]>
Commit | Line | Data |
---|---|---|
bfff8b1b | 1 | /* Copyright (C) 1991-2017 Free Software Foundation, Inc. |
3d5243d4 UD |
2 | This file is part of the GNU C Library. |
3 | ||
4 | The GNU C Library is free software; you can redistribute it and/or | |
5 | modify it under the terms of the GNU Lesser General Public | |
6 | License as published by the Free Software Foundation; either | |
7 | version 2.1 of the License, or (at your option) any later version. | |
8 | ||
9 | The GNU C Library is distributed in the hope that it will be useful, | |
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
12 | Lesser General Public License for more details. | |
13 | ||
14 | You should have received a copy of the GNU Lesser General Public | |
59ba27a6 PE |
15 | License along with the GNU C Library; if not, see |
16 | <http://www.gnu.org/licenses/>. */ | |
3d5243d4 | 17 | |
3d5243d4 UD |
18 | #include <unistd.h> |
19 | #include <stdarg.h> | |
20 | #include <stdbool.h> | |
21 | #include <stdlib.h> | |
22 | #include <string.h> | |
23 | #include <errno.h> | |
24 | #include <paths.h> | |
1eb89306 AZ |
25 | #include <confstr.h> |
26 | #include <sys/param.h> | |
3d5243d4 | 27 | |
1eb89306 AZ |
28 | #ifndef PATH_MAX |
29 | # ifdef MAXPATHLEN | |
30 | # define PATH_MAX MAXPATHLEN | |
31 | # else | |
32 | # define PATH_MAX 1024 | |
33 | # endif | |
34 | #endif | |
3d5243d4 UD |
35 | |
36 | /* The file is accessible but it is not an executable file. Invoke | |
37 | the shell to interpret it as a script. */ | |
38 | static void | |
1eb89306 | 39 | maybe_script_execute (const char *file, char *const argv[], char *const envp[]) |
3d5243d4 | 40 | { |
8047e7cf AZ |
41 | ptrdiff_t argc; |
42 | for (argc = 0; argv[argc] != NULL; argc++) | |
1eb89306 AZ |
43 | { |
44 | if (argc == INT_MAX - 1) | |
45 | { | |
46 | errno = E2BIG; | |
47 | return; | |
48 | } | |
49 | } | |
50 | ||
8047e7cf AZ |
51 | /* Construct an argument list for the shell based on original arguments: |
52 | 1. Empty list (argv = { NULL }, argc = 1 }: new argv will contain 3 | |
53 | arguments - default shell, script to execute, and ending NULL. | |
54 | 2. Non empty argument list (argc = { ..., NULL }, argc > 1}: new argv | |
55 | will contain also the default shell and the script to execute. It | |
56 | will also skip the script name in arguments and only copy script | |
57 | arguments. */ | |
58 | char *new_argv[argc > 1 ? 2 + argc : 3]; | |
3d5243d4 UD |
59 | new_argv[0] = (char *) _PATH_BSHELL; |
60 | new_argv[1] = (char *) file; | |
1eb89306 | 61 | if (argc > 1) |
8047e7cf | 62 | memcpy (new_argv + 2, argv + 1, argc * sizeof(char *)); |
1eb89306 AZ |
63 | else |
64 | new_argv[2] = NULL; | |
65 | ||
66 | /* Execute the shell. */ | |
67 | __execve (new_argv[0], new_argv, envp); | |
3d5243d4 UD |
68 | } |
69 | ||
70 | ||
71 | /* Execute FILE, searching in the `PATH' environment variable if it contains | |
72 | no slashes, with arguments ARGV and environment from ENVP. */ | |
73 | int | |
a72ddc14 | 74 | __execvpe (const char *file, char *const argv[], char *const envp[]) |
3d5243d4 | 75 | { |
1eb89306 | 76 | /* We check the simple case first. */ |
3d5243d4 UD |
77 | if (*file == '\0') |
78 | { | |
3d5243d4 UD |
79 | __set_errno (ENOENT); |
80 | return -1; | |
81 | } | |
82 | ||
1eb89306 | 83 | /* Don't search when it contains a slash. */ |
3d5243d4 UD |
84 | if (strchr (file, '/') != NULL) |
85 | { | |
3d5243d4 UD |
86 | __execve (file, argv, envp); |
87 | ||
88 | if (errno == ENOEXEC) | |
1eb89306 AZ |
89 | maybe_script_execute (file, argv, envp); |
90 | ||
91 | return -1; | |
3d5243d4 | 92 | } |
1eb89306 AZ |
93 | |
94 | const char *path = getenv ("PATH"); | |
95 | if (!path) | |
96 | path = CS_PATH; | |
97 | /* Although GLIBC does not enforce NAME_MAX, we set it as the maximum | |
98 | size to avoid unbounded stack allocation. Same applies for | |
99 | PATH_MAX. */ | |
6c9e1be8 | 100 | size_t file_len = __strnlen (file, NAME_MAX) + 1; |
1eb89306 AZ |
101 | size_t path_len = __strnlen (path, PATH_MAX - 1) + 1; |
102 | ||
6c9e1be8 | 103 | /* NAME_MAX does not include the terminating null character. */ |
8047e7cf | 104 | if ((file_len - 1 > NAME_MAX) |
1eb89306 | 105 | || !__libc_alloca_cutoff (path_len + file_len + 1)) |
3d5243d4 | 106 | { |
1eb89306 AZ |
107 | errno = ENAMETOOLONG; |
108 | return -1; | |
109 | } | |
3d5243d4 | 110 | |
1eb89306 AZ |
111 | const char *subp; |
112 | bool got_eacces = false; | |
6c9e1be8 AZ |
113 | /* The resulting string maximum size would be potentially a entry |
114 | in PATH plus '/' (path_len + 1) and then the the resulting file name | |
115 | plus '\0' (file_len since it already accounts for the '\0'). */ | |
1eb89306 AZ |
116 | char buffer[path_len + file_len + 1]; |
117 | for (const char *p = path; ; p = subp) | |
118 | { | |
119 | subp = __strchrnul (p, ':'); | |
3d5243d4 | 120 | |
1eb89306 AZ |
121 | /* PATH is larger than PATH_MAX and thus potentially larger than |
122 | the stack allocation. */ | |
123 | if (subp - p >= path_len) | |
3d5243d4 | 124 | { |
1eb89306 AZ |
125 | /* If there is only one path, bail out. */ |
126 | if (*subp == '\0') | |
127 | break; | |
128 | /* Otherwise skip to next one. */ | |
129 | continue; | |
3d5243d4 UD |
130 | } |
131 | ||
1eb89306 AZ |
132 | /* Use the current path entry, plus a '/' if nonempty, plus the file to |
133 | execute. */ | |
134 | char *pend = mempcpy (buffer, p, subp - p); | |
135 | *pend = '/'; | |
6c9e1be8 | 136 | memcpy (pend + (p < subp), file, file_len); |
1eb89306 AZ |
137 | |
138 | __execve (buffer, argv, envp); | |
3d5243d4 | 139 | |
1eb89306 AZ |
140 | if (errno == ENOEXEC) |
141 | /* This has O(P*C) behavior, where P is the length of the path and C | |
142 | is the argument count. A better strategy would be allocate the | |
143 | substitute argv and reuse it each time through the loop (so it | |
144 | behaves as O(P+C) instead. */ | |
145 | maybe_script_execute (buffer, argv, envp); | |
3d5243d4 | 146 | |
1eb89306 | 147 | switch (errno) |
3d5243d4 | 148 | { |
1eb89306 AZ |
149 | case EACCES: |
150 | /* Record that we got a 'Permission denied' error. If we end | |
151 | up finding no executable we can use, we want to diagnose | |
152 | that we did find one but were denied access. */ | |
153 | got_eacces = true; | |
154 | case ENOENT: | |
155 | case ESTALE: | |
156 | case ENOTDIR: | |
157 | /* Those errors indicate the file is missing or not executable | |
158 | by us, in which case we want to just try the next path | |
159 | directory. */ | |
160 | case ENODEV: | |
161 | case ETIMEDOUT: | |
162 | /* Some strange filesystems like AFS return even | |
163 | stranger error numbers. They cannot reasonably mean | |
164 | anything else so ignore those, too. */ | |
165 | break; | |
166 | ||
167 | default: | |
168 | /* Some other error means we found an executable file, but | |
169 | something went wrong executing it; return the error to our | |
170 | caller. */ | |
171 | return -1; | |
3d5243d4 | 172 | } |
3d5243d4 | 173 | |
1eb89306 AZ |
174 | if (*subp++ == '\0') |
175 | break; | |
3d5243d4 UD |
176 | } |
177 | ||
1eb89306 AZ |
178 | /* We tried every element and none of them worked. */ |
179 | if (got_eacces) | |
180 | /* At least one failure was due to permissions, so report that | |
181 | error. */ | |
182 | __set_errno (EACCES); | |
183 | ||
3d5243d4 UD |
184 | return -1; |
185 | } | |
1eb89306 | 186 | |
3d5243d4 | 187 | weak_alias (__execvpe, execvpe) |