glibc/posix/execvpe.c

200 lines
5.9 KiB
C
Raw Normal View History

/* Copyright (C) 1991-2024 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
Prefer https to http for gnu.org and fsf.org URLs Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-09-07 13:40:42 +08:00
<https://www.gnu.org/licenses/>. */
#include <unistd.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <paths.h>
#include <confstr.h>
#include <sys/param.h>
#ifndef PATH_MAX
# ifdef MAXPATHLEN
# define PATH_MAX MAXPATHLEN
# else
# define PATH_MAX 1024
# endif
#endif
/* The file is accessible but it is not an executable file. Invoke
the shell to interpret it as a script. */
static void
maybe_script_execute (const char *file, char *const argv[], char *const envp[])
{
ptrdiff_t argc;
for (argc = 0; argv[argc] != NULL; argc++)
{
if (argc == INT_MAX - 1)
{
errno = E2BIG;
return;
}
}
/* Construct an argument list for the shell based on original arguments:
1. Empty list (argv = { NULL }, argc = 1 }: new argv will contain 3
arguments - default shell, script to execute, and ending NULL.
2. Non empty argument list (argc = { ..., NULL }, argc > 1}: new argv
will contain also the default shell and the script to execute. It
will also skip the script name in arguments and only copy script
arguments. */
char *new_argv[argc > 1 ? 2 + argc : 3];
new_argv[0] = (char *) _PATH_BSHELL;
new_argv[1] = (char *) file;
if (argc > 1)
Add some spaces before '('. This patch fixes various places where a space should have been present before '(' in accordance with the GNU Coding Standards. Most but not all of the fixes in this patch are for calls to sizeof (but it's not exhaustive regarding such calls that should be fixed). Tested for x86_64, and with build-many-glibcs.py. * benchtests/bench-strcpy.c (do_test): Use space before '('. * benchtests/bench-string.h (cmdline_process_function): Likewise. * benchtests/bench-strlen.c (do_test): Likewise. (test_main): Likewise. * catgets/gencat.c (read_old): Likewise. * elf/cache.c (load_aux_cache): Likewise. * iconvdata/bug-iconv8.c (do_test): Likewise. * math/test-tgmath-ret.c (do_test): Likewise. * nis/nis_call.c (rec_dirsearch): Likewise. * nis/nis_findserv.c (__nis_findfastest_with_timeout): Likewise. * nptl/tst-audit-threads.c (do_test): Likewise. * nptl/tst-cancel4-common.h (set_socket_buffer): Likewise. * nss/nss_test1.c (init): Likewise. * nss/test-netdb.c (test_hosts): Likewise. * posix/execvpe.c (maybe_script_execute): Likewise. * stdio-common/tst-fmemopen4.c (do_test): Likewise. * stdio-common/tst-printf.c (do_test): Likewise. * stdio-common/vfscanf-internal.c (__vfscanf_internal): Likewise. * stdlib/fmtmsg.c (NKEYWORDS): Likewise. * stdlib/qsort.c (STACK_SIZE): Likewise. * stdlib/test-canon.c (do_test): Likewise. * stdlib/tst-swapcontext1.c (do_test): Likewise. * string/memcmp.c (OPSIZ): Likewise. * string/test-strcpy.c (do_test): Likewise. (do_random_tests): Likewise. * string/test-strlen.c (do_test): Likewise. (test_main): Likewise. * string/test-strrchr.c (do_test): Likewise. (do_random_tests): Likewise. * string/tester.c (test_memrchr): Likewise. (test_memchr): Likewise. * sysdeps/generic/memcopy.h (OPSIZ): Likewise. * sysdeps/generic/unwind-dw2.c (execute_stack_op): Likewise. * sysdeps/generic/unwind-pe.h (read_sleb128): Likewise. (read_encoded_value_with_base): Likewise. * sysdeps/hppa/dl-machine.h (elf_machine_runtime_setup): Likewise. * sysdeps/hppa/fpu/feupdateenv.c (__feupdateenv): Likewise. * sysdeps/ia64/fpu/sfp-machine.h (TI_BITS): Likewise. * sysdeps/mach/hurd/spawni.c (__spawni): Likewise. * sysdeps/posix/spawni.c (maybe_script_execute): Likewise. * sysdeps/powerpc/fpu/tst-setcontext-fpscr.c (query_auxv): Likewise. * sysdeps/unix/sysv/linux/aarch64/bits/procfs.h (ELF_NGREG): Likewise. * sysdeps/unix/sysv/linux/arm/bits/procfs.h (ELF_NGREG): Likewise. * sysdeps/unix/sysv/linux/arm/ioperm.c (init_iosys): Likewise. * sysdeps/unix/sysv/linux/csky/bits/procfs.h (ELF_NGREG): Likewise. * sysdeps/unix/sysv/linux/m68k/bits/procfs.h (ELF_NGREG): Likewise. * sysdeps/unix/sysv/linux/nios2/bits/procfs.h (ELF_NGREG): Likewise. * sysdeps/unix/sysv/linux/spawni.c (maybe_script_execute): Likewise. * sysdeps/unix/sysv/linux/x86/bits/procfs.h (ELF_NGREG): Likewise. * sysdeps/unix/sysv/linux/x86/bits/sigcontext.h (FP_XSTATE_MAGIC2_SIZE): Likewise. * sysdeps/x86/fpu/sfp-machine.h (TI_BITS): Likewise. * time/test_time.c (main): Likewise.
2019-02-27 21:55:45 +08:00
memcpy (new_argv + 2, argv + 1, argc * sizeof (char *));
else
new_argv[2] = NULL;
/* Execute the shell. */
__execve (new_argv[0], new_argv, envp);
}
static int
__execvpe_common (const char *file, char *const argv[], char *const envp[],
bool exec_script)
{
/* We check the simple case first. */
if (*file == '\0')
{
__set_errno (ENOENT);
return -1;
}
/* Don't search when it contains a slash. */
if (strchr (file, '/') != NULL)
{
__execve (file, argv, envp);
if (errno == ENOEXEC && exec_script)
maybe_script_execute (file, argv, envp);
return -1;
}
const char *path = getenv ("PATH");
if (!path)
path = CS_PATH;
/* Although GLIBC does not enforce NAME_MAX, we set it as the maximum
size to avoid unbounded stack allocation. Same applies for
PATH_MAX. */
size_t file_len = __strnlen (file, NAME_MAX) + 1;
size_t path_len = __strnlen (path, PATH_MAX - 1) + 1;
/* NAME_MAX does not include the terminating null character. */
if ((file_len - 1 > NAME_MAX)
|| !__libc_alloca_cutoff (path_len + file_len + 1))
{
errno = ENAMETOOLONG;
return -1;
}
const char *subp;
bool got_eacces = false;
/* The resulting string maximum size would be potentially a entry
in PATH plus '/' (path_len + 1) and then the the resulting file name
plus '\0' (file_len since it already accounts for the '\0'). */
char buffer[path_len + file_len + 1];
for (const char *p = path; ; p = subp)
{
subp = __strchrnul (p, ':');
/* PATH is larger than PATH_MAX and thus potentially larger than
the stack allocation. */
if (subp - p >= path_len)
{
/* If there is only one path, bail out. */
if (*subp == '\0')
break;
/* Otherwise skip to next one. */
continue;
}
/* Use the current path entry, plus a '/' if nonempty, plus the file to
execute. */
char *pend = mempcpy (buffer, p, subp - p);
*pend = '/';
memcpy (pend + (p < subp), file, file_len);
__execve (buffer, argv, envp);
if (errno == ENOEXEC && exec_script)
/* This has O(P*C) behavior, where P is the length of the path and C
is the argument count. A better strategy would be allocate the
substitute argv and reuse it each time through the loop (so it
behaves as O(P+C) instead. */
maybe_script_execute (buffer, argv, envp);
switch (errno)
{
case EACCES:
/* Record that we got a 'Permission denied' error. If we end
up finding no executable we can use, we want to diagnose
that we did find one but were denied access. */
got_eacces = true;
case ENOENT:
case ESTALE:
case ENOTDIR:
/* Those errors indicate the file is missing or not executable
by us, in which case we want to just try the next path
directory. */
case ENODEV:
case ETIMEDOUT:
/* Some strange filesystems like AFS return even
stranger error numbers. They cannot reasonably mean
anything else so ignore those, too. */
break;
default:
/* Some other error means we found an executable file, but
something went wrong executing it; return the error to our
caller. */
return -1;
}
if (*subp++ == '\0')
break;
}
/* We tried every element and none of them worked. */
if (got_eacces)
/* At least one failure was due to permissions, so report that
error. */
__set_errno (EACCES);
return -1;
}
/* Execute FILE, searching in the `PATH' environment variable if it contains
no slashes, with arguments ARGV and environment from ENVP. */
int
__execvpe (const char *file, char *const argv[], char *const envp[])
{
return __execvpe_common (file, argv, envp, true);
}
weak_alias (__execvpe, execvpe)
/* Same as __EXECVPE, but does not try to execute NOEXEC files. */
int
__execvpex (const char *file, char *const argv[], char *const envp[])
{
return __execvpe_common (file, argv, envp, false);
}