char *_argv[2];
if (stdout_fd >= 0) {
- r = rearrange_stdio(STDIN_FILENO, stdout_fd, STDERR_FILENO);
+ r = rearrange_stdio(STDIN_FILENO, TAKE_FD(stdout_fd), STDERR_FILENO);
if (r < 0)
_exit(EXIT_FAILURE);
}
_cleanup_hashmap_free_free_ Hashmap *pids = NULL;
_cleanup_strv_free_ char **paths = NULL;
- char **path, **e;
int r;
bool parallel_execution;
}
static int gather_environment_generate(int fd, void *arg) {
- char ***env = arg, **x, **y;
+ char ***env = ASSERT_PTR(arg);
_cleanup_fclose_ FILE *f = NULL;
_cleanup_strv_free_ char **new = NULL;
int r;
* fd is always consumed, even on error.
*/
- assert(env);
-
f = fdopen(fd, "r");
if (!f) {
safe_close(fd);
static int gather_environment_collect(int fd, void *arg) {
_cleanup_fclose_ FILE *f = NULL;
- char ***env = arg;
+ char ***env = ASSERT_PTR(arg);
int r;
/* Write out a series of env=cescape(VAR=value) assignments to fd. */
- assert(env);
-
f = fdopen(fd, "w");
if (!f) {
safe_close(fd);
static int gather_environment_consume(int fd, void *arg) {
_cleanup_fclose_ FILE *f = NULL;
- char ***env = arg;
+ char ***env = ASSERT_PTR(arg);
int r = 0;
/* Read a series of env=cescape(VAR=value) assignments from fd into env. */
- assert(env);
-
f = fdopen(fd, "r");
if (!f) {
safe_close(fd);
int exec_command_flags_from_strv(char **ex_opts, ExecCommandFlags *flags) {
ExecCommandFlags ex_flag, ret_flags = 0;
- char **opt;
assert(flags);
}
int fexecve_or_execve(int executable_fd, const char *executable, char *const argv[], char *const envp[]) {
+ /* Refuse invalid fds, regardless if fexecve() use is enabled or not */
+ if (executable_fd < 0)
+ return -EBADF;
+
+ /* Block any attempts on exploiting Linux' liberal argv[] handling, i.e. CVE-2021-4034 and suchlike */
+ if (isempty(executable) || strv_isempty(argv))
+ return -EINVAL;
+
#if ENABLE_FEXECVE
+
execveat(executable_fd, "", argv, envp, AT_EMPTY_PATH);
if (IN_SET(errno, ENOSYS, ENOENT) || ERRNO_IS_PRIVILEGE(errno))
return -errno;
}
-int fork_agent(const char *name, int except[], size_t n_except, pid_t *ret_pid, const char *path, ...) {
+int fork_agent(const char *name, const int except[], size_t n_except, pid_t *ret_pid, const char *path, ...) {
bool stdout_is_tty, stderr_is_tty;
size_t n, i;
va_list ap;
* stdin around. */
fd = open("/dev/tty", O_WRONLY);
if (fd < 0) {
- log_error_errno(errno, "Failed to open /dev/tty: %m");
- _exit(EXIT_FAILURE);
- }
+ if (errno != ENXIO) {
+ log_error_errno(errno, "Failed to open /dev/tty: %m");
+ _exit(EXIT_FAILURE);
+ }
- if (!stdout_is_tty && dup2(fd, STDOUT_FILENO) < 0) {
- log_error_errno(errno, "Failed to dup2 /dev/tty: %m");
- _exit(EXIT_FAILURE);
- }
+ /* If we get ENXIO here we have no controlling TTY even though stdout/stderr are
+ * connected to a TTY. That's a weird setup, but let's handle it gracefully: let's
+ * skip the forking of the agents, given the TTY setup is not in order. */
+ } else {
+ if (!stdout_is_tty && dup2(fd, STDOUT_FILENO) < 0) {
+ log_error_errno(errno, "Failed to dup2 /dev/tty: %m");
+ _exit(EXIT_FAILURE);
+ }
- if (!stderr_is_tty && dup2(fd, STDERR_FILENO) < 0) {
- log_error_errno(errno, "Failed to dup2 /dev/tty: %m");
- _exit(EXIT_FAILURE);
- }
+ if (!stderr_is_tty && dup2(fd, STDERR_FILENO) < 0) {
+ log_error_errno(errno, "Failed to dup2 /dev/tty: %m");
+ _exit(EXIT_FAILURE);
+ }
- safe_close_above_stdio(fd);
+ fd = safe_close_above_stdio(fd);
+ }
}
(void) rlimit_nofile_safe();