Avoid APE fork bomb

This change addresses a $PATH resolution issue where APE depends on uname and uname is an APE program. So sorry to anyone this impacted we'll get a release out soon.
jart · Nov 8, 2023 · 5330442 · 5330442
1 parent cc3e3de
commit 5330442
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 24 deletions.
diff --git a/ape/ape.S b/ape/ape.S
@@ -592,7 +592,8 @@ ape_disk:
 
 #ifdef APE_IS_SHELL_SCRIPT
 apesh:	.ascii	"\n@\n#'\"\n"			// sixth edition shebang
-	.ascii	"m=\"$(uname -m)\"\n"
+	.ascii	"m=\"$(/bin/uname -m >/dev/null)\" || "
+	.ascii	"m=\"$(/usr/bin/uname -m)\"\n"
 
 	.ascii	"if [ \"$m\" = x86_64 ] || [ \"$m\" = amd64 ]; then\n"
 //	Until all operating systems can be updated to support APE,
@@ -615,24 +616,24 @@ apesh:	.ascii	"\n@\n#'\"\n"			// sixth edition shebang
 	.ascii	     APE_VERSION_STR
 	.ascii	     "\"\n"
 	.ascii	    "[ -x \"$t\" ] || {\n"
-	.ascii	      "mkdir -p \"${t%/*}\" &&\n"
-	.ascii	      "dd if=\"$o\" of=\"$t.$$\" skip="
+	.ascii	      "/bin/mkdir -p \"${t%/*}\" &&\n"
+	.ascii	      "/bin/dd if=\"$o\" of=\"$t.$$\" skip="
 	.shstub	        ape_loader_dd_skip,2
 	.ascii	        " count="
 	.shstub	        ape_loader_dd_count,2
 	.ascii	        " bs=64 2>/dev/null\n"
 #if SupportsXnu()
 	.ascii	      "[ -d /Applications ] && "
-	.ascii	        "dd if=\"$t.$$\""
+	.ascii	        "/bin/dd if=\"$t.$$\""
 	.ascii	          " of=\"$t.$$\""
 	.ascii	          " skip=5"
 	.ascii	          " count=8"
 	.ascii	          " bs=64"
 	.ascii	          " conv=notrunc"
 	.ascii	          " 2>/dev/null\n"
 #endif /* SupportsXnu() */
-	.ascii	      "chmod 755 \"$t.$$\"\n"
-	.ascii	      "mv -f \"$t.$$\" \"$t\"\n"
+	.ascii	      "/bin/chmod 755 \"$t.$$\"\n"
+	.ascii	      "/bin/mv -f \"$t.$$\" \"$t\"\n"
 	.ascii	    "}\n"
 	.ascii	    "exec \"$t\" \"$o\" \"$@\"\n"
 	.ascii	  "}\n"
@@ -648,9 +649,9 @@ apesh:	.ascii	"\n@\n#'\"\n"			// sixth edition shebang
 	.ascii	  "t=\"${TMPDIR:-${HOME:-.}}/$0\"\n"
 	.ascii	  "[ x\"$1\" != x--assimilate ] || [ ! -e \"$t\" ] && {\n"
 	.ascii	    "[ x\"$1\" != x--assimilate ] && {\n"
-	.ascii	      "mkdir -p \"${t%/*}\" 2>/dev/null\n"
-	.ascii	      "cp -f \"$o\" \"$t.$$\" &&\n"
-	.ascii	      "mv -f \"$t.$$\" \"$t\" || exit 120\n"
+	.ascii	      "/bin/mkdir -p \"${t%/*}\" 2>/dev/null\n"
+	.ascii	      "/bin/cp -f \"$o\" \"$t.$$\" &&\n"
+	.ascii	      "/bin/mv -f \"$t.$$\" \"$t\" || exit 120\n"
 	.ascii	      "o=\"$t\"\n"
 	.ascii	    "}\n"
 #endif /* APE_NO_MODIFY_SELF */
@@ -681,7 +682,7 @@ apesh:	.ascii	"\n@\n#'\"\n"			// sixth edition shebang
 	.ascii	  "exec 7<&-\n"
 #if SupportsXnu()
 	.ascii	  "[ -d /Applications ] && "
-	.ascii	    "dd if=\"$o\""
+	.ascii	    "/bin/dd if=\"$o\""
 	.ascii	      " of=\"$o\""
 	.ascii	      " bs=8"
 	.ascii	      " skip="
@@ -710,7 +711,8 @@ apesh:	.ascii	"\n@\n#'\"\n"			// sixth edition shebang
 //	because they need to be in the first 4096 bytes
         .section .emushprologue,"a",@progbits
 emush:	.ascii	"\n@\n#'\"\n"
-	.ascii	"s=\"$(uname -s)\"\n"
+	.ascii	"s=\"$(/bin/uname -s >/dev/null)\" || "
+	.ascii	"s=\"$(/usr/bin/uname -s)\"\n"
 //	our script is running on a non-x86_64 architecture
 //	1. `dd` out the appropriate blink vm blob
 //	2. gunzip the blink virtual machine executable

diff --git a/tool/build/apelink.c b/tool/build/apelink.c
@@ -1944,7 +1944,8 @@ int main(int argc, char *argv[]) {
     }
 
     // otherwise this is a fresh install so consider the platform
-    p = stpcpy(p, "m=$(uname -m)\n");
+    p = stpcpy(p, "m=\"$(/bin/uname -m >/dev/null)\" || "
+                  "m=\"$(/usr/bin/uname -m)\"\n");
     if (support_vector & _HOSTXNU) {
       p = stpcpy(p, "if [ ! -d /Applications ]; then\n");
     }
@@ -2044,7 +2045,7 @@ int main(int argc, char *argv[]) {
           p = stpcpy(p, "if [ x\"$1\" = x--assimilate ]; then\n");
         }
         p = GenerateScriptIfMachine(p, in);
-        p = stpcpy(p, "dd if=\"$o\" of=\"$o\" bs=1");
+        p = stpcpy(p, "/bin/dd if=\"$o\" of=\"$o\" bs=1");
         p = stpcpy(p, " skip=");
         in->ddarg_macho_skip = p;
         p = GenerateDecimalOffsetRelocation(p);
@@ -2070,8 +2071,8 @@ int main(int argc, char *argv[]) {
         if ((loader = GetLoader(in->elf->e_machine, _HOSTXNU))) {
           loader->used = true;
           p = GenerateScriptIfMachine(p, in);  // <if-machine>
-          p = stpcpy(p, "mkdir -p \"${t%/*}\" ||exit\n"
-                        "dd if=\"$o\"");
+          p = stpcpy(p, "/bin/mkdir -p \"${t%/*}\" ||exit\n"
+                        "/bin/dd if=\"$o\"");
           p = stpcpy(p, " skip=");
           loader->ddarg_skip1 = p;
           p = GenerateDecimalOffsetRelocation(p);
@@ -2080,15 +2081,15 @@ int main(int argc, char *argv[]) {
           p = GenerateDecimalOffsetRelocation(p);
           p = stpcpy(p, " bs=1 2>/dev/null | gzip -dc >\"$t.$$\" ||exit\n");
           if (loader->macho_offset) {
-            p = stpcpy(p, "dd if=\"$t.$$\" of=\"$t.$$\"");
+            p = stpcpy(p, "/bin/dd if=\"$t.$$\" of=\"$t.$$\"");
             p = stpcpy(p, " skip=");
             p = FormatInt32(p, loader->macho_offset / 64);
             p = stpcpy(p, " count=");
             p = FormatInt32(p, ROUNDUP(loader->macho_length, 64) / 64);
             p = stpcpy(p, " bs=64 conv=notrunc 2>/dev/null ||exit\n");
           }
-          p = stpcpy(p, "chmod 755 \"$t.$$\" ||exit\n"
-                        "mv -f \"$t.$$\" \"$t\" ||exit\n");
+          p = stpcpy(p, "/bin/chmod 755 \"$t.$$\" ||exit\n"
+                        "/bin/mv -f \"$t.$$\" \"$t\" ||exit\n");
           p = stpcpy(p, "exec \"$t\" \"$o\" \"$@\"\n"
                         "fi\n");  // </if-machine>
           gotsome = true;
@@ -2107,8 +2108,8 @@ int main(int argc, char *argv[]) {
                       "echo \"$0: please run: xcode-select --install\" >&2\n"
                       "exit 1\n"
                       "fi\n"
-                      "mkdir -p \"${t%/*}\" ||exit\n"
-                      "dd if=\"$o\"");
+                      "/bin/mkdir -p \"${t%/*}\" ||exit\n"
+                      "/bin/dd if=\"$o\"");
         p = stpcpy(p, " skip=");
         macos_silicon_loader_source_ddarg_skip = p;
         p = GenerateDecimalOffsetRelocation(p);
@@ -2142,17 +2143,17 @@ int main(int argc, char *argv[]) {
       if ((loader = GetLoader(in->elf->e_machine, ~_HOSTXNU))) {
         loader->used = true;
         p = GenerateScriptIfMachine(p, in);
-        p = stpcpy(p, "mkdir -p \"${t%/*}\" ||exit\n"
-                      "dd if=\"$o\"");
+        p = stpcpy(p, "/bin/mkdir -p \"${t%/*}\" ||exit\n"
+                      "/bin/dd if=\"$o\"");
         p = stpcpy(p, " skip=");
         loader->ddarg_skip2 = p;
         p = GenerateDecimalOffsetRelocation(p);
         p = stpcpy(p, " count=");
         loader->ddarg_size2 = p;
         p = GenerateDecimalOffsetRelocation(p);
         p = stpcpy(p, " bs=1 2>/dev/null | gzip -dc >\"$t.$$\" ||exit\n"
-                      "chmod 755 \"$t.$$\" ||exit\n"
-                      "mv -f \"$t.$$\" \"$t\" ||exit\n");
+                      "/bin/chmod 755 \"$t.$$\" ||exit\n"
+                      "/bin/mv -f \"$t.$$\" \"$t\" ||exit\n");
         p = stpcpy(p, "exec \"$t\" \"$o\" \"$@\"\n"
                       "fi\n");
       }