stty: no verification that tcsetattr applied all settings · uutils/coreutils#10324

(1 commento) (0 reazioni) (0 assegnatari)Rust (1852 fork)batch import

U - sttygood first issuereported-canonical

Metriche repository

Star: (23.246 star)
Metriche merge PR: (Merge medio 9g 14h) (216 PR mergiate in 30 g)

Descrizione

Component

stty

Description

POSIX allows tcsetattr to return success while only partially applying requested changes. GNU stty re-reads terminal settings after tcsetattr and compares them to the requested configuration, exiting with an error if they differ. uutils calls tcsetattr and returns success without verification.

The tcsetattr() function shall return successfully if it was able to perform any of the requested actions, even if some of the requested actions could not be performed.

// src/uu/stty/src/stty.rs:425-431
for arg in &valid_args {
    match arg {
        ArgOptions::Mapping(mapping) => apply_char_mapping(&mut termios, mapping),
        ArgOptions::Flags(flag) => apply_setting(&mut termios, flag),
        // ...
    }
}
tcsetattr(opts.file.as_fd(), set_arg, &termios)?;
// No readback or comparison follows

GNU performs tcgetattr after setting, compares with eq_mode(), and calls error(EXIT_FAILURE, ...) if settings don't match.

Impact

On platforms where tcsetattr applies only a subset of changes, uutils exits successfully while the terminal remains misconfigured. Scripts disabling echo for password input may silently fail, exposing sensitive data.

Guida contributor

Direzione di ricerca: Ispeziona la chiamata tcsetattr in stty.rs e aggiungi una rilettura con tcgetattr dopo l'impostazione per verificare che le modalità del terminale siano state applicate. Se differiscono, esci con un errore come fa GNU.
Tech stack: rust
Dominio: backend
Tipo issue: Bug
Difficoltà: 2
Tempo stimato: 1-3 ore
Stato attività: Attiva
Chiarezza: Chiara
Prerequisiti: GitRust
Adatta ai principianti: 75