aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog13
-rw-r--r--awk.h1
-rw-r--r--cint_array.c83
-rw-r--r--doc/ChangeLog2
-rw-r--r--doc/gawk.info1144
-rw-r--r--doc/gawk.texi5
-rw-r--r--doc/gawktexi.in5
-rw-r--r--main.c18
-rw-r--r--test/ChangeLog9
-rwxr-xr-xtest/Gentests11
-rw-r--r--test/Makefile.am8
-rw-r--r--test/Makefile.in13
-rw-r--r--test/Maketests5
-rw-r--r--test/sandbox1.awk7
-rw-r--r--test/sandbox1.ok2
15 files changed, 750 insertions, 576 deletions
diff --git a/ChangeLog b/ChangeLog
index 51f9a336..403c72fd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2019-05-06 Arnold D. Robbins <arnold@skeeve.com>
+
+ In sandbox mode, disallow assigning filenames that weren't
+ there initially. Thanks to Nolan Woods <nolan_w@sfu.ca> for
+ pointing out the gap.
+
+ * awk.h (init_argv_array): Add declaration.
+ * cint_array.c (argv_store): New vtable for ARGV.
+ (argv_shadow_array): New file static variable
+ (argv_store, init_argv_array): New functions.
+ * main.c (init_args): If in sandbox mode, build shadow array of
+ initial argv values. Call init_argv_array.
+
2019-05-05 Arnold D. Robbins <arnold@skeeve.com>
* ext.c (load_ext): Fix the message in the version for when
diff --git a/awk.h b/awk.h
index 19a5eb5f..8d87fc6a 100644
--- a/awk.h
+++ b/awk.h
@@ -1402,6 +1402,7 @@ extern NODE *do_asort(int nargs);
extern NODE *do_asorti(int nargs);
extern unsigned long (*hash)(const char *s, size_t len, unsigned long hsize, size_t *code);
extern void init_env_array(NODE *env_node);
+extern void init_argv_array(NODE *argv_node, NODE *shadow_node);
/* awkgram.c */
extern NODE *variable(int location, char *name, NODETYPE type);
extern int parse_program(INSTRUCTION **pcode, bool from_eval);
diff --git a/cint_array.c b/cint_array.c
index 08815e4e..417f27d5 100644
--- a/cint_array.c
+++ b/cint_array.c
@@ -73,6 +73,24 @@ const array_funcs_t cint_array_func = {
(afunc_t) 0,
};
+
+static NODE **argv_store(NODE *symbol, NODE *subs);
+
+/* special case for ARGV in sandbox mode */
+const array_funcs_t argv_array_func = {
+ "argv",
+ cint_array_init,
+ is_uinteger,
+ cint_lookup,
+ cint_exists,
+ cint_clear,
+ cint_remove,
+ cint_list,
+ cint_copy,
+ cint_dump,
+ argv_store,
+};
+
static inline int cint_hash(long k);
static inline NODE **cint_find(NODE *symbol, long k, int h1);
@@ -1230,3 +1248,68 @@ leaf_print(NODE *array, size_t bi, int indent_level)
(unsigned long) array->table_size);
}
#endif
+
+static NODE *argv_shadow_array = NULL;
+
+/* argv_store --- post assign function for ARGV in sandbox mode */
+
+static NODE **
+argv_store(NODE *symbol, NODE *subs)
+{
+ NODE **val = cint_exists(symbol, subs);
+ NODE *newval = *val;
+ char *cp;
+
+ if (newval->stlen == 0) // empty strings in ARGV are OK
+ return val;
+
+ if ((cp = strchr(newval->stptr, '=')) == NULL) {
+ if (! in_array(argv_shadow_array, newval))
+ fatal(_("cannot add a new file (%.*s) to ARGV in sandbox mode"),
+ (int) newval->stlen, newval->stptr);
+ } else {
+ // check if it's a valid variable assignment
+ bool badvar = false;
+ char *arg = newval->stptr;
+ char *cp2;
+
+ *cp = '\0'; // temporarily
+
+ if (! is_letter((unsigned char) arg[0]))
+ badvar = true;
+ else
+ for (cp2 = arg+1; *cp2; cp2++)
+ if (! is_identchar((unsigned char) *cp2) && *cp2 != ':') {
+ badvar = true;
+ break;
+ }
+
+ // further checks
+ if (! badvar) {
+ char *cp = strchr(arg, ':');
+ if (cp && (cp[1] != ':' || strchr(cp + 2, ':') != NULL))
+ badvar = true;
+ }
+ *cp = '='; // restore the '='
+
+ if (badvar && ! in_array(argv_shadow_array, newval))
+ fatal(_("cannot add a new file (%.*s) to ARGV in sandbox mode"),
+ (int) newval->stlen, newval->stptr);
+
+ // otherwise, badvar is false, let it through as variable assignment
+ }
+ return val;
+}
+
+/* init_argv_array --- set up the pointers for ARGV in sandbox mode. A bit hacky. */
+
+void
+init_argv_array(NODE *argv_node, NODE *shadow_node)
+{
+ /* If POSIX simply don't reset the vtable and things work as before */
+ if (! do_sandbox)
+ return;
+
+ argv_node->array_funcs = & argv_array_func;
+ argv_shadow_array = shadow_node;
+}
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 962656fb..6220648d 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -2,6 +2,8 @@
* gawktexi.in: Fix some typos. Thanks to Mark Krauze
<daburashka@ya.ru>, for pointing them out.
+ (Options): Document new feature in --sandbox, that you can't
+ add files that weren't there to start with.
2019-05-05 Arnold D. Robbins <arnold@skeeve.com>
diff --git a/doc/gawk.info b/doc/gawk.info
index a657dfcd..d68921c0 100644
--- a/doc/gawk.info
+++ b/doc/gawk.info
@@ -2784,10 +2784,11 @@ The following list describes options mandated by the POSIX standard:
'--sandbox'
Disable the 'system()' function, input redirections with 'getline',
output redirections with 'print' and 'printf', and dynamic
- extensions. This is particularly useful when you want to run 'awk'
- scripts from questionable sources and need to make sure the scripts
- can't access your system (other than the specified input data
- file).
+ extensions. Also, disallow adding filenames to 'ARGV' that were
+ not there when 'gawk' started running. This is particularly useful
+ when you want to run 'awk' scripts from questionable sources and
+ need to make sure the scripts can't access your system (other than
+ the specified input data file).
'-t'
'--lint-old'
@@ -29248,8 +29249,8 @@ Info file, in approximate chronological order:
* Anders Wallin helped keep the VMS port going for several years.
- * Assaf Gordon contributed the code to implement the '--sandbox'
- option.
+ * Assaf Gordon contributed the initial code to implement the
+ '--sandbox' option.
* John Haque made the following contributions:
@@ -33685,7 +33686,7 @@ Index
* --include option: Options. (line 181)
* --lint option: Command Line. (line 20)
* --lint option <1>: Options. (line 210)
-* --lint-old option: Options. (line 324)
+* --lint-old option: Options. (line 325)
* --load option: Options. (line 198)
* --no-optimize option: Options. (line 310)
* --non-decimal-data option: Options. (line 235)
@@ -33709,7 +33710,7 @@ Index
* --traditional option: Options. (line 86)
* --traditional option, --posix option and: Options. (line 297)
* --use-lc-numeric option: Options. (line 244)
-* --version option: Options. (line 329)
+* --version option: Options. (line 330)
* -b option: Options. (line 73)
* -c option: Options. (line 86)
* -C option: Options. (line 93)
@@ -33717,20 +33718,20 @@ Index
* -D option: Options. (line 112)
* -e option: Options. (line 121)
* -E option: Options. (line 147)
-* -e option <1>: Options. (line 365)
+* -e option <1>: Options. (line 366)
* -f option: Long. (line 12)
* -F option: Options. (line 21)
* -f option <1>: Options. (line 25)
-* -F option, -Ft sets FS to TAB: Options. (line 337)
+* -F option, -Ft sets FS to TAB: Options. (line 338)
* -F option, command-line: Command Line Field Separator.
(line 6)
-* -f option, multiple uses: Options. (line 342)
+* -f option, multiple uses: Options. (line 343)
* -g option: Options. (line 169)
* -h option: Options. (line 176)
* -i option: Options. (line 181)
* -l option: Options. (line 198)
* -l option <1>: Options. (line 210)
-* -L option: Options. (line 324)
+* -L option: Options. (line 325)
* -M option: Options. (line 229)
* -n option: Options. (line 235)
* -N option: Options. (line 244)
@@ -33742,7 +33743,7 @@ Index
* -s option: Options. (line 310)
* -S option: Options. (line 315)
* -v option: Options. (line 36)
-* -V option: Options. (line 329)
+* -V option: Options. (line 330)
* -v option <1>: Assignment Options. (line 12)
* -W option: Options. (line 51)
* . (period), regexp operator: Regexp Operator Details.
@@ -33971,6 +33972,7 @@ Index
* arguments, command-line, invoking awk: Command Line. (line 6)
* arguments, in function calls: Function Calls. (line 18)
* arguments, processing: Getopt Function. (line 6)
+* ARGV array: Options. (line 315)
* ARGV array, indexing into: Other Arguments. (line 15)
* arithmetic operators: Arithmetic Ops. (line 6)
* array manipulation in extensions: Array Manipulation. (line 6)
@@ -34491,7 +34493,7 @@ Index
* cosine: Numeric Functions. (line 16)
* counting: Wc Program. (line 6)
* csh utility: Statements/Lines. (line 43)
-* csh utility, POSIXLY_CORRECT environment variable: Options. (line 386)
+* csh utility, POSIXLY_CORRECT environment variable: Options. (line 387)
* csh utility, |& operator, comparison with: Two-way I/O. (line 27)
* ctime() user-defined function: Function Example. (line 74)
* Curreli, Marco: Contributors. (line 147)
@@ -35339,7 +35341,7 @@ Index
* gawk, TEXTDOMAIN variable in: User-modified. (line 155)
* gawk, timestamps: Time Functions. (line 6)
* gawk, uses for: Preface. (line 34)
-* gawk, versions of, information about, printing: Options. (line 329)
+* gawk, versions of, information about, printing: Options. (line 330)
* gawk, VMS version of: VMS Installation. (line 6)
* gawk, word-boundary operator: GNU Regexp Operators.
(line 66)
@@ -35673,7 +35675,7 @@ Index
* lint checking, empty programs: Command Line. (line 16)
* lint checking, issuing warnings: Options. (line 210)
* lint checking, POSIXLY_CORRECT environment variable: Options.
- (line 371)
+ (line 372)
* lint checking, undefined functions: Function Caveats. (line 23)
* LINT variable: User-modified. (line 90)
* Linux: Manual History. (line 28)
@@ -36035,7 +36037,7 @@ Index
* portability, NF variable, decrementing: Changing Fields. (line 115)
* portability, operators: Increment Ops. (line 60)
* portability, operators, not in POSIX awk: Precedence. (line 97)
-* portability, POSIXLY_CORRECT environment variable: Options. (line 391)
+* portability, POSIXLY_CORRECT environment variable: Options. (line 392)
* portability, substr() function: String Functions. (line 518)
* portable object files: Explaining gettext. (line 37)
* portable object files <1>: Translator i18n. (line 6)
@@ -36087,11 +36089,11 @@ Index
* POSIX awk, timestamps and: Time Functions. (line 6)
* POSIX awk, | I/O operator and: Getline/Pipe. (line 56)
* POSIX mode: Options. (line 282)
-* POSIX mode <1>: Options. (line 371)
+* POSIX mode <1>: Options. (line 372)
* POSIX, awk and: Preface. (line 21)
* POSIX, gawk extensions not included in: POSIX/GNU. (line 6)
* POSIX, programs, implementing in awk: Clones. (line 6)
-* POSIXLY_CORRECT environment variable: Options. (line 371)
+* POSIXLY_CORRECT environment variable: Options. (line 372)
* PREC variable: User-modified. (line 127)
* precedence: Increment Ops. (line 60)
* precedence <1>: Precedence. (line 6)
@@ -36936,557 +36938,557 @@ Node: Intro Summary116293
Node: Invoking Gawk117177
Node: Command Line118691
Node: Options119489
-Ref: Options-Footnote-1136754
-Ref: Options-Footnote-2136985
-Node: Other Arguments137010
-Node: Naming Standard Input139957
-Node: Environment Variables141167
-Node: AWKPATH Variable141725
-Ref: AWKPATH Variable-Footnote-1145137
-Ref: AWKPATH Variable-Footnote-2145171
-Node: AWKLIBPATH Variable145432
-Node: Other Environment Variables147090
-Node: Exit Status150911
-Node: Include Files151588
-Node: Loading Shared Libraries155278
-Node: Obsolete156706
-Node: Undocumented157398
-Node: Invoking Summary157695
-Node: Regexp159355
-Node: Regexp Usage160809
-Node: Escape Sequences162846
-Node: Regexp Operators169078
-Node: Regexp Operator Details169563
-Ref: Regexp Operator Details-Footnote-1175685
-Node: Interval Expressions175832
-Ref: Interval Expressions-Footnote-1177267
-Node: Bracket Expressions177365
-Ref: table-char-classes179841
-Node: Leftmost Longest183167
-Node: Computed Regexps184470
-Node: GNU Regexp Operators187897
-Node: Case-sensitivity191576
-Ref: Case-sensitivity-Footnote-1194442
-Ref: Case-sensitivity-Footnote-2194677
-Node: Regexp Summary194785
-Node: Reading Files196251
-Node: Records198520
-Node: awk split records199595
-Node: gawk split records204870
-Ref: gawk split records-Footnote-1209456
-Node: Fields209493
-Node: Nonconstant Fields212234
-Ref: Nonconstant Fields-Footnote-1214470
-Node: Changing Fields214674
-Node: Field Separators220705
-Node: Default Field Splitting223403
-Node: Regexp Field Splitting224521
-Node: Single Character Fields227874
-Node: Command Line Field Separator228934
-Node: Full Line Fields232152
-Ref: Full Line Fields-Footnote-1233674
-Ref: Full Line Fields-Footnote-2233720
-Node: Field Splitting Summary233821
-Node: Constant Size235895
-Node: Fixed width data236627
-Node: Skipping intervening240094
-Node: Allowing trailing data240892
-Node: Fields with fixed data241929
-Node: Splitting By Content243447
-Ref: Splitting By Content-Footnote-1247097
-Node: Testing field creation247260
-Node: Multiple Line248885
-Node: Getline255162
-Node: Plain Getline257631
-Node: Getline/Variable260272
-Node: Getline/File261423
-Node: Getline/Variable/File262811
-Ref: Getline/Variable/File-Footnote-1264416
-Node: Getline/Pipe264504
-Node: Getline/Variable/Pipe267211
-Node: Getline/Coprocess268346
-Node: Getline/Variable/Coprocess269613
-Node: Getline Notes270355
-Node: Getline Summary273152
-Ref: table-getline-variants273576
-Node: Read Timeout274324
-Ref: Read Timeout-Footnote-1278230
-Node: Retrying Input278288
-Node: Command-line directories279487
-Node: Input Summary280393
-Node: Input Exercises283565
-Node: Printing284293
-Node: Print286127
-Node: Print Examples287584
-Node: Output Separators290364
-Node: OFMT292381
-Node: Printf293737
-Node: Basic Printf294522
-Node: Control Letters296096
-Node: Format Modifiers301260
-Node: Printf Examples307275
-Node: Redirection309761
-Node: Special FD316602
-Ref: Special FD-Footnote-1319770
-Node: Special Files319844
-Node: Other Inherited Files320461
-Node: Special Network321462
-Node: Special Caveats322322
-Node: Close Files And Pipes323271
-Ref: table-close-pipe-return-values330178
-Ref: Close Files And Pipes-Footnote-1330991
-Ref: Close Files And Pipes-Footnote-2331139
-Node: Nonfatal331291
-Node: Output Summary333629
-Node: Output Exercises334851
-Node: Expressions335530
-Node: Values336718
-Node: Constants337396
-Node: Scalar Constants338087
-Ref: Scalar Constants-Footnote-1340611
-Node: Nondecimal-numbers340861
-Node: Regexp Constants343862
-Node: Using Constant Regexps344388
-Node: Standard Regexp Constants345010
-Node: Strong Regexp Constants348198
-Node: Variables351156
-Node: Using Variables351813
-Node: Assignment Options353723
-Node: Conversion356190
-Node: Strings And Numbers356714
-Ref: Strings And Numbers-Footnote-1359777
-Node: Locale influences conversions359886
-Ref: table-locale-affects362644
-Node: All Operators363262
-Node: Arithmetic Ops363891
-Node: Concatenation366397
-Ref: Concatenation-Footnote-1369244
-Node: Assignment Ops369351
-Ref: table-assign-ops374342
-Node: Increment Ops375655
-Node: Truth Values and Conditions379115
-Node: Truth Values380189
-Node: Typing and Comparison381237
-Node: Variable Typing382057
-Ref: Variable Typing-Footnote-1388520
-Ref: Variable Typing-Footnote-2388592
-Node: Comparison Operators388669
-Ref: table-relational-ops389088
-Node: POSIX String Comparison392583
-Ref: POSIX String Comparison-Footnote-1394278
-Ref: POSIX String Comparison-Footnote-2394417
-Node: Boolean Ops394501
-Ref: Boolean Ops-Footnote-1398983
-Node: Conditional Exp399075
-Node: Function Calls400811
-Node: Precedence404688
-Node: Locales408347
-Node: Expressions Summary409979
-Node: Patterns and Actions412552
-Node: Pattern Overview413672
-Node: Regexp Patterns415349
-Node: Expression Patterns415891
-Node: Ranges419672
-Node: BEGIN/END422780
-Node: Using BEGIN/END423541
-Ref: Using BEGIN/END-Footnote-1426277
-Node: I/O And BEGIN/END426383
-Node: BEGINFILE/ENDFILE428697
-Node: Empty431610
-Node: Using Shell Variables431927
-Node: Action Overview434201
-Node: Statements436526
-Node: If Statement438374
-Node: While Statement439869
-Node: Do Statement441897
-Node: For Statement443045
-Node: Switch Statement446216
-Node: Break Statement448602
-Node: Continue Statement450694
-Node: Next Statement452521
-Node: Nextfile Statement454904
-Node: Exit Statement457556
-Node: Built-in Variables459959
-Node: User-modified461092
-Node: Auto-set468859
-Ref: Auto-set-Footnote-1485666
-Ref: Auto-set-Footnote-2485872
-Node: ARGC and ARGV485928
-Node: Pattern Action Summary490141
-Node: Arrays492571
-Node: Array Basics493900
-Node: Array Intro494744
-Ref: figure-array-elements496719
-Ref: Array Intro-Footnote-1499423
-Node: Reference to Elements499551
-Node: Assigning Elements502015
-Node: Array Example502506
-Node: Scanning an Array504265
-Node: Controlling Scanning507287
-Ref: Controlling Scanning-Footnote-1512686
-Node: Numeric Array Subscripts513002
-Node: Uninitialized Subscripts515186
-Node: Delete516805
-Ref: Delete-Footnote-1519557
-Node: Multidimensional519614
-Node: Multiscanning522709
-Node: Arrays of Arrays524300
-Node: Arrays Summary529068
-Node: Functions531161
-Node: Built-in532199
-Node: Calling Built-in533280
-Node: Numeric Functions535276
-Ref: Numeric Functions-Footnote-1539304
-Ref: Numeric Functions-Footnote-2539952
-Ref: Numeric Functions-Footnote-3540000
-Node: String Functions540272
-Ref: String Functions-Footnote-1564130
-Ref: String Functions-Footnote-2564258
-Ref: String Functions-Footnote-3564506
-Node: Gory Details564593
-Ref: table-sub-escapes566384
-Ref: table-sub-proposed567903
-Ref: table-posix-sub569266
-Ref: table-gensub-escapes570807
-Ref: Gory Details-Footnote-1571630
-Node: I/O Functions571784
-Ref: table-system-return-values578252
-Ref: I/O Functions-Footnote-1580332
-Ref: I/O Functions-Footnote-2580480
-Node: Time Functions580600
-Ref: Time Functions-Footnote-1591271
-Ref: Time Functions-Footnote-2591339
-Ref: Time Functions-Footnote-3591497
-Ref: Time Functions-Footnote-4591608
-Ref: Time Functions-Footnote-5591720
-Ref: Time Functions-Footnote-6591947
-Node: Bitwise Functions592213
-Ref: table-bitwise-ops592807
-Ref: Bitwise Functions-Footnote-1598870
-Ref: Bitwise Functions-Footnote-2599043
-Node: Type Functions599234
-Node: I18N Functions601985
-Node: User-defined603636
-Node: Definition Syntax604448
-Ref: Definition Syntax-Footnote-1610135
-Node: Function Example610206
-Ref: Function Example-Footnote-1613128
-Node: Function Calling613150
-Node: Calling A Function613738
-Node: Variable Scope614696
-Node: Pass By Value/Reference617690
-Node: Function Caveats620334
-Ref: Function Caveats-Footnote-1622381
-Node: Return Statement622501
-Node: Dynamic Typing625480
-Node: Indirect Calls626410
-Ref: Indirect Calls-Footnote-1636662
-Node: Functions Summary636790
-Node: Library Functions639495
-Ref: Library Functions-Footnote-1643102
-Ref: Library Functions-Footnote-2643245
-Node: Library Names643416
-Ref: Library Names-Footnote-1647083
-Ref: Library Names-Footnote-2647306
-Node: General Functions647392
-Node: Strtonum Function648495
-Node: Assert Function651517
-Node: Round Function654843
-Node: Cliff Random Function656383
-Node: Ordinal Functions657399
-Ref: Ordinal Functions-Footnote-1660462
-Ref: Ordinal Functions-Footnote-2660714
-Node: Join Function660924
-Ref: Join Function-Footnote-1662694
-Node: Getlocaltime Function662894
-Node: Readfile Function666636
-Node: Shell Quoting668613
-Node: Data File Management670014
-Node: Filetrans Function670646
-Node: Rewind Function674742
-Node: File Checking676651
-Ref: File Checking-Footnote-1677985
-Node: Empty Files678186
-Node: Ignoring Assigns680165
-Node: Getopt Function681715
-Ref: Getopt Function-Footnote-1693184
-Node: Passwd Functions693384
-Ref: Passwd Functions-Footnote-1702223
-Node: Group Functions702311
-Ref: Group Functions-Footnote-1710209
-Node: Walking Arrays710416
-Node: Library Functions Summary713424
-Node: Library Exercises714830
-Node: Sample Programs715295
-Node: Running Examples716065
-Node: Clones716793
-Node: Cut Program718017
-Node: Egrep Program727946
-Ref: Egrep Program-Footnote-1735458
-Node: Id Program735568
-Node: Split Program739248
-Ref: Split Program-Footnote-1742706
-Node: Tee Program742835
-Node: Uniq Program745625
-Node: Wc Program753246
-Ref: Wc Program-Footnote-1757501
-Node: Miscellaneous Programs757595
-Node: Dupword Program758808
-Node: Alarm Program760838
-Node: Translate Program765693
-Ref: Translate Program-Footnote-1770258
-Node: Labels Program770528
-Ref: Labels Program-Footnote-1773879
-Node: Word Sorting773963
-Node: History Sorting778035
-Node: Extract Program779870
-Node: Simple Sed787924
-Node: Igawk Program790998
-Ref: Igawk Program-Footnote-1805329
-Ref: Igawk Program-Footnote-2805531
-Ref: Igawk Program-Footnote-3805653
-Node: Anagram Program805768
-Node: Signature Program808830
-Node: Programs Summary810077
-Node: Programs Exercises811291
-Ref: Programs Exercises-Footnote-1815420
-Node: Advanced Features815511
-Node: Nondecimal Data817501
-Node: Array Sorting819092
-Node: Controlling Array Traversal819792
-Ref: Controlling Array Traversal-Footnote-1828160
-Node: Array Sorting Functions828278
-Ref: Array Sorting Functions-Footnote-1833369
-Node: Two-way I/O833565
-Ref: Two-way I/O-Footnote-1841286
-Ref: Two-way I/O-Footnote-2841473
-Node: TCP/IP Networking841555
-Node: Profiling844673
-Node: Advanced Features Summary853688
-Node: Internationalization855532
-Node: I18N and L10N857012
-Node: Explaining gettext857699
-Ref: Explaining gettext-Footnote-1863591
-Ref: Explaining gettext-Footnote-2863776
-Node: Programmer i18n863941
-Ref: Programmer i18n-Footnote-1868890
-Node: Translator i18n868939
-Node: String Extraction869733
-Ref: String Extraction-Footnote-1870865
-Node: Printf Ordering870951
-Ref: Printf Ordering-Footnote-1873737
-Node: I18N Portability873801
-Ref: I18N Portability-Footnote-1876257
-Node: I18N Example876320
-Ref: I18N Example-Footnote-1879595
-Ref: I18N Example-Footnote-2879668
-Node: Gawk I18N879777
-Node: I18N Summary880426
-Node: Debugger881767
-Node: Debugging882767
-Node: Debugging Concepts883208
-Node: Debugging Terms885017
-Node: Awk Debugging887592
-Ref: Awk Debugging-Footnote-1888537
-Node: Sample Debugging Session888669
-Node: Debugger Invocation889203
-Node: Finding The Bug890589
-Node: List of Debugger Commands897063
-Node: Breakpoint Control898396
-Node: Debugger Execution Control902090
-Node: Viewing And Changing Data905452
-Node: Execution Stack908993
-Node: Debugger Info910630
-Node: Miscellaneous Debugger Commands914701
-Node: Readline Support919763
-Node: Limitations920659
-Node: Debugging Summary923213
-Node: Namespaces924492
-Node: Global Namespace925571
-Node: Qualified Names926969
-Node: Default Namespace927968
-Node: Changing The Namespace928709
-Node: Naming Rules930323
-Node: Internal Name Management932171
-Node: Namespace Example933213
-Node: Namespace And Features935775
-Node: Namespace Summary937210
-Node: Arbitrary Precision Arithmetic938687
-Node: Computer Arithmetic940174
-Ref: table-numeric-ranges943940
-Ref: table-floating-point-ranges944433
-Ref: Computer Arithmetic-Footnote-1945091
-Node: Math Definitions945148
-Ref: table-ieee-formats948464
-Ref: Math Definitions-Footnote-1949067
-Node: MPFR features949172
-Node: FP Math Caution950890
-Ref: FP Math Caution-Footnote-1951962
-Node: Inexactness of computations952331
-Node: Inexact representation953291
-Node: Comparing FP Values954651
-Node: Errors accumulate955892
-Node: Getting Accuracy957325
-Node: Try To Round960035
-Node: Setting precision960934
-Ref: table-predefined-precision-strings961631
-Node: Setting the rounding mode963461
-Ref: table-gawk-rounding-modes963835
-Ref: Setting the rounding mode-Footnote-1967766
-Node: Arbitrary Precision Integers967945
-Ref: Arbitrary Precision Integers-Footnote-1971120
-Node: Checking for MPFR971269
-Node: POSIX Floating Point Problems972743
-Ref: POSIX Floating Point Problems-Footnote-1977028
-Node: Floating point summary977066
-Node: Dynamic Extensions979256
-Node: Extension Intro980809
-Node: Plugin License982075
-Node: Extension Mechanism Outline982872
-Ref: figure-load-extension983311
-Ref: figure-register-new-function984876
-Ref: figure-call-new-function985968
-Node: Extension API Description988030
-Node: Extension API Functions Introduction989672
-Ref: table-api-std-headers991508
-Node: General Data Types995373
-Ref: General Data Types-Footnote-11003734
-Node: Memory Allocation Functions1004033
-Ref: Memory Allocation Functions-Footnote-11008243
-Node: Constructor Functions1008342
-Node: Registration Functions1011928
-Node: Extension Functions1012613
-Node: Exit Callback Functions1017935
-Node: Extension Version String1019185
-Node: Input Parsers1019848
-Node: Output Wrappers1032569
-Node: Two-way processors1037081
-Node: Printing Messages1039346
-Ref: Printing Messages-Footnote-11040517
-Node: Updating ERRNO1040670
-Node: Requesting Values1041409
-Ref: table-value-types-returned1042146
-Node: Accessing Parameters1043082
-Node: Symbol Table Access1044317
-Node: Symbol table by name1044829
-Ref: Symbol table by name-Footnote-11047853
-Node: Symbol table by cookie1047981
-Ref: Symbol table by cookie-Footnote-11052166
-Node: Cached values1052230
-Ref: Cached values-Footnote-11055766
-Node: Array Manipulation1055919
-Ref: Array Manipulation-Footnote-11057010
-Node: Array Data Types1057047
-Ref: Array Data Types-Footnote-11059705
-Node: Array Functions1059797
-Node: Flattening Arrays1064295
-Node: Creating Arrays1071271
-Node: Redirection API1076038
-Node: Extension API Variables1078871
-Node: Extension Versioning1079582
-Ref: gawk-api-version1080011
-Node: Extension GMP/MPFR Versioning1081742
-Node: Extension API Informational Variables1083370
-Node: Extension API Boilerplate1084443
-Node: Changes from API V11088417
-Node: Finding Extensions1089989
-Node: Extension Example1090548
-Node: Internal File Description1091346
-Node: Internal File Ops1095426
-Ref: Internal File Ops-Footnote-11106776
-Node: Using Internal File Ops1106916
-Ref: Using Internal File Ops-Footnote-11109299
-Node: Extension Samples1109573
-Node: Extension Sample File Functions1111102
-Node: Extension Sample Fnmatch1118751
-Node: Extension Sample Fork1120238
-Node: Extension Sample Inplace1121456
-Node: Extension Sample Ord1124760
-Node: Extension Sample Readdir1125596
-Ref: table-readdir-file-types1126485
-Node: Extension Sample Revout1127290
-Node: Extension Sample Rev2way1127879
-Node: Extension Sample Read write array1128619
-Node: Extension Sample Readfile1130561
-Node: Extension Sample Time1131656
-Node: Extension Sample API Tests1133004
-Node: gawkextlib1133496
-Node: Extension summary1136414
-Node: Extension Exercises1140116
-Node: Language History1141358
-Node: V7/SVR3.11143014
-Node: SVR41145166
-Node: POSIX1146600
-Node: BTL1147980
-Node: POSIX/GNU1148709
-Node: Feature History1154487
-Node: Common Extensions1170533
-Node: Ranges and Locales1171816
-Ref: Ranges and Locales-Footnote-11176432
-Ref: Ranges and Locales-Footnote-21176459
-Ref: Ranges and Locales-Footnote-31176694
-Node: Contributors1176915
-Node: History summary1182860
-Node: Installation1184240
-Node: Gawk Distribution1185184
-Node: Getting1185668
-Node: Extracting1186631
-Node: Distribution contents1188269
-Node: Unix Installation1194749
-Node: Quick Installation1195431
-Node: Shell Startup Files1197845
-Node: Additional Configuration Options1198934
-Node: Configuration Philosophy1201249
-Node: Non-Unix Installation1203618
-Node: PC Installation1204078
-Node: PC Binary Installation1204916
-Node: PC Compiling1205351
-Node: PC Using1206468
-Node: Cygwin1210021
-Node: MSYS1211120
-Node: VMS Installation1211621
-Node: VMS Compilation1212412
-Ref: VMS Compilation-Footnote-11213641
-Node: VMS Dynamic Extensions1213699
-Node: VMS Installation Details1215384
-Node: VMS Running1217637
-Node: VMS GNV1221916
-Node: VMS Old Gawk1222651
-Node: Bugs1223122
-Node: Bug address1223785
-Node: Usenet1226767
-Node: Maintainers1227771
-Node: Other Versions1229032
-Node: Installation summary1236120
-Node: Notes1237322
-Node: Compatibility Mode1238116
-Node: Additions1238898
-Node: Accessing The Source1239823
-Node: Adding Code1241260
-Node: New Ports1247479
-Node: Derived Files1251854
-Ref: Derived Files-Footnote-11257514
-Ref: Derived Files-Footnote-21257549
-Ref: Derived Files-Footnote-31258147
-Node: Future Extensions1258261
-Node: Implementation Limitations1258919
-Node: Extension Design1260102
-Node: Old Extension Problems1261246
-Ref: Old Extension Problems-Footnote-11262764
-Node: Extension New Mechanism Goals1262821
-Ref: Extension New Mechanism Goals-Footnote-11266185
-Node: Extension Other Design Decisions1266374
-Node: Extension Future Growth1268487
-Node: Notes summary1269323
-Node: Basic Concepts1270481
-Node: Basic High Level1271162
-Ref: figure-general-flow1271444
-Ref: figure-process-flow1272129
-Ref: Basic High Level-Footnote-11275430
-Node: Basic Data Typing1275615
-Node: Glossary1278943
-Node: Copying1310781
-Node: GNU Free Documentation License1348324
-Node: Index1373444
+Ref: Options-Footnote-1136851
+Ref: Options-Footnote-2137082
+Node: Other Arguments137107
+Node: Naming Standard Input140054
+Node: Environment Variables141264
+Node: AWKPATH Variable141822
+Ref: AWKPATH Variable-Footnote-1145234
+Ref: AWKPATH Variable-Footnote-2145268
+Node: AWKLIBPATH Variable145529
+Node: Other Environment Variables147187
+Node: Exit Status151008
+Node: Include Files151685
+Node: Loading Shared Libraries155375
+Node: Obsolete156803
+Node: Undocumented157495
+Node: Invoking Summary157792
+Node: Regexp159452
+Node: Regexp Usage160906
+Node: Escape Sequences162943
+Node: Regexp Operators169175
+Node: Regexp Operator Details169660
+Ref: Regexp Operator Details-Footnote-1175782
+Node: Interval Expressions175929
+Ref: Interval Expressions-Footnote-1177364
+Node: Bracket Expressions177462
+Ref: table-char-classes179938
+Node: Leftmost Longest183264
+Node: Computed Regexps184567
+Node: GNU Regexp Operators187994
+Node: Case-sensitivity191673
+Ref: Case-sensitivity-Footnote-1194539
+Ref: Case-sensitivity-Footnote-2194774
+Node: Regexp Summary194882
+Node: Reading Files196348
+Node: Records198617
+Node: awk split records199692
+Node: gawk split records204967
+Ref: gawk split records-Footnote-1209553
+Node: Fields209590
+Node: Nonconstant Fields212331
+Ref: Nonconstant Fields-Footnote-1214567
+Node: Changing Fields214771
+Node: Field Separators220802
+Node: Default Field Splitting223500
+Node: Regexp Field Splitting224618
+Node: Single Character Fields227971
+Node: Command Line Field Separator229031
+Node: Full Line Fields232249
+Ref: Full Line Fields-Footnote-1233771
+Ref: Full Line Fields-Footnote-2233817
+Node: Field Splitting Summary233918
+Node: Constant Size235992
+Node: Fixed width data236724
+Node: Skipping intervening240191
+Node: Allowing trailing data240989
+Node: Fields with fixed data242026
+Node: Splitting By Content243544
+Ref: Splitting By Content-Footnote-1247194
+Node: Testing field creation247357
+Node: Multiple Line248982
+Node: Getline255259
+Node: Plain Getline257728
+Node: Getline/Variable260369
+Node: Getline/File261520
+Node: Getline/Variable/File262908
+Ref: Getline/Variable/File-Footnote-1264513
+Node: Getline/Pipe264601
+Node: Getline/Variable/Pipe267308
+Node: Getline/Coprocess268443
+Node: Getline/Variable/Coprocess269710
+Node: Getline Notes270452
+Node: Getline Summary273249
+Ref: table-getline-variants273673
+Node: Read Timeout274421
+Ref: Read Timeout-Footnote-1278327
+Node: Retrying Input278385
+Node: Command-line directories279584
+Node: Input Summary280490
+Node: Input Exercises283662
+Node: Printing284390
+Node: Print286224
+Node: Print Examples287681
+Node: Output Separators290461
+Node: OFMT292478
+Node: Printf293834
+Node: Basic Printf294619
+Node: Control Letters296193
+Node: Format Modifiers301357
+Node: Printf Examples307372
+Node: Redirection309858
+Node: Special FD316699
+Ref: Special FD-Footnote-1319867
+Node: Special Files319941
+Node: Other Inherited Files320558
+Node: Special Network321559
+Node: Special Caveats322419
+Node: Close Files And Pipes323368
+Ref: table-close-pipe-return-values330275
+Ref: Close Files And Pipes-Footnote-1331088
+Ref: Close Files And Pipes-Footnote-2331236
+Node: Nonfatal331388
+Node: Output Summary333726
+Node: Output Exercises334948
+Node: Expressions335627
+Node: Values336815
+Node: Constants337493
+Node: Scalar Constants338184
+Ref: Scalar Constants-Footnote-1340708
+Node: Nondecimal-numbers340958
+Node: Regexp Constants343959
+Node: Using Constant Regexps344485
+Node: Standard Regexp Constants345107
+Node: Strong Regexp Constants348295
+Node: Variables351253
+Node: Using Variables351910
+Node: Assignment Options353820
+Node: Conversion356287
+Node: Strings And Numbers356811
+Ref: Strings And Numbers-Footnote-1359874
+Node: Locale influences conversions359983
+Ref: table-locale-affects362741
+Node: All Operators363359
+Node: Arithmetic Ops363988
+Node: Concatenation366494
+Ref: Concatenation-Footnote-1369341
+Node: Assignment Ops369448
+Ref: table-assign-ops374439
+Node: Increment Ops375752
+Node: Truth Values and Conditions379212
+Node: Truth Values380286
+Node: Typing and Comparison381334
+Node: Variable Typing382154
+Ref: Variable Typing-Footnote-1388617
+Ref: Variable Typing-Footnote-2388689
+Node: Comparison Operators388766
+Ref: table-relational-ops389185
+Node: POSIX String Comparison392680
+Ref: POSIX String Comparison-Footnote-1394375
+Ref: POSIX String Comparison-Footnote-2394514
+Node: Boolean Ops394598
+Ref: Boolean Ops-Footnote-1399080
+Node: Conditional Exp399172
+Node: Function Calls400908
+Node: Precedence404785
+Node: Locales408444
+Node: Expressions Summary410076
+Node: Patterns and Actions412649
+Node: Pattern Overview413769
+Node: Regexp Patterns415446
+Node: Expression Patterns415988
+Node: Ranges419769
+Node: BEGIN/END422877
+Node: Using BEGIN/END423638
+Ref: Using BEGIN/END-Footnote-1426374
+Node: I/O And BEGIN/END426480
+Node: BEGINFILE/ENDFILE428794
+Node: Empty431707
+Node: Using Shell Variables432024
+Node: Action Overview434298
+Node: Statements436623
+Node: If Statement438471
+Node: While Statement439966
+Node: Do Statement441994
+Node: For Statement443142
+Node: Switch Statement446313
+Node: Break Statement448699
+Node: Continue Statement450791
+Node: Next Statement452618
+Node: Nextfile Statement455001
+Node: Exit Statement457653
+Node: Built-in Variables460056
+Node: User-modified461189
+Node: Auto-set468956
+Ref: Auto-set-Footnote-1485763
+Ref: Auto-set-Footnote-2485969
+Node: ARGC and ARGV486025
+Node: Pattern Action Summary490238
+Node: Arrays492668
+Node: Array Basics493997
+Node: Array Intro494841
+Ref: figure-array-elements496816
+Ref: Array Intro-Footnote-1499520
+Node: Reference to Elements499648
+Node: Assigning Elements502112
+Node: Array Example502603
+Node: Scanning an Array504362
+Node: Controlling Scanning507384
+Ref: Controlling Scanning-Footnote-1512783
+Node: Numeric Array Subscripts513099
+Node: Uninitialized Subscripts515283
+Node: Delete516902
+Ref: Delete-Footnote-1519654
+Node: Multidimensional519711
+Node: Multiscanning522806
+Node: Arrays of Arrays524397
+Node: Arrays Summary529165
+Node: Functions531258
+Node: Built-in532296
+Node: Calling Built-in533377
+Node: Numeric Functions535373
+Ref: Numeric Functions-Footnote-1539401
+Ref: Numeric Functions-Footnote-2540049
+Ref: Numeric Functions-Footnote-3540097
+Node: String Functions540369
+Ref: String Functions-Footnote-1564227
+Ref: String Functions-Footnote-2564355
+Ref: String Functions-Footnote-3564603
+Node: Gory Details564690
+Ref: table-sub-escapes566481
+Ref: table-sub-proposed568000
+Ref: table-posix-sub569363
+Ref: table-gensub-escapes570904
+Ref: Gory Details-Footnote-1571727
+Node: I/O Functions571881
+Ref: table-system-return-values578349
+Ref: I/O Functions-Footnote-1580429
+Ref: I/O Functions-Footnote-2580577
+Node: Time Functions580697
+Ref: Time Functions-Footnote-1591368
+Ref: Time Functions-Footnote-2591436
+Ref: Time Functions-Footnote-3591594
+Ref: Time Functions-Footnote-4591705
+Ref: Time Functions-Footnote-5591817
+Ref: Time Functions-Footnote-6592044
+Node: Bitwise Functions592310
+Ref: table-bitwise-ops592904
+Ref: Bitwise Functions-Footnote-1598967
+Ref: Bitwise Functions-Footnote-2599140
+Node: Type Functions599331
+Node: I18N Functions602082
+Node: User-defined603733
+Node: Definition Syntax604545
+Ref: Definition Syntax-Footnote-1610232
+Node: Function Example610303
+Ref: Function Example-Footnote-1613225
+Node: Function Calling613247
+Node: Calling A Function613835
+Node: Variable Scope614793
+Node: Pass By Value/Reference617787
+Node: Function Caveats620431
+Ref: Function Caveats-Footnote-1622478
+Node: Return Statement622598
+Node: Dynamic Typing625577
+Node: Indirect Calls626507
+Ref: Indirect Calls-Footnote-1636759
+Node: Functions Summary636887
+Node: Library Functions639592
+Ref: Library Functions-Footnote-1643199
+Ref: Library Functions-Footnote-2643342
+Node: Library Names643513
+Ref: Library Names-Footnote-1647180
+Ref: Library Names-Footnote-2647403
+Node: General Functions647489
+Node: Strtonum Function648592
+Node: Assert Function651614
+Node: Round Function654940
+Node: Cliff Random Function656480
+Node: Ordinal Functions657496
+Ref: Ordinal Functions-Footnote-1660559
+Ref: Ordinal Functions-Footnote-2660811
+Node: Join Function661021
+Ref: Join Function-Footnote-1662791
+Node: Getlocaltime Function662991
+Node: Readfile Function666733
+Node: Shell Quoting668710
+Node: Data File Management670111
+Node: Filetrans Function670743
+Node: Rewind Function674839
+Node: File Checking676748
+Ref: File Checking-Footnote-1678082
+Node: Empty Files678283
+Node: Ignoring Assigns680262
+Node: Getopt Function681812
+Ref: Getopt Function-Footnote-1693281
+Node: Passwd Functions693481
+Ref: Passwd Functions-Footnote-1702320
+Node: Group Functions702408
+Ref: Group Functions-Footnote-1710306
+Node: Walking Arrays710513
+Node: Library Functions Summary713521
+Node: Library Exercises714927
+Node: Sample Programs715392
+Node: Running Examples716162
+Node: Clones716890
+Node: Cut Program718114
+Node: Egrep Program728043
+Ref: Egrep Program-Footnote-1735555
+Node: Id Program735665
+Node: Split Program739345
+Ref: Split Program-Footnote-1742803
+Node: Tee Program742932
+Node: Uniq Program745722
+Node: Wc Program753343
+Ref: Wc Program-Footnote-1757598
+Node: Miscellaneous Programs757692
+Node: Dupword Program758905
+Node: Alarm Program760935
+Node: Translate Program765790
+Ref: Translate Program-Footnote-1770355
+Node: Labels Program770625
+Ref: Labels Program-Footnote-1773976
+Node: Word Sorting774060
+Node: History Sorting778132
+Node: Extract Program779967
+Node: Simple Sed788021
+Node: Igawk Program791095
+Ref: Igawk Program-Footnote-1805426
+Ref: Igawk Program-Footnote-2805628
+Ref: Igawk Program-Footnote-3805750
+Node: Anagram Program805865
+Node: Signature Program808927
+Node: Programs Summary810174
+Node: Programs Exercises811388
+Ref: Programs Exercises-Footnote-1815517
+Node: Advanced Features815608
+Node: Nondecimal Data817598
+Node: Array Sorting819189
+Node: Controlling Array Traversal819889
+Ref: Controlling Array Traversal-Footnote-1828257
+Node: Array Sorting Functions828375
+Ref: Array Sorting Functions-Footnote-1833466
+Node: Two-way I/O833662
+Ref: Two-way I/O-Footnote-1841383
+Ref: Two-way I/O-Footnote-2841570
+Node: TCP/IP Networking841652
+Node: Profiling844770
+Node: Advanced Features Summary853785
+Node: Internationalization855629
+Node: I18N and L10N857109
+Node: Explaining gettext857796
+Ref: Explaining gettext-Footnote-1863688
+Ref: Explaining gettext-Footnote-2863873
+Node: Programmer i18n864038
+Ref: Programmer i18n-Footnote-1868987
+Node: Translator i18n869036
+Node: String Extraction869830
+Ref: String Extraction-Footnote-1870962
+Node: Printf Ordering871048
+Ref: Printf Ordering-Footnote-1873834
+Node: I18N Portability873898
+Ref: I18N Portability-Footnote-1876354
+Node: I18N Example876417
+Ref: I18N Example-Footnote-1879692
+Ref: I18N Example-Footnote-2879765
+Node: Gawk I18N879874
+Node: I18N Summary880523
+Node: Debugger881864
+Node: Debugging882864
+Node: Debugging Concepts883305
+Node: Debugging Terms885114
+Node: Awk Debugging887689
+Ref: Awk Debugging-Footnote-1888634
+Node: Sample Debugging Session888766
+Node: Debugger Invocation889300
+Node: Finding The Bug890686
+Node: List of Debugger Commands897160
+Node: Breakpoint Control898493
+Node: Debugger Execution Control902187
+Node: Viewing And Changing Data905549
+Node: Execution Stack909090
+Node: Debugger Info910727
+Node: Miscellaneous Debugger Commands914798
+Node: Readline Support919860
+Node: Limitations920756
+Node: Debugging Summary923310
+Node: Namespaces924589
+Node: Global Namespace925668
+Node: Qualified Names927066
+Node: Default Namespace928065
+Node: Changing The Namespace928806
+Node: Naming Rules930420
+Node: Internal Name Management932268
+Node: Namespace Example933310
+Node: Namespace And Features935872
+Node: Namespace Summary937307
+Node: Arbitrary Precision Arithmetic938784
+Node: Computer Arithmetic940271
+Ref: table-numeric-ranges944037
+Ref: table-floating-point-ranges944530
+Ref: Computer Arithmetic-Footnote-1945188
+Node: Math Definitions945245
+Ref: table-ieee-formats948561
+Ref: Math Definitions-Footnote-1949164
+Node: MPFR features949269
+Node: FP Math Caution950987
+Ref: FP Math Caution-Footnote-1952059
+Node: Inexactness of computations952428
+Node: Inexact representation953388
+Node: Comparing FP Values954748
+Node: Errors accumulate955989
+Node: Getting Accuracy957422
+Node: Try To Round960132
+Node: Setting precision961031
+Ref: table-predefined-precision-strings961728
+Node: Setting the rounding mode963558
+Ref: table-gawk-rounding-modes963932
+Ref: Setting the rounding mode-Footnote-1967863
+Node: Arbitrary Precision Integers968042
+Ref: Arbitrary Precision Integers-Footnote-1971217
+Node: Checking for MPFR971366
+Node: POSIX Floating Point Problems972840
+Ref: POSIX Floating Point Problems-Footnote-1977125
+Node: Floating point summary977163
+Node: Dynamic Extensions979353
+Node: Extension Intro980906
+Node: Plugin License982172
+Node: Extension Mechanism Outline982969
+Ref: figure-load-extension983408
+Ref: figure-register-new-function984973
+Ref: figure-call-new-function986065
+Node: Extension API Description988127
+Node: Extension API Functions Introduction989769
+Ref: table-api-std-headers991605
+Node: General Data Types995470
+Ref: General Data Types-Footnote-11003831
+Node: Memory Allocation Functions1004130
+Ref: Memory Allocation Functions-Footnote-11008340
+Node: Constructor Functions1008439
+Node: Registration Functions1012025
+Node: Extension Functions1012710
+Node: Exit Callback Functions1018032
+Node: Extension Version String1019282
+Node: Input Parsers1019945
+Node: Output Wrappers1032666
+Node: Two-way processors1037178
+Node: Printing Messages1039443
+Ref: Printing Messages-Footnote-11040614
+Node: Updating ERRNO1040767
+Node: Requesting Values1041506
+Ref: table-value-types-returned1042243
+Node: Accessing Parameters1043179
+Node: Symbol Table Access1044414
+Node: Symbol table by name1044926
+Ref: Symbol table by name-Footnote-11047950
+Node: Symbol table by cookie1048078
+Ref: Symbol table by cookie-Footnote-11052263
+Node: Cached values1052327
+Ref: Cached values-Footnote-11055863
+Node: Array Manipulation1056016
+Ref: Array Manipulation-Footnote-11057107
+Node: Array Data Types1057144
+Ref: Array Data Types-Footnote-11059802
+Node: Array Functions1059894
+Node: Flattening Arrays1064392
+Node: Creating Arrays1071368
+Node: Redirection API1076135
+Node: Extension API Variables1078968
+Node: Extension Versioning1079679
+Ref: gawk-api-version1080108
+Node: Extension GMP/MPFR Versioning1081839
+Node: Extension API Informational Variables1083467
+Node: Extension API Boilerplate1084540
+Node: Changes from API V11088514
+Node: Finding Extensions1090086
+Node: Extension Example1090645
+Node: Internal File Description1091443
+Node: Internal File Ops1095523
+Ref: Internal File Ops-Footnote-11106873
+Node: Using Internal File Ops1107013
+Ref: Using Internal File Ops-Footnote-11109396
+Node: Extension Samples1109670
+Node: Extension Sample File Functions1111199
+Node: Extension Sample Fnmatch1118848
+Node: Extension Sample Fork1120335
+Node: Extension Sample Inplace1121553
+Node: Extension Sample Ord1124857
+Node: Extension Sample Readdir1125693
+Ref: table-readdir-file-types1126582
+Node: Extension Sample Revout1127387
+Node: Extension Sample Rev2way1127976
+Node: Extension Sample Read write array1128716
+Node: Extension Sample Readfile1130658
+Node: Extension Sample Time1131753
+Node: Extension Sample API Tests1133101
+Node: gawkextlib1133593
+Node: Extension summary1136511
+Node: Extension Exercises1140213
+Node: Language History1141455
+Node: V7/SVR3.11143111
+Node: SVR41145263
+Node: POSIX1146697
+Node: BTL1148077
+Node: POSIX/GNU1148806
+Node: Feature History1154584
+Node: Common Extensions1170630
+Node: Ranges and Locales1171913
+Ref: Ranges and Locales-Footnote-11176529
+Ref: Ranges and Locales-Footnote-21176556
+Ref: Ranges and Locales-Footnote-31176791
+Node: Contributors1177012
+Node: History summary1182965
+Node: Installation1184345
+Node: Gawk Distribution1185289
+Node: Getting1185773
+Node: Extracting1186736
+Node: Distribution contents1188374
+Node: Unix Installation1194854
+Node: Quick Installation1195536
+Node: Shell Startup Files1197950
+Node: Additional Configuration Options1199039
+Node: Configuration Philosophy1201354
+Node: Non-Unix Installation1203723
+Node: PC Installation1204183
+Node: PC Binary Installation1205021
+Node: PC Compiling1205456
+Node: PC Using1206573
+Node: Cygwin1210126
+Node: MSYS1211225
+Node: VMS Installation1211726
+Node: VMS Compilation1212517
+Ref: VMS Compilation-Footnote-11213746
+Node: VMS Dynamic Extensions1213804
+Node: VMS Installation Details1215489
+Node: VMS Running1217742
+Node: VMS GNV1222021
+Node: VMS Old Gawk1222756
+Node: Bugs1223227
+Node: Bug address1223890
+Node: Usenet1226872
+Node: Maintainers1227876
+Node: Other Versions1229137
+Node: Installation summary1236225
+Node: Notes1237427
+Node: Compatibility Mode1238221
+Node: Additions1239003
+Node: Accessing The Source1239928
+Node: Adding Code1241365
+Node: New Ports1247584
+Node: Derived Files1251959
+Ref: Derived Files-Footnote-11257619
+Ref: Derived Files-Footnote-21257654
+Ref: Derived Files-Footnote-31258252
+Node: Future Extensions1258366
+Node: Implementation Limitations1259024
+Node: Extension Design1260207
+Node: Old Extension Problems1261351
+Ref: Old Extension Problems-Footnote-11262869
+Node: Extension New Mechanism Goals1262926
+Ref: Extension New Mechanism Goals-Footnote-11266290
+Node: Extension Other Design Decisions1266479
+Node: Extension Future Growth1268592
+Node: Notes summary1269428
+Node: Basic Concepts1270586
+Node: Basic High Level1271267
+Ref: figure-general-flow1271549
+Ref: figure-process-flow1272234
+Ref: Basic High Level-Footnote-11275535
+Node: Basic Data Typing1275720
+Node: Glossary1279048
+Node: Copying1310886
+Node: GNU Free Documentation License1348429
+Node: Index1373549

End Tag Table
diff --git a/doc/gawk.texi b/doc/gawk.texi
index d56261b6..0844b80c 100644
--- a/doc/gawk.texi
+++ b/doc/gawk.texi
@@ -4271,10 +4271,13 @@ representation of the program.
@cindex @option{-S} option
@cindex @option{--sandbox} option
@cindex sandbox mode
+@cindex @code{ARGV} array
Disable the @code{system()} function,
input redirections with @code{getline},
output redirections with @code{print} and @code{printf},
and dynamic extensions.
+Also, disallow adding filenames to @code{ARGV} that were
+not there when @command{gawk} started running.
This is particularly useful when you want to run @command{awk} scripts
from questionable sources and need to make sure the scripts
can't access your system (other than the specified input @value{DF}).
@@ -39955,7 +39958,7 @@ Anders Wallin helped keep the VMS port going for several years.
@item
@cindex Gordon, Assaf
-Assaf Gordon contributed the code to implement the
+Assaf Gordon contributed the initial code to implement the
@option{--sandbox} option.
@item
diff --git a/doc/gawktexi.in b/doc/gawktexi.in
index 5487bb7f..80650513 100644
--- a/doc/gawktexi.in
+++ b/doc/gawktexi.in
@@ -4181,10 +4181,13 @@ representation of the program.
@cindex @option{-S} option
@cindex @option{--sandbox} option
@cindex sandbox mode
+@cindex @code{ARGV} array
Disable the @code{system()} function,
input redirections with @code{getline},
output redirections with @code{print} and @code{printf},
and dynamic extensions.
+Also, disallow adding filenames to @code{ARGV} that were
+not there when @command{gawk} started running.
This is particularly useful when you want to run @command{awk} scripts
from questionable sources and need to make sure the scripts
can't access your system (other than the specified input @value{DF}).
@@ -38928,7 +38931,7 @@ Anders Wallin helped keep the VMS port going for several years.
@item
@cindex Gordon, Assaf
-Assaf Gordon contributed the code to implement the
+Assaf Gordon contributed the initial code to implement the
@option{--sandbox} option.
@item
diff --git a/main.c b/main.c
index 8327cc74..1f23e57c 100644
--- a/main.c
+++ b/main.c
@@ -749,6 +749,7 @@ init_args(int argc0, int argc, const char *argv0, char **argv)
{
int i, j;
NODE *sub, *val;
+ NODE *shadow_node = NULL;
ARGV_node = install_symbol(estrdup("ARGV", 4), Node_var_array);
sub = make_number(0.0);
@@ -756,15 +757,32 @@ init_args(int argc0, int argc, const char *argv0, char **argv)
val->flags |= USER_INPUT;
assoc_set(ARGV_node, sub, val);
+ if (do_sandbox) {
+ shadow_node = make_array();
+ sub = make_string(argv0, strlen(argv0));
+ val = make_number(0.0);
+ assoc_set(shadow_node, sub, val);
+ }
+
+
for (i = argc0, j = 1; i < argc; i++, j++) {
sub = make_number((AWKNUM) j);
val = make_string(argv[i], strlen(argv[i]));
val->flags |= USER_INPUT;
assoc_set(ARGV_node, sub, val);
+
+ if (do_sandbox) {
+ sub = make_string(argv[i], strlen(argv[i]));
+ val = make_number(0.0);
+ assoc_set(shadow_node, sub, val);
+ }
}
ARGC_node = install_symbol(estrdup("ARGC", 4), Node_var);
ARGC_node->var_value = make_number((AWKNUM) j);
+
+ if (do_sandbox)
+ init_argv_array(ARGV_node, shadow_node);
}
diff --git a/test/ChangeLog b/test/ChangeLog
index e5b9dce2..c3d7475f 100644
--- a/test/ChangeLog
+++ b/test/ChangeLog
@@ -1,6 +1,13 @@
+2019-05-06 Arnold D. Robbins <arnold@skeeve.com>
+
+ * Makefile.am (EXTRA_DIST): New test: sandbox1.
+ (NEED_SANDBOX): New list of tests.
+ * Gentests: Handle NEED_SANDBOX.
+ * sandbox1.awk, sandbox1.ok: New files.
+
2019-02-22 Andrew J. Schorr <aschorr@telemetry-investments.com>
- * Makefile.am (EXTRA_DIST): New test assignnumfield2.
+ * Makefile.am (EXTRA_DIST): New test: assignnumfield2.
* assignnumfield2.awk, assignnumfield2.ok: New files.
2019-04-21 Arnold D. Robbins <arnold@skeeve.com>
diff --git a/test/Gentests b/test/Gentests
index cf4ba908..9f51b927 100755
--- a/test/Gentests
+++ b/test/Gentests
@@ -94,6 +94,13 @@ BEGIN {
next
}
+/^NEED_SANDBOX *=/,/[^\\]$/ {
+ gsub(/(^NEED_SANDBOX *=|\\$)/,"")
+ for (i = 1; i <= NF; i++)
+ sandbox[$i]
+ next
+}
+
/^GENTESTS_UNUSED *=/,/[^\\]$/ {
gsub(/(^GENTESTS_UNUSED *=|\\$)/,"")
for (i = 1; i <= NF; i++)
@@ -204,6 +211,10 @@ function generate(x, s, i, locale_string)
s = s " --traditional"
delete traditional[x]
}
+ if (x in sandbox) {
+ s = s " --sandbox"
+ delete sandbox[x]
+ }
if (x in pretty) {
s = s " --pretty-print=_$@"
delete pretty[x]
diff --git a/test/Makefile.am b/test/Makefile.am
index 4a5ab2d2..3db7c04d 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -1067,6 +1067,8 @@ EXTRA_DIST = \
rwarray.awk \
rwarray.in \
rwarray.ok \
+ sandbox1.awk \
+ sandbox1.ok \
scalar.awk \
scalar.ok \
sclforin.awk \
@@ -1354,7 +1356,8 @@ GAWK_EXT_TESTS = \
profile7 profile8 profile9 profile10 profile11 profile12 pty1 pty2 \
rebuf regnul1 regnul2 regx8bit reginttrad reint reint2 rsgetline rsglstdin \
rsstart1 rsstart2 rsstart3 rstest6 \
- shadow shadowbuiltin sortfor sortfor2 sortu sourcesplit split_after_fpat \
+ sandbox1 shadow shadowbuiltin sortfor sortfor2 sortu \
+ sourcesplit split_after_fpat \
splitarg4 strftfld strftime strtonum strtonum1 switch2 symtab1 symtab2 \
symtab3 symtab4 symtab5 symtab6 symtab7 symtab8 symtab9 symtab10 \
timeout typedregex1 typedregex2 typedregex3 typedregex4 \
@@ -1414,6 +1417,9 @@ NEED_PRETTY = nsprof1 nsprof2 \
# List of tests that need --re-interval
NEED_RE_INTERVAL = gsubtst3 reint reint2
+# List of tests that need --sandbox
+NEED_SANDBOX = sandbox1
+
# List of tests that need --traditional
NEED_TRADITIONAL = litoct tradanch rscompat
diff --git a/test/Makefile.in b/test/Makefile.in
index bd261a5b..5496d3cf 100644
--- a/test/Makefile.in
+++ b/test/Makefile.in
@@ -1326,6 +1326,8 @@ EXTRA_DIST = \
rwarray.awk \
rwarray.in \
rwarray.ok \
+ sandbox1.awk \
+ sandbox1.ok \
scalar.awk \
scalar.ok \
sclforin.awk \
@@ -1613,7 +1615,8 @@ GAWK_EXT_TESTS = \
profile7 profile8 profile9 profile10 profile11 profile12 pty1 pty2 \
rebuf regnul1 regnul2 regx8bit reginttrad reint reint2 rsgetline rsglstdin \
rsstart1 rsstart2 rsstart3 rstest6 \
- shadow shadowbuiltin sortfor sortfor2 sortu sourcesplit split_after_fpat \
+ sandbox1 shadow shadowbuiltin sortfor sortfor2 sortu \
+ sourcesplit split_after_fpat \
splitarg4 strftfld strftime strtonum strtonum1 switch2 symtab1 symtab2 \
symtab3 symtab4 symtab5 symtab6 symtab7 symtab8 symtab9 symtab10 \
timeout typedregex1 typedregex2 typedregex3 typedregex4 \
@@ -1673,6 +1676,9 @@ NEED_PRETTY = nsprof1 nsprof2 \
# List of tests that need --re-interval
NEED_RE_INTERVAL = gsubtst3 reint reint2
+# List of tests that need --sandbox
+NEED_SANDBOX = sandbox1
+
# List of tests that need --traditional
NEED_TRADITIONAL = litoct tradanch rscompat
@@ -4591,6 +4597,11 @@ rstest6:
@AWKPATH="$(srcdir)" $(AWK) -f $@.awk < "$(srcdir)"/$@.in >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
@-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
+sandbox1:
+ @echo $@
+ @AWKPATH="$(srcdir)" $(AWK) -f $@.awk --sandbox >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
+ @-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
+
shadow:
@echo $@
@AWKPATH="$(srcdir)" $(AWK) -f $@.awk --lint >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
diff --git a/test/Maketests b/test/Maketests
index ccce4f54..cf85ef8d 100644
--- a/test/Maketests
+++ b/test/Maketests
@@ -1846,6 +1846,11 @@ rstest6:
@AWKPATH="$(srcdir)" $(AWK) -f $@.awk < "$(srcdir)"/$@.in >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
@-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
+sandbox1:
+ @echo $@
+ @AWKPATH="$(srcdir)" $(AWK) -f $@.awk --sandbox >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
+ @-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
+
shadow:
@echo $@
@AWKPATH="$(srcdir)" $(AWK) -f $@.awk --lint >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
diff --git a/test/sandbox1.awk b/test/sandbox1.awk
new file mode 100644
index 00000000..e84894d7
--- /dev/null
+++ b/test/sandbox1.awk
@@ -0,0 +1,7 @@
+BEGIN {
+ ARGV[ARGC++] = ARGV[1] # should be ok
+ ARGV[ARGC++] = "" # empty string, should be ok
+ ARGV[ARGC++] = "foo=bar" # assignment, should be ok
+ ARGV[ARGC++] = "junk::foo=bar" # assignment, should be ok
+ ARGV[ARGC++] = "/dev/null" # should fatal here
+}
diff --git a/test/sandbox1.ok b/test/sandbox1.ok
new file mode 100644
index 00000000..210b7261
--- /dev/null
+++ b/test/sandbox1.ok
@@ -0,0 +1,2 @@
+gawk: sandbox1.awk:6: fatal: cannot add a new file (/dev/null) to ARGV in sandbox mode
+EXIT CODE: 2
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-03 23:34:18 +0000