tcpreplay: CVE-2019-8376

Debian Bug report logs - #922624
tcpreplay: CVE-2019-8376

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: tcpreplay: CVE-2019-8376

Date: Mon, 18 Feb 2019 15:45:09 +0100

Source: tcpreplay
Version: 4.3.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/appneta/tcpreplay/issues/537

Hi,

The following vulnerability was published for tcpreplay.

CVE-2019-8376[0]:
| An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference
| occurred in the function get_layer4_v6() located at get.c. This can be
| triggered by sending a crafted pcap file to the tcpreplay-edit binary.
| It allows an attacker to cause a Denial of Service (Segmentation fault)
| or possibly have unspecified other impact.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-8376
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8376
[1] https://github.com/appneta/tcpreplay/issues/537

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #10 received at 922624@bugs.debian.org (full text, mbox, reply):

From: Dmitry Bogatov <KAction@debian.org>

To: 922624@bugs.debian.org

Subject: possible implementation

Date: Thu, 07 Mar 2019 14:45:25 +0000

[Message part 1 (text/plain, inline)]

control: tags -1 +patch

Hello! Here is debdiff with implementation of proposal -- `execlineb' is
moved to /usr/bin and it includes /usr/lib/execline/bin into PATH. Every
binary in /usr/bin needs a manual, so I conjured one with `help2man',
but it definitely need polishing.

Thank you for packaging and maintaining `execline'.

diff -Nru execline-2.5.0.1/debian/changelog execline-2.5.0.1/debian/changelog
--- execline-2.5.0.1/debian/changelog	2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/changelog	2019-03-06 17:53:53.000000000 +0000
@@ -1,3 +1,11 @@
+execline (2.5.0.1-4) UNRELEASED; urgency=medium
+
+  * Add `/usr/lib/execline/bin' into PATH for scripts, invoked by `execlineb'.
+    (Closes: #922624)
+  * Move execlineb into `/usr/bin'.
+
+ -- Dmitry Bogatov <KAction@debian.org>  Wed, 06 Mar 2019 17:53:53 +0000
+
 execline (2.5.0.1-3) unstable; urgency=medium
 
   * Add dep8 autopkgtest script
diff -Nru execline-2.5.0.1/debian/execlineb.1 execline-2.5.0.1/debian/execlineb.1
--- execline-2.5.0.1/debian/execlineb.1	1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execlineb.1	2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,401 @@
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.8.
+.TH EXECLINEB "1" "March 2019" "Debian" "User Commands"
+.SH NAME
+execlineb \- manual page for execlineb execline
+.SH DESCRIPTION
+execline
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+or in an executable file:
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+set:
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+following components:
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+higher\-level parsing:
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+* The \fB\-P\fR option will bypass positional parameter handling completely:
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+defines $@ as the rest of the command line after nmin arguments have
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
+.PP
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+or in an executable file:
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+set:
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+following components:
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+higher\-level parsing:
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+* The \fB\-P\fR option will bypass positional parameter handling completely:
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+defines $@ as the rest of the command line after nmin arguments have
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
diff -Nru execline-2.5.0.1/debian/execline.manpages execline-2.5.0.1/debian/execline.manpages
--- execline-2.5.0.1/debian/execline.manpages	1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execline.manpages	2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1 @@
+debian/execlineb.1
diff -Nru execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch
--- execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch	1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch	2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,48 @@
+--- a/src/execline/execlineb.c
++++ b/src/execline/execlineb.c
+@@ -12,6 +12,7 @@
+ #include <skalibs/djbunix.h>
+ #include <skalibs/skamisc.h>
+ #include <execline/execline.h>
++#include <stdlib.h>
+ #include "exlsn.h"
+ 
+ #define USAGE "execlineb [ -p | -P | -S nmin | -s nmin ] [ -q | -w | -W ] [ -c commandline ] script args"
+@@ -64,6 +65,27 @@ static int myexlp (stralloc *sa, char co
+   return -1 ;
+ }
+ 
++/* Add /usr/lib/execline/bin into PATH. See #922642. */
++static int adjust_path(const char *const *envp, stralloc *modif)
++{
++  size_t oldlen = modif->len;
++  const char *old = env_get2(envp, "PATH");
++  stralloc new = STRALLOC_ZERO;
++
++  if (!old) return 1 ;
++
++  if (!stralloc_cats(&new, "/usr/lib/execline/bin:")
++   || !stralloc_cats(&new, old)
++   || !env_addmodif(modif, "PATH", new.s)
++   || setenv("PATH", new.s, 1) == -1)
++  {
++    stralloc_free(&new);
++    modif->len = oldlen;
++    return 0;
++  }
++  return 1;
++}
++
+ int main (int argc, char const *const *argv, char const *const *envp)
+ {
+   stralloc sa = STRALLOC_ZERO ;
+@@ -133,6 +155,9 @@ int main (int argc, char const *const *a
+       goto errenv ;
+   }
+ 
++  if (!adjust_path(envp, &modif))
++    goto errenv ;
++
+   if (flagpushenv == 3 || flagpushenv == 4)
+   {
+     if (flagstrict && ((unsigned int)argc < nmin))
diff -Nru execline-2.5.0.1/debian/patches/series execline-2.5.0.1/debian/patches/series
--- execline-2.5.0.1/debian/patches/series	2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/patches/series	2019-03-06 17:53:53.000000000 +0000
@@ -1,2 +1,3 @@
 0001-fix-library-symlink-referencing.patch
 0002-move-lskarnet-from-a-makefile-dependency-to-EXTRA_LI.patch
+move-execlineb-to-usr.patch
diff -Nru execline-2.5.0.1/debian/rules execline-2.5.0.1/debian/rules
--- execline-2.5.0.1/debian/rules	2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/rules	2019-03-06 17:53:53.000000000 +0000
@@ -19,6 +19,11 @@
 
 override_dh_auto_configure-indep:
 override_dh_auto_build-indep:
-override_dh_auto_install-indep:
+override_dh_auto_install:
 	mkdir -p debian/tmp/usr/share/doc/execline
 	cp -aT doc debian/tmp/usr/share/doc/execline
+	dh_auto_install
+	mkdir -p debian/execline/usr/bin
+	mv debian/tmp/usr/lib/execline/bin/execlineb \
+	  debian/execline/usr/bin
+
-- 
        Note, that I send and fetch email in batch, once every 24 hours.
                 If matter is urgent, try https://t.me/kaction
                                                                             --

[Message part 2 (application/pgp-signature, inline)]

Message #17 received at 922624@bugs.debian.org (full text, mbox, reply):

From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

To: Dmitry Bogatov <KAction@debian.org>, 922642@bugs.debian.org

Subject: Re: Bug#922642: possible implementation

Date: Thu, 7 Mar 2019 19:06:16 +0100

[Message part 1 (text/plain, inline)]

Control: 922624 -patch
Control: 922642 +patch

Beware, this should go to #922642 not #922624. Changelog (below) still
needs to be adjusted.

    Christoph

Dmitry Bogatov wrote...

control: tags -1 +patch

Hello! Here is debdiff with implementation of proposal -- `execlineb' is
moved to /usr/bin and it includes /usr/lib/execline/bin into PATH. Every
binary in /usr/bin needs a manual, so I conjured one with `help2man',
but it definitely need polishing.

Thank you for packaging and maintaining `execline'.

diff -Nru execline-2.5.0.1/debian/changelog execline-2.5.0.1/debian/changelog
--- execline-2.5.0.1/debian/changelog	2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/changelog	2019-03-06 17:53:53.000000000 +0000
@@ -1,3 +1,11 @@
+execline (2.5.0.1-4) UNRELEASED; urgency=medium
+
+  * Add `/usr/lib/execline/bin' into PATH for scripts, invoked by `execlineb'.
+    (Closes: #922624)
+  * Move execlineb into `/usr/bin'.
+
+ -- Dmitry Bogatov <KAction@debian.org>  Wed, 06 Mar 2019 17:53:53 +0000
+
 execline (2.5.0.1-3) unstable; urgency=medium
 
   * Add dep8 autopkgtest script
diff -Nru execline-2.5.0.1/debian/execlineb.1 execline-2.5.0.1/debian/execlineb.1
--- execline-2.5.0.1/debian/execlineb.1	1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execlineb.1	2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,401 @@
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.8.
+.TH EXECLINEB "1" "March 2019" "Debian" "User Commands"
+.SH NAME
+execlineb \- manual page for execlineb execline
+.SH DESCRIPTION
+execline
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+or in an executable file:
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+set:
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+following components:
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+higher\-level parsing:
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+* The \fB\-P\fR option will bypass positional parameter handling completely:
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+defines $@ as the rest of the command line after nmin arguments have
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
+.PP
+Software
+skarnet.org
+.PP
+The execlineb program
+.PP
+execlineb reads and executes a script.
+.PP
+Interface
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] \fB\-c\fR script [ args... ]
+.PP
+or
+.IP
+execlineb [ \fB\-q\fR | \fB\-w\fR | \fB\-W\fR ] [ \fB\-p\fR | \fB\-P\fR | \fB\-S\fR nmin | \fB\-s\fR nmin ] scriptfile [ args... ]
+.PP
+or in an executable file:
+.PP
+#!/command/execlineb [ \fB\-qwWpPSnmin\fR ]
+script
+.PP
+Parsing phase.
+.IP
+* execlineb reads and parses the script it is given. It exits 100 on a
+.IP
+syntax error and 111 on a temporary error. It makes an argv, i.e. a
+system command line, with the parsed script. If the argv is empty,
+execlineb exits 0.
+.PP
+Environment management phase.
+.IP
+* Pushing the current stack frame. If none of the \fB\-p\fR, \fB\-P\fR, \fB\-S\fR or \fB\-s\fR
+.IP
+options is set: execlineb pushes the current positional parameters,
+i.e. environment variables that start with #, 0, 1, ..., 9. To get the
+previous values back, use emptyenv \fB\-P\fR.
+.IP
+* Setting the new stack frame. If none of the \fB\-P\fR, \fB\-S\fR or \fB\-s\fR options is
+.IP
+set:
+.IP
++ execlineb sets the # environment variable to the number n of args
+.IP
+it is given.
+.IP
++ It sets the 0 environment variable to the name of the script \- or
+.IP
+to the execlineb invocation name if the \fB\-c\fR option is used.
+.IP
++ It sets the 1, 2, ... n environment variables to the different
+.IP
+args.
+.PP
+Execution phase.
+.IP
+* execlineb executes into the argv it has built from the script. There
+.IP
+is only one command line for the whole script: the execlineb binary is
+a launcher, whose sole purpose is to execute into that command line.
+It does not stay in memory like a traditional interpreter would.
+.PP
+Options
+.IP
+* \fB\-c\fR script : execute script, do not look for a file.
+.PP
+See below for the other options.
+.PP
+Syntax of scripts
+.PP
+An execlineb script is a string that must not contain the null character.
+execlineb parses it and divides it into words. The parser recognizes the
+following components:
+.IP
+* whitespace is defined as spaces, tabs, newlines and carriage returns.
+.IP
+Words are always separated by whitespace.
+.IP
+* A quoted string begins with a doublequote (") and ends with another
+.IP
+doublequote. Quoted doublequotes must be prefixed by a backslash (\e).
+Quoted strings always evaluate to exactly one word. For instance, ""
+evaluates to the empty word.
+.IP
+* The \ea, \eb, \et, \en, \ev, \ef, and \er sequences are recognized in quoted
+.IP
+strings, and are converted to the ASCII numbers 7, 8, 9, 10, 11, 12
+and 13 respectively.
+.IP
+* Inside a quoted string, backslashed newlines disappear completely.
+* \e0xab sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+hexadecimal number ab.
+.IP
+* \e0abc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+octal number abc.
+.IP
+* \eabc sequences are recognized in quoted strings and evaluate to ASCII
+.IP
+decimal number abc. a must not be zero.
+.IP
+* A comment starts with a # and ends with the line. Comments are not
+.IP
+recognized inside quoted strings.
+.IP
+* Anything else is an unquoted string, that can evaluate to zero or more
+.IP
+words.
+.IP
+* Any character can be escaped in unquoted strings by prepending it with
+.IP
+a backslash. It works the same way in quoted strings, except for the
+special sequences described above.
+.PP
+You can see an example of distinct execlineb components here.
+.PP
+In addition to that simple lexing, execlineb performs the following
+higher\-level parsing:
+.IP
+* A word consisting of a single opening brace ({) increments an internal
+.IP
+level counter, blevel, and disappears from the argv. Quoted open
+braces do not have that behaviour.
+.IP
+* A word consisting of a single closing brace (}) decrements blevel, and
+.IP
+is replaced with the empty word. Quoted closing braces do not have
+that behaviour.
+.IP
+* If execlineb finds that braces are unmatched (i.e. blevel goes below 0
+.IP
+during the parsing, or is not 0 at the end of the script), it exits
+100 with an error message.
+.IP
+* execlineb automatically quotes blocks. Which means that everytime it
+.IP
+finds a word, it prepends it with blevel spaces.
+.PP
+For proper execution, the sequence of words must follow the execline
+grammar.
+.PP
+Options for block syntax checking
+.PP
+External execline commands that read blocks, like foreground, use the
+EXECLINE_STRICT environment variable: if it is set to 1, they will print a
+warning message on stderr if they find their blocks not to be properly
+quoted. If it is set to 2, they will also die. If it is set to 0, or
+unset, they won't complain at all.
+.PP
+Normally the EXECLINE_STRICT environment variable is inherited from the
+caller. You can force it unset, set to 1, or set to 2 by giving
+respectively the \fB\-q\fR, \fB\-w\fR or \fB\-W\fR option to execlineb.
+.PP
+Options for environment management
+.PP
+Normally, execline scripts are reentrant: environment variables
+potentially overwritten by execlineb, such as # or 0, are pushed. This is
+the standard, safe behaviour. Nevertheless, it is rather costly, and may
+be unneeded for small scripts: for those cases, execline comes with two
+options that bypass the environment management. Be warned that the purpose
+of these options is optimization, and you should not use them if you're
+not familiar with the way execlineb uses the environment to store
+positional parameters. Alternatively, there's also an integrated
+substitution mechanism that doesn't make use of the environment at all.
+.IP
+* The \fB\-p\fR option will bypass the push phase: the current frame of
+.IP
+positional parameters will be overwritten. The script will not be
+reentrant.
+.IP
+* The \fB\-P\fR option will bypass positional parameter handling completely:
+.IP
+the environment will not be pushed, and positional parameters will be
+ignored. execlineb \fB\-P\fR \fB\-c\fR "script" is equivalent to, but more efficient
+than, execlineb \fB\-c\fR "emptyenv \fB\-P\fR script". You should use the \fB\-P\fR option
+only in standalone scripts that take no arguments, such as s6's or
+runit's run scripts.
+.IP
+* The \fB\-S\fR nmin option will substitute the positional parameters \- up to
+.IP
+at least nmin \- but will not push nor set environment variables.
+execlineb \fB\-S3\fR \fB\-c\fR "script" is equivalent to, but more efficient than,
+execlineb \fB\-c\fR "elgetpositionals \fB\-P3\fR emptyenv \fB\-P\fR script". See the
+details.
+.IP
+* The \fB\-s\fR nmin option behaves just like the \fB\-S\fR option, except that it
+.IP
+defines $@ as the rest of the command line after nmin arguments have
+been removed.
+.PP
+Current limitations
+.PP
+execlineb builds and executes a unique argv with the script: hence scripts
+are subject to OS\-dependent limitations such as the kernel buffer size for
+argv and envp \- at least 64 kB on most systems. This means that execlineb
+cannot execute arbitrarily large scripts. Be careful with deeply nested
+scripts too: without the \fB\-p\fR/\-P/\-S/\-s option, each execlineb invocation
+uses up some space in the environment.
diff -Nru execline-2.5.0.1/debian/execline.manpages execline-2.5.0.1/debian/execline.manpages
--- execline-2.5.0.1/debian/execline.manpages	1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/execline.manpages	2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1 @@
+debian/execlineb.1
diff -Nru execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch
--- execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch	1970-01-01 00:00:00.000000000 +0000
+++ execline-2.5.0.1/debian/patches/move-execlineb-to-usr.patch	2019-03-06 17:53:53.000000000 +0000
@@ -0,0 +1,48 @@
+--- a/src/execline/execlineb.c
++++ b/src/execline/execlineb.c
+@@ -12,6 +12,7 @@
+ #include <skalibs/djbunix.h>
+ #include <skalibs/skamisc.h>
+ #include <execline/execline.h>
++#include <stdlib.h>
+ #include "exlsn.h"
+ 
+ #define USAGE "execlineb [ -p | -P | -S nmin | -s nmin ] [ -q | -w | -W ] [ -c commandline ] script args"
+@@ -64,6 +65,27 @@ static int myexlp (stralloc *sa, char co
+   return -1 ;
+ }
+ 
++/* Add /usr/lib/execline/bin into PATH. See #922642. */
++static int adjust_path(const char *const *envp, stralloc *modif)
++{
++  size_t oldlen = modif->len;
++  const char *old = env_get2(envp, "PATH");
++  stralloc new = STRALLOC_ZERO;
++
++  if (!old) return 1 ;
++
++  if (!stralloc_cats(&new, "/usr/lib/execline/bin:")
++   || !stralloc_cats(&new, old)
++   || !env_addmodif(modif, "PATH", new.s)
++   || setenv("PATH", new.s, 1) == -1)
++  {
++    stralloc_free(&new);
++    modif->len = oldlen;
++    return 0;
++  }
++  return 1;
++}
++
+ int main (int argc, char const *const *argv, char const *const *envp)
+ {
+   stralloc sa = STRALLOC_ZERO ;
+@@ -133,6 +155,9 @@ int main (int argc, char const *const *a
+       goto errenv ;
+   }
+ 
++  if (!adjust_path(envp, &modif))
++    goto errenv ;
++
+   if (flagpushenv == 3 || flagpushenv == 4)
+   {
+     if (flagstrict && ((unsigned int)argc < nmin))
diff -Nru execline-2.5.0.1/debian/patches/series execline-2.5.0.1/debian/patches/series
--- execline-2.5.0.1/debian/patches/series	2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/patches/series	2019-03-06 17:53:53.000000000 +0000
@@ -1,2 +1,3 @@
 0001-fix-library-symlink-referencing.patch
 0002-move-lskarnet-from-a-makefile-dependency-to-EXTRA_LI.patch
+move-execlineb-to-usr.patch
diff -Nru execline-2.5.0.1/debian/rules execline-2.5.0.1/debian/rules
--- execline-2.5.0.1/debian/rules	2019-02-08 14:36:23.000000000 +0000
+++ execline-2.5.0.1/debian/rules	2019-03-06 17:53:53.000000000 +0000
@@ -19,6 +19,11 @@
 
 override_dh_auto_configure-indep:
 override_dh_auto_build-indep:
-override_dh_auto_install-indep:
+override_dh_auto_install:
 	mkdir -p debian/tmp/usr/share/doc/execline
 	cp -aT doc debian/tmp/usr/share/doc/execline
+	dh_auto_install
+	mkdir -p debian/execline/usr/bin
+	mv debian/tmp/usr/lib/execline/bin/execlineb \
+	  debian/execline/usr/bin
+
-- 
        Note, that I send and fetch email in batch, once every 24 hours.
                 If matter is urgent, try https://t.me/kaction
                                                                             --

[signature.asc (application/pgp-signature, inline)]

Message #24 received at 922624-close@bugs.debian.org (full text, mbox, reply):

From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>

To: 922624-close@bugs.debian.org

Subject: Bug#922624: fixed in tcpreplay 4.3.1-2

Date: Wed, 13 Mar 2019 08:37:53 +0000

Source: tcpreplay
Source-Version: 4.3.1-2

We believe that the bug you reported is fixed in the latest version of
tcpreplay, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 922624@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Biedl <debian.axhn@manchmal.in-ulm.de> (supplier of updated tcpreplay package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Mar 2019 00:04:30 +0100
Source: tcpreplay
Architecture: source
Version: 4.3.1-2
Distribution: unstable
Urgency: medium
Maintainer: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Changed-By: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Closes: 922622 922623 922624
Changes:
 tcpreplay (4.3.1-2) unstable; urgency=medium
 .
   * Fix three more issues
     Closes: #922624 [CVE-2019-8376]
     Closes: #922623 [CVE-2019-8377]
     Closes: #922622 [CVE-2019-8381]
Checksums-Sha1:
 8fa038820a26de84ccba3ecdf71a3db35c3caf84 2010 tcpreplay_4.3.1-2.dsc
 18496bbe5937e2d26d7d8074fe0641a558e3801f 8976 tcpreplay_4.3.1-2.debian.tar.xz
 bd23e79fcb3becdd24a62a02d45f6089abbc0483 5705 tcpreplay_4.3.1-2_powerpc.buildinfo
Checksums-Sha256:
 e460dfe36599898fcb1df6e5a81a9095f9b0b7d50730da5e2d2390f17cf83fe7 2010 tcpreplay_4.3.1-2.dsc
 739534e8d27fe72d3fce28194c9344aace453dd87ed8fce1c35f8c1e0287038a 8976 tcpreplay_4.3.1-2.debian.tar.xz
 08b2bf085eb2691473e91c24d59500beb6821a32d37d0dd5e4e54a4549486f78 5705 tcpreplay_4.3.1-2_powerpc.buildinfo
Files:
 95508ecd99b39cb7b2cf0eff54d05e9e 2010 net optional tcpreplay_4.3.1-2.dsc
 87be4f8a7f2fd5a9a74ed3e5a2e76e5c 8976 net optional tcpreplay_4.3.1-2.debian.tar.xz
 75d9ee7b7de31b66f0c7c7fca737dbdc 5705 net optional tcpreplay_4.3.1-2_powerpc.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEWXMI+726A12MfJXdxCxY61kUkv0FAlyItD0ACgkQxCxY61kU
kv1dxQ/9HT2eyi9hSDXv6rRrDCcxZZNBCXudfBivnlBP+9YDAQIniA9L1o9RJsjI
6PJIxD8AMJxLj8mU8vZMd5Nj8W2ORPeIQWN1Kj5TU+I9Mn4I26NyDhXUd4xFSkE1
4bUxnaqXELCs2E6YvZY2+XuRcLuwaTK5X7rwcbBvapAn7sO5Rm4GKL4GttX3RZ/S
J3w+tfu9/00hnGjRbANCpY7Q9yDt1cbrmVW8btNX7fiKT1KVH4QXtvjykMW5RM2d
nIFt/I/3sQYx+NwDkOjrs9XcA8chyYnsrVVez67RGWWvRXNxS39p01nY8nZvvyzb
waDq/Glktm1WUfQ1RXrkDrXbK6mGJk0H4Sk/If1Ub6HP8r6euk/5SDCMtbtIGc1h
D1/vckV8Nl7f3QwQLNwKJzblIuKYwwf5cfF1O0uhu0Vy8qpWbSf9STRgd+45Wi3q
A904/xAlmv7deeNpEd28ZCqn9Mnn2+PzmvHikHZYY5bI9zsxaDs1PrXQFx+m2ZvN
SiuaBd95WVUJVOOL3SrCwm2mqNpWwKS8wxvhO14V5jUQd5yTwsei9RmBZ7RWEtnQ
T/ozffQkGUs8wt7ZZLahZPDMyxos1FJ0PF+tUyF9ixh9u2MPAv4xxTKyXrl+uxBM
9e0CalutHgdqP3UZl9aR82e+dpzni/EFSZAwd0xv+S/vSL083ag=
=pNy8
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.