Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site cheviot.uucp
Path: utzoo!linus!philabs!cmcl2!seismo!mcvax!ukc!cheviot!robert
From: robert@cheviot.uucp (Robert Stroud)
Newsgroups: net.bugs.4bsd
Subject: Re: pwd
Message-ID: <418@cheviot.uucp>
Date: Tue, 20-Aug-85 15:15:52 EDT
Article-I.D.: cheviot.418
Posted: Tue Aug 20 15:15:52 1985
Date-Received: Fri, 23-Aug-85 20:13:11 EDT
References: <454@ist.UUCP>
Reply-To: robert@cheviot.UUCP (Robert Stroud)
Organization: U. of Newcastle upon Tyne, U.K.
Lines: 52

Pat Place reports a rather complex situation in which pwd fails and apparently
gives an infinite loop. In fact the bug he describes has been fixed in 4.2
but there is a similar bug which has not been fixed. There is also a simpler
way of reproducing both bugs.

The problems are caused by "pwd" or "getwd" not checking the return code
on various system calls, and may be reproduced as follows:

Go into a sub-directory whose parent you own, e.g.

	cd /tmp ; mkdir 1 1/2 ; cd 1/2

-----------------------------------------------------------------------------

Original Problem

	chmod 400 .. ; pwd

4.2 correctly reports "pwd: getwd: cannot chdir to .."

V7 and other versions that do not check the return code on the chdir("..")
call will loop until the output buffer has been filled. The code checks that
it can open ".." which only requires read permission but not that it can
chdir to ".." which requires execute (or search) permission.

PNX on my Perq says "panic: kernel address error"!! (:-)

------------------------------------------------------------------------------

New Problem

	chmod 400 . ; pwd

4.2 and other versions which do not check the return code on the stat(".")
call will report "/" because the same buffer has just been used to stat "/"!

Somebody fixed "getwd" to check some, but not all of the return codes!

-----------------------------------------------------------------------------

The fix to both problems is obvious. I'm not sure what will happen with
shells that have the pwd algorithm built in, but some programs which have
the algorithm built in are liable to loop (e.g. rn).

Robert Stroud,
Computing Laboratory,
University of Newcastle upon Tyne.

UUCP ...!ukc!cheviot!robert
ARPA robert%cheviot.newcastle@ucl-cs.ARPA
JANET robert@newcastle.cheviot