GNU bug report logs - #24276
head without pipline is not reading complete STDIN, resulting in unwilling and unexpected command execution

Previous Next

Package: coreutils;

Reported by: Sebastian <sebastian <at> ifyouwantblood.de>

Date: Sat, 20 Aug 2016 22:40:01 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Paul Eggert <eggert <at> cs.ucla.edu>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#24276: closed (head without pipline is not reading complete
 STDIN, resulting in unwilling and unexpected command execution)
Date: Sun, 21 Aug 2016 00:13:01 +0000

[Message part 1 (text/plain, inline)]
Your message dated Sat, 20 Aug 2016 17:12:36 -0700
with message-id <8d3296cd-6e2c-2e03-1a87-01b2c8e27f65 <at> cs.ucla.edu>
and subject line Re: bug#24276: head without pipline is not reading complete STDIN, resulting in unwilling and unexpected command execution
has caused the debbugs.gnu.org bug report #24276,
regarding head without pipline is not reading complete STDIN, resulting in unwilling and unexpected command execution
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
24276: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=24276
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Sebastian <sebastian <at> ifyouwantblood.de>
To: bug-coreutils <at> gnu.org
Subject: head without pipline is not reading complete STDIN, resulting in
 unwilling and unexpected command execution
Date: Sat, 20 Aug 2016 23:01:07 +0200

hi,

while comparing my rewrite in google go of coreutils i noticed that head without pipeline
is not reading complete STDIN:

> head -c 2

enter:

> asdf

press return

this results in printing "as" and execution of the df command. thats highly unexpected and 
probably a good example for a variant of WYSINWYC (What you see is not what you copy)*.
someone might even come up with a not harmful looking code, that is harmful (heredoc?).

> head --version
> head (GNU coreutils) 8.25

> bash --version
> GNU bash, version 4.3.46(1)-release (x86_64-suse-linux-gnu)

> uname -o
> GNU/Linux

> printfile /etc/os-release
> NAME=openSUSE
> VERSION="Tumbleweed"
> VERSION_ID="20160811"
> PRETTY_NAME="openSUSE Tumbleweed (20160811) (x86_64)"
> ID=opensuse
> ANSI_COLOR="0;32"
> CPE_NAME="cpe:/o:opensuse:opensuse:20160811"
> BUG_REPORT_URL="https://bugs.opensuse.org"
> HOME_URL="https://www.opensuse.org/"

* http://www.ush.it/team/ascii/hack-tricks_253C_CCC2008/wysinwyc/what_you_see_is_not_what_you_copy.txt

-- 
Sebastian Kratz
@ProhtMeyhet



[Message part 3 (message/rfc822, inline)]
From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Sebastian <sebastian <at> ifyouwantblood.de>, 24276-done <at> debbugs.gnu.org
Subject: Re: bug#24276: head without pipline is not reading complete STDIN,
 resulting in unwilling and unexpected command execution
Date: Sat, 20 Aug 2016 17:12:36 -0700

This is not a bug. It's quite OK for 'head' to read just as much input as is 
required, and to not bother to read the rest of input. In fact, POSIX requires 
this behavior if standard input is a seekable file. See:

http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap01.html

and look for "seekable input".
This bug report was last modified 8 years and 336 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.