NULL, 'e'},
  		{"file", required_argument, NULL, 'f'},
 +		{"sandbox", no_argument, NULL, 'S'},
  		{"help", no_argument, NULL, 'h'},
  		{"version", no_argument, NULL, 'V'},
  		{NULL, 0, NULL, 0}
 @@ -260,12 +263,13 @@ main DC_DECLARG((argc, argv))
  	int c;

  	progname = r1bindex(*argv, '/');
 +	dc_sandbox_enabled = 0;
  	dc_math_init();
  	dc_string_init();
  	dc_register_init();
  	dc_array_init();

 -	while ((c = getopt_long(argc, argv, "hVe:f:", long_opts, (int *)0)) != EOF) {
 +	while ((c = getopt_long(argc, argv, "hVe:f:S", long_opts, (int *)0)) != EOF) {
  		switch (c) {
  		case 'e':
  			{	dc_data string = dc_makestring(optarg, strlen(optarg));
 @@ -279,6 +283,9 @@ main DC_DECLARG((argc, argv))
  			try_file(optarg);
  			did_eval = 1;
  			break;
 +		case 'S':
 +			dc_sandbox_enabled = 1;
 +			break;
  		case 'h':
  			usage(stdout);
  			return flush_okay();
 diff --git a/dc/dc.h b/dc/dc.h
 index 6a871ad612a5..a148df467a92 100644
 --- a/dc/dc.h
 +++ b/dc/dc.h
 @@ -76,4 +76,7 @@ typedef struct {
  /* This is dc's only global variable: */
  extern const char *progname;	/* basename of program invocation */

 +/* Whether to run in sandbox mode. */
 +extern int dc_sandbox_enabled;
 +
  #endif /* not DC_DEFS_H */
 diff --git a/dc/misc.c b/dc/misc.c
 index cd23602fce32..115be90b03bf 100644
 --- a/dc/misc.c
 +++ b/dc/misc.c
 @@ -131,6 +131,12 @@ dc_system DC_DECLARG((s))
  	char *tmpstr;
  	size_t len;

 +	if (dc_sandbox_enabled) {
 +		fprintf(stderr, "%s: ! command disabled in sandbox mode\n",
 +				progname);
 +		exit(EXIT_FAILURE);
 +	}
 +
  	p = strchr(s, '\n');
  	if (p != NULL) {
  		len = (size_t) (p - s);
 diff --git a/doc/dc.1 b/doc/dc.1
 index 1c666493e00a..7c4b6fffd616 100644
 --- a/doc/dc.1
 +++ b/doc/dc.1
 @@ -84,6 +84,11 @@ to the set of commands to be run while processing the input.
  Add the commands contained in the file
  .I script-file
  to the set of commands to be run while processing the input.
 +.TP
 +.B -S
 +.TP
 +.B --sandbox
 +Run in sandbox mode where access to \fB!\fR for the system function.
  .PP
  If any command-line parameters remain after processing the above,
  these parameters are interpreted as the names of input files to
 --
 2.17.1
	this has been sent upstream, but they don't have a mailing list or project site
	to link to. oh well.

	From e641584767c3c7cc1ff544805acc2562fc56cda9 Mon Sep 17 00:00:00 2001
	From: Mike Frysinger <vapier@chromium.org>
	Date: Mon, 17 Sep 2018 18:57:57 -0400
	Subject: [PATCH 1/2] dc: add a --sandbox option

	Other GNU projects (like sed & gawk) have a --sandbox flag whereby
	access to files and system() are disabled. This allows people to
	run arbitrary scripts without worrying about them "escaping" and
	executing arbitrary commands on the system.
	---
	dc/dc.c \| 9 ++++++++-
	dc/dc.h \| 3 +++
	dc/misc.c \| 6 ++++++
	doc/dc.1 \| 5 +++++
	doc/dc.texi \| 4 ++++
	5 files changed, 26 insertions(+), 1 deletion(-)

	diff --git a/dc/dc.c b/dc/dc.c
	index 6a2bb2639235..592a76be71da 100644
	--- a/dc/dc.c
	+++ b/dc/dc.c
	@@ -54,6 +54,7 @@
	#endif

	const char progname; / basename of program invocation */
	+int dc_sandbox_enabled; /* whether sandbox mode is enabled */

	static void
	bug_report_info DC_DECLVOID()
	@@ -80,6 +81,7 @@ usage DC_DECLARG((f))
	Usage: %s [OPTION] [file ...]\n\
	-e, --expression=EXPR evaluate expression\n\
	-f, --file=FILE evaluate contents of file\n\
	+ -S, --sandbox disable the ! (system) command\n\
	-h, --help display this help and exit\n\
	-V, --version output version information and exit\n\
	\n\
	@@ -252,6 +254,7 @@ main DC_DECLARG((argc, argv))
	static struct option const long_opts[] = {
	{"expression", required_argument, NULL, 'e'},
	{"file", required_argument, NULL, 'f'},
	+ {"sandbox", no_argument, NULL, 'S'},
	{"help", no_argument, NULL, 'h'},
	{"version", no_argument, NULL, 'V'},
	{NULL, 0, NULL, 0}
	@@ -260,12 +263,13 @@ main DC_DECLARG((argc, argv))
	int c;

	progname = r1bindex(*argv, '/');
	+ dc_sandbox_enabled = 0;
	dc_math_init();
	dc_string_init();
	dc_register_init();
	dc_array_init();

	- while ((c = getopt_long(argc, argv, "hVe:f:", long_opts, (int *)0)) != EOF) {
	+ while ((c = getopt_long(argc, argv, "hVe:f:S", long_opts, (int *)0)) != EOF) {
	switch (c) {
	case 'e':
	{ dc_data string = dc_makestring(optarg, strlen(optarg));
	@@ -279,6 +283,9 @@ main DC_DECLARG((argc, argv))
	try_file(optarg);
	did_eval = 1;
	break;
	+ case 'S':
	+ dc_sandbox_enabled = 1;
	+ break;
	case 'h':
	usage(stdout);
	return flush_okay();
	diff --git a/dc/dc.h b/dc/dc.h
	index 6a871ad612a5..a148df467a92 100644
	--- a/dc/dc.h
	+++ b/dc/dc.h
	@@ -76,4 +76,7 @@ typedef struct {
	/* This is dc's only global variable: */
	extern const char progname; / basename of program invocation */

	+/* Whether to run in sandbox mode. */
	+extern int dc_sandbox_enabled;
	+
	#endif /* not DC_DEFS_H */
	diff --git a/dc/misc.c b/dc/misc.c
	index cd23602fce32..115be90b03bf 100644
	--- a/dc/misc.c
	+++ b/dc/misc.c
	@@ -131,6 +131,12 @@ dc_system DC_DECLARG((s))
	char *tmpstr;
	size_t len;

	+ if (dc_sandbox_enabled) {
	+ fprintf(stderr, "%s: ! command disabled in sandbox mode\n",
	+ progname);
	+ exit(EXIT_FAILURE);
	+ }
	+
	p = strchr(s, '\n');
	if (p != NULL) {
	len = (size_t) (p - s);
	diff --git a/doc/dc.1 b/doc/dc.1
	index 1c666493e00a..7c4b6fffd616 100644
	--- a/doc/dc.1
	+++ b/doc/dc.1
	@@ -84,6 +84,11 @@ to the set of commands to be run while processing the input.
	Add the commands contained in the file
	.I script-file
	to the set of commands to be run while processing the input.
	+.TP
	+.B -S
	+.TP
	+.B --sandbox
	+Run in sandbox mode where access to \fB!\fR for the system function.
	.PP
	If any command-line parameters remain after processing the above,
	these parameters are interpreted as the names of input files to
	--
	2.17.1