From: Pádraig Brady Date: Fri, 13 Feb 2026 19:41:13 +0000 (+0000) Subject: posix: execvpe: skip $PATH components that are too long [BZ #33626] X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ecb60726d0c242b9e92683f23259337b3b915fe4;p=thirdparty%2Fglibc.git posix: execvpe: skip $PATH components that are too long [BZ #33626] * posix/execvpe.c (__execvpe_common): Rather than error out with ENAMETOOLONG, just ignore and try the next path. Note we know the FILE length is <= NAME_MAX, so the ENAMETOOLONG almost certainly pertains to the current $PATH entry. * posix/tst-execvpe7.c: A new test based on tst-execvp3.c. * posix/Makefile: Reference the new test. Reviewed-by: Collin Funk Reviewed-by: Adhemerval Zanella --- diff --git a/posix/Makefile b/posix/Makefile index f377948462..ec28b9e1da 100644 --- a/posix/Makefile +++ b/posix/Makefile @@ -277,6 +277,7 @@ tests := \ tst-execvpe4 \ tst-execvpe5 \ tst-execvpe6 \ + tst-execvpe7 \ tst-fexecve \ tst-fnmatch \ tst-fnmatch2 \ diff --git a/posix/execvpe.c b/posix/execvpe.c index 29e8bcd3d1..ec56e297b0 100644 --- a/posix/execvpe.c +++ b/posix/execvpe.c @@ -157,6 +157,9 @@ __execvpe_common (const char *file, char *const argv[], char *const envp[], /* Those errors indicate the file is missing or not executable by us, in which case we want to just try the next path directory. */ + case ENAMETOOLONG: + /* We've already verified that the FILE length is < NAME_MAX, + so this implies a path component is too long, so skip it. */ case ENODEV: case ETIMEDOUT: /* Some strange filesystems like AFS return even diff --git a/posix/tst-execvpe7.c b/posix/tst-execvpe7.c new file mode 100644 index 0000000000..193d68bcd3 --- /dev/null +++ b/posix/tst-execvpe7.c @@ -0,0 +1,74 @@ +/* Check execvpe does not fail when encountering long $PATH components. + Copyright (C) 2026 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +static char *fname; + +static void +do_prepare (int c, char **argv) +{ + int fd; + TEST_VERIFY_EXIT ((fd = create_temp_file ("testscript", &fname)) != -1); + + dprintf (fd, "echo foo\n"); + TEST_VERIFY_EXIT (fchmod (fd, 0700) == 0); + xclose (fd); +} +#define PREPARE do_prepare + +static void +run_execvpe (void *closure) +{ + char *argv[] = { fname, NULL }; + execvpe (basename (fname), argv, NULL); + + support_record_failure (); +} + +static int +do_test (void) +{ + /* Linux 6.17 at least will give ENAMETOOLONG once any + path component is > NAME_MAX, so ensure we skip such paths + rather than failing. [BZ #33626] */ + char *path = xasprintf ("%*s:%s", NAME_MAX+1, "", test_dir); + TEST_VERIFY_EXIT (setenv ("PATH", path, 1) == 0); + free (path); + + struct support_capture_subprocess result + = support_capture_subprocess (run_execvpe, NULL); + support_capture_subprocess_check (&result, "execvpe", 0, sc_allow_stdout); + + TEST_COMPARE_STRING (result.out.buffer, "foo\n"); + + support_capture_subprocess_free (&result); + + return 0; +} + +#include