Commit 85a1b79 breaks building Perl5 when using ksh93 as /bin/sh

[atheik]

Commit 85a1b79 breaks building Perl5 when using ksh93 as /bin/sh

make[1]: Entering directory '/root/perl-5.34.0/cpan/Encode'
/bin/sh: cd: bad directory
make[1]: *** [Makefile:587: subdirs] Error 1

Line 586-587 of cpan/Encode/Makefile looks like this:

subdirs ::
        $(NOECHO) cd Byte && <snip>

Changing directory to cpan/Encode/Byte fails.

If you would like, you can reproduce this in Debian Live under x86_64 QEMU:

curl -LO https://cdimage.debian.org/cdimage/release/11.2.0-live/amd64/iso-hybrid/debian-live-11.2.0-amd64-standard.iso
qemu-system-x86_64 -cpu host -accel kvm -m 1024 -drive file=debian-live-11.2.0-amd64-standard.iso,media=cdrom

Run the following in Debian Live:

sudo -i

cd
curl -L https://codeload.github.com/ksh93/ksh/tar.gz/85a1b79 -o ksh-85a1b79.tar.gz
tar xf ksh-85a1b79.tar.gz
cd ksh-85a1b79
bin/package make
install -vm 755 arch/linux.i386-64/bin/ksh /bin/sh

cd
curl -LO https://www.cpan.org/src/5.0/perl-5.34.0.tar.xz
tar xf perl-5.34.0.tar.xz
cd perl-5.34.0
./Configure -des
make lib/auto/Encode/Encode.so

Sorry, I know this makes for a pretty poor reproducer but I do not know how to reduce it.
I would happily try any suggested patches.

[McDutchie]

Yup, I done broke it. :-/

On Linux (but not macOS):

$ (unset PWD; arch/linux.i386-64/bin/ksh)
$ pwd
pwd: cannot determine present working directory
$ echo $PWD
.
$ ls -ld arch
total 4
drwxr-xr-x 8 martijn users 4096 Feb 18 20:53 arch
$ cd arch
arch/linux.i386-64/bin/ksh: cd: bad directory

The bug occurs when PWD is not inherited from the environment.

[McDutchie]

I introduced a classic use after free problem, very obvious. Sorry about that.

Try this patch:

diff --git a/src/cmd/ksh93/sh/path.c b/src/cmd/ksh93/sh/path.c
index f106ffa2..9f7e1c17 100644
--- a/src/cmd/ksh93/sh/path.c
+++ b/src/cmd/ksh93/sh/path.c
@@ -183,6 +183,7 @@ static pid_t command_xargs(const char *path, char *argv[],char *const envp[], in
 char *path_pwd(void)
 {
 	register char *cp;
+	char tofree = 0;
 	Namval_t *pwdnod;
 	/* Don't bother if PWD already set */
 	if(sh.pwd)
@@ -198,7 +199,6 @@ char *path_pwd(void)
 	{
 		/* Check if $HOME is a path to the PWD; this ensures $PWD == $HOME
 		   at login, even if $HOME is a path that contains symlinks */
-		char tofree = 0;
 		cp = nv_getval(sh_scoped(HOME));
 		if(!(cp && *cp=='/' && test_inode(cp,e_dot)))
 		{
@@ -214,8 +214,6 @@ char *path_pwd(void)
 				pwdnod = sh_assignok(pwdnod,1);
 			nv_putval(pwdnod,cp,NV_RDONLY);
 		}
-		if(tofree)
-			free((void*)cp);
 	}
 	nv_onattr(pwdnod,NV_EXPORT);
 	/* Neither obtained the pwd nor can fall back to sane-ish $PWD: fall back to "." */
@@ -224,7 +222,9 @@ char *path_pwd(void)
 	if(!cp || *cp!='/')
 		nv_putval(pwdnod,cp=(char*)e_dot,NV_RDONLY);
 	/* Set shell PWD */
-	sh.pwd = sh_strdup(cp);
+	if(!tofree)
+		cp = sh_strdup(cp);
+	sh.pwd = cp;
 	return((char*)sh.pwd);
 }

[atheik]

I applied your patch on top of 85a1b79 and Perl5 builds fine now. I also ran bin/shtests but I guess you did that as well. Thank you!

[McDutchie]

Thank you for finding and reporting the bug so promptly.