Skip to content

Cleanup AUTOEXEC.BAT generation #2609

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 21, 2023
Merged

Cleanup AUTOEXEC.BAT generation #2609

merged 1 commit into from
Jun 21, 2023

Conversation

FeralChild64
Copy link
Collaborator

@FeralChild64 FeralChild64 commented Jun 16, 2023
edited
Loading

Fixes #2607

Changes (edited, previous idea was corrected):

  1. Commands in Z:\AUTOEXEC.BAT are created in the following order:
  • set BLASTER variable, mount Y:, etc.
  • mount drive C: (if directory supplied as command line argument)
  • mount CD-ROM images as drive D: (if ISO/CUE image supplied as command line argument)
  • execute commands supplied after -c arguments
  • enable secure mode (Z:\CONFIG.COM -securemode - if -securemode argument and no boot image supplied)
  • content of [autoexec] sections (unless -noautoexec option is supplied)
  • BOOT command (if floppy image is supplied as argument), or execute program (or call batch file) supplied without argument -c
  • EXIT command if -exit or -c exit argument is provided

@kcgen Unfortunately, mixing -c with -conf and combining this into one autoexec section would be complicated and require further rework; I consider this out of scope of this PR. I have checked behavior in commit e2af38f (the last one before my previous autoexec rework) and tried to implement behavior as it was back then.

  1. If -securemode argument is provided in the command line, keyboard input is blocked until (Z:\CONFIG.COM -securemode is executed; I'm afraid that malicious user might attempt to terminate Z:\AUTOEXEC.BAT execution by sending CTRL+C early enough (it is not currently handled, but I expect at some point will be), to gain access to unrestricted mode.

@FeralChild64 FeralChild64 self-assigned this Jun 16, 2023
@FeralChild64 FeralChild64 added the bug Something isn't working label Jun 16, 2023
@kcgen
Copy link
Member

kcgen commented Jun 16, 2023
edited
Loading

The [autoexec] sections join or overwrite each other (depending on the autoexec_section setting), in order, starting the with primary conf to the local conf and finally any number of -conf custom.conf specified on the CLI.

For example, given three local confs as follows:

  • dosbox.conf:

    [autoexec]
@echo 1

  • 3.conf:

    [autoexec]
@echo 3

  • 5.conf:

    [autoexec]
@echo 5

The command: dosbox -conf 3.conf -conf 5.conf produces:

1
3
5

When it comes to -c commands, they can be thought of as line-by-line [autoexec] sections as well.

For several releases, the CLI commands have come first in the above order, however I think it makes sense to treat them in the same order, with the first -c command coming after (or joining) into the flow of conf's, starting after the local dosbox.conf.

So for example:

dosbox -c "@echo 2" -conf 3.conf -c "@echo 4" -conf 5.conf

Should produce:

1
2
3
4
5

The secure flag is meant to prevent commands inside the interactive DOS environment from changing the mounts (and I suppose, doing harmful things.. like remounting the host's C:\WINDOWS\SYSTEM32\ and deleting everything in there).

I think as soon as we're done processing all arguments on the CLI, then -secure should go into effect.

@johnnovak
Copy link
Member

johnnovak commented Jun 16, 2023
edited
Loading

But you must enable securemode right at the start, otherwise one could still pass in a mount command on the CLI, no?

Actually, answering my own question: if it's meant only to prevent users from using the mount command interactively, then yeah, it should be enabled as the last step before giving the usert prompt access.

Regarding order of execution, what @kcgen described is pretty much the only sensible way.

@FeralChild64
Copy link
Collaborator Author

This -securemode switch dos not look like a reliable way to protect against malicious user - if he somehow manages to send CTRl+C to the emulator before we execute Z:\CONFIG.COM -securemode... the only way that prevents such an exploit from working is that we do not have a proper CTRL+C support :)
OK, I'll move the secure mode enabling before the [autoexec] content, additionally I'm going to make the -securemode switch to block any keyboard input until we execute Z:\CONFIG.COM -securemode - this should improve the security.

Regarding the commands and [autoexec] - OK, makes sense, I'll implement as @kcgen suggests.

@FeralChild64 FeralChild64 force-pushed the fc/autoexec-fix-1 branch 2 times, most recently from c60f706 to 21c6116 Compare June 19, 2023 16:06
@FeralChild64 FeralChild64 changed the title WORK-IN-PROGRESS / DRAFT Cleanup AUTOEXEC.BAT generation Jun 19, 2023
@FeralChild64 FeralChild64 requested review from kcgen and johnnovak June 19, 2023 17:37
@FeralChild64 FeralChild64 marked this pull request as ready for review June 19, 2023 17:37
kcgen
kcgen approved these changes Jun 20, 2023
View reviewed changes
Copy link
Member

@kcgen kcgen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, @FeralChild64.

To help test, do you have a zip of conf and bat files to experiment with these different settings?

@FeralChild64
Copy link
Collaborator Author

@kcgen Configuration is not really that relevant here - the most important are the command line parameters. Try different combinations of:

  • dosbox -c command1 -c command2
  • dosbox -securemode

with:

  • dosbox directory
  • dosbox command
  • dosbox file.img
  • dosbox file.iso

for example, dosbox -c command1 -securemode file.iso /directory/. When you see the command prompt, type more Z:\AUTOEXEC.BAT to check content of the generated AUTOEXEC.BAT.

@kcgen
Copy link
Member

kcgen commented Jun 20, 2023

@kcgen Configuration is not really that relevant here - the most important are the command line parameters. Try different combinations of:

* `dosbox -c command1 -c command2`

* `dosbox -securemode`

with:

* `dosbox directory`

* `dosbox command`

* `dosbox file.img`

* `dosbox file.iso`

for example, dosbox -c command1 -securemode file.iso /directory/. When you see the command prompt, type more Z:\AUTOEXEC.BAT to check content of the generated AUTOEXEC.BAT.

Wow @FeralChild64 .. this is brilliant! It "just works" :-), and I cannot confuse it.

@kcgen
Copy link
Member

kcgen commented Jun 20, 2023

Will restart the CI tasks and will merge once the remainder are confirmed passing.

@kcgen
Copy link
Member

kcgen commented Jun 21, 2023

CI is 📗 - time to merge 🚀

@kcgen kcgen merged commit 58a10bd into main Jun 21, 2023
@FeralChild64 FeralChild64 deleted the fc/autoexec-fix-1 branch June 23, 2023 18:46
@FeralChild64 FeralChild64 mentioned this pull request Oct 12, 2023
Closed
3 tasks
@johnnovak johnnovak added the enhancement New feature or enhancement of existing features label Nov 13, 2023
@Grounded0 Grounded0 mentioned this pull request Nov 17, 2023
Closed
4 tasks
@johnnovak johnnovak added the DOS Issues related to DOS integration or DOS commands label Dec 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kcgen kcgen kcgen approved these changes

@johnnovak johnnovak Awaiting requested review from johnnovak

Assignees

@FeralChild64 FeralChild64

Labels
bug Something isn't working DOS Issues related to DOS integration or DOS commands enhancement New feature or enhancement of existing features
Projects
No open projects
0.81 Project
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

autoexec commands are executed after a given program exits.
3 participants
@FeralChild64 @kcgen @johnnovak