From 8fff509f1ae40f8ce9ea48883569acb102f6dd32 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Tue, 14 Oct 2025 19:01:17 +0200 Subject: [PATCH] Replace system() with posix_spawn() if available Some platforms disallow system() due to its perceived insecurity. Luckily, we can be just as insecure using the more palatable posix_spawn() instead! --- CMakeLists.txt | 1 + configure.ac | 3 ++- test_utils/test_main.c | 27 ++++++++++++++++++++++++++- 3 files changed, 29 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ba2dd5362..3e1a934c8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1460,6 +1460,7 @@ CHECK_FUNCTION_EXISTS_GLIBC(nl_langinfo HAVE_NL_LANGINFO) CHECK_FUNCTION_EXISTS_GLIBC(openat HAVE_OPENAT) CHECK_FUNCTION_EXISTS_GLIBC(pipe HAVE_PIPE) CHECK_FUNCTION_EXISTS_GLIBC(poll HAVE_POLL) +CHECK_FUNCTION_EXISTS_GLIBC(posix_spawn HAVE_POSIX_SPAWN) CHECK_FUNCTION_EXISTS_GLIBC(posix_spawnp HAVE_POSIX_SPAWNP) CHECK_FUNCTION_EXISTS_GLIBC(readlink HAVE_READLINK) CHECK_FUNCTION_EXISTS_GLIBC(readpassphrase HAVE_READPASSPHRASE) diff --git a/configure.ac b/configure.ac index 2c6cc3370..604132cb3 100644 --- a/configure.ac +++ b/configure.ac @@ -833,7 +833,8 @@ AC_CHECK_FUNCS([issetugid]) AC_CHECK_FUNCS([lchflags lchmod lchown link linkat localtime_r lstat lutimes]) AC_CHECK_FUNCS([mbrtowc memmove memset]) AC_CHECK_FUNCS([mkdir mkfifo mknod mkstemp]) -AC_CHECK_FUNCS([nl_langinfo openat pipe poll posix_spawnp readlink readlinkat]) +AC_CHECK_FUNCS([nl_langinfo openat pipe poll posix_spawn posix_spawnp]) +AC_CHECK_FUNCS([readlink readlinkat]) AC_CHECK_FUNCS([readpassphrase]) AC_CHECK_FUNCS([select setenv setlocale sigaction statfs statvfs]) AC_CHECK_FUNCS([strchr strdup strerror strncpy_s strnlen strrchr symlink]) diff --git a/test_utils/test_main.c b/test_utils/test_main.c index f4d443060..f31678166 100644 --- a/test_utils/test_main.c +++ b/test_utils/test_main.c @@ -84,6 +84,18 @@ #if HAVE_MEMBERSHIP_H #include #endif +#if !defined(_WIN32) || defined(__CYGWIN__) +# if HAVE_POSIX_SPAWN +# if HAVE_SYS_WAIT_H +# include +# endif +# if HAVE_SPAWN_H +# include +# endif +extern char **environ; +# define USE_POSIX_SPAWN 1 +# endif +#endif #ifndef nitems #define nitems(arr) (sizeof(arr) / sizeof((arr)[0])) @@ -3009,15 +3021,28 @@ int systemf(const char *fmt, ...) { char buff[8192]; +#if USE_POSIX_SPAWN + char *argv[] = { "/bin/sh", "-c", buff, NULL }; + pid_t pid; +#endif va_list ap; int r; va_start(ap, fmt); vsnprintf(buff, sizeof(buff), fmt, ap); + va_end(ap); if (verbosity > VERBOSITY_FULL) logprintf("Cmd: %s\n", buff); +#if USE_POSIX_SPAWN + if ((r = posix_spawn(&pid, *argv, NULL, NULL, argv, environ)) == 0) { + while (waitpid(pid, &r, 0) == -1) { + if (errno != EINTR) + return (-1); + } + } +#else r = system(buff); - va_end(ap); +#endif return (r); } -- 2.47.3