d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9386dc4deb
freebsd-dev/lib/libc/gen/exec.c
Bruce Evans 1df595f25d Fixed searching of $PATH in execvp(). Do what sh(1) should do according 
to POSIX.2.  In particular:

- don't retry for ETXTBSY.  This matches what sh(1) does.  The retry code
  was broken anyway.  It only slept for several seconds for the first few
  retries.  Then it retried without sleeping.
- don't abort the search for errors related to the path prefix, in
  particular for ENAMETOOLONG, ENOTDIR, ELOOP.  This fixes PR1487.  sh(1)
  gets this wrong in the opposite direction by never aborting the search.
- don't confuse EACCES for errors related to the path prefix with EACCES
  for errors related to the file.  sh(1) gets this wrong.
- don't return a stale errno when the search terminates normally without
  finding anything.  The errno for the last unsuccessful execve() was
  usually returned.  This gave too much precedence to pathologies in the
  last component of $PATH.  This bug is irrelevant for sh(1).

The implementation still uses the optimization/race-inhibitor of trying
to execve() things first.  POSIX.2 seems to require looking at file
permissions using stat().  We now use stat() after execve() if execve()
fails with an ambiguous error.  Trying execve() first may actually be a
pessimization, since failing execve()s are fundamentally a little slower
than stat(), and are significantly slower when a file is found but has
unsuitable permissions or points to an unsuitable interpreter.

PR:		1487
1997-10-14 07:23:16 +00:00

304 lines
6.7 KiB
C
Raw Blame History

/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#if defined(LIBC_SCCS) && !defined(lint)
#if 0
static char sccsid[] = "@(#)exec.c 8.1 (Berkeley) 6/4/93";
#endif
static const char rcsid[] =
"$Id$";
#endif /* LIBC_SCCS and not lint */
#include <sys/param.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <errno.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include <paths.h>
#if __STDC__
#include <stdarg.h>
#else
#include <varargs.h>
#endif
extern char **environ;
static char **
buildargv(ap, arg, envpp)
va_list ap;
const char *arg;
char ***envpp;
{
register char **argv, **nargv;
register int memsize, off;
argv = NULL;
for (off = memsize = 0;; ++off) {
if (off >= memsize) {
memsize += 50; /* Starts out at 0. */
memsize *= 2; /* Ramp up fast. */
nargv = realloc(argv, memsize * sizeof(char *));
if (nargv == NULL) {
free(argv);
return (NULL);
}
argv = nargv;
if (off == 0) {
argv[0] = (char *)arg;
off = 1;
}
}
if (!(argv[off] = va_arg(ap, char *)))
break;
}
/* Get environment pointer if user supposed to provide one. */
if (envpp)
*envpp = va_arg(ap, char **);
return (argv);
}
int
#if __STDC__
execl(const char *name, const char *arg, ...)
#else
execl(name, arg, va_alist)
const char *name;
const char *arg;
va_dcl
#endif
{
va_list ap;
int sverrno;
char **argv;
#if __STDC__
va_start(ap, arg);
#else
va_start(ap);
#endif
if ( (argv = buildargv(ap, arg, NULL)) )
(void)execve(name, argv, environ);
va_end(ap);
sverrno = errno;
free(argv);
errno = sverrno;
return (-1);
}
int
#if __STDC__
execle(const char *name, const char *arg, ...)
#else
execle(name, arg, va_alist)
const char *name;
const char *arg;
va_dcl
#endif
{
va_list ap;
int sverrno;
char **argv, **envp;
#if __STDC__
va_start(ap, arg);
#else
va_start(ap);
#endif
if ( (argv = buildargv(ap, arg, &envp)) )
(void)execve(name, argv, envp);
va_end(ap);
sverrno = errno;
free(argv);
errno = sverrno;
return (-1);
}
int
#if __STDC__
execlp(const char *name, const char *arg, ...)
#else
execlp(name, arg, va_alist)
const char *name;
const char *arg;
va_dcl
#endif
{
va_list ap;
int sverrno;
char **argv;
#if __STDC__
va_start(ap, arg);
#else
va_start(ap);
#endif
if ( (argv = buildargv(ap, arg, NULL)) )
(void)execvp(name, argv);
va_end(ap);
sverrno = errno;
free(argv);
errno = sverrno;
return (-1);
}
int
execv(name, argv)
const char *name;
char * const *argv;
{
(void)execve(name, argv, environ);
return (-1);
}
int
execvp(name, argv)
const char *name;
char * const *argv;
{
char **memp;
register int cnt, lp, ln;
register char *p;
int eacces, save_errno;
char *bp, *cur, *path, buf[MAXPATHLEN];
struct stat sb;
eacces = 0;
/* If it's an absolute or relative path name, it's easy. */
if (index(name, '/')) {
bp = (char *)name;
cur = path = NULL;
goto retry;
}
bp = buf;
/* If it's an empty path name, fail in the usual POSIX way. */
if (*name == '\0') {
errno = ENOENT;
return (-1);
}
/* Get the path we're searching. */
if (!(path = getenv("PATH")))
path = _PATH_DEFPATH;
cur = path = strdup(path);
while ( (p = strsep(&cur, ":")) ) {
/*
* It's a SHELL path -- double, leading and trailing colons
* mean the current directory.
*/
if (!*p) {
p = ".";
lp = 1;
} else
lp = strlen(p);
ln = strlen(name);
/*
* If the path is too long complain. This is a possible
* security issue; given a way to make the path too long
* the user may execute the wrong program.
*/
if (lp + ln + 2 > sizeof(buf)) {
(void)write(STDERR_FILENO, "execvp: ", 8);
(void)write(STDERR_FILENO, p, lp);
(void)write(STDERR_FILENO, ": path too long\n", 16);
continue;
}
bcopy(p, buf, lp);
buf[lp] = '/';
bcopy(name, buf + lp + 1, ln);
buf[lp + ln + 1] = '\0';
retry: (void)execve(bp, argv, environ);
switch(errno) {
case E2BIG:
goto done;
case ELOOP:
case ENAMETOOLONG:
case ENOENT:
break;
case ENOEXEC:
for (cnt = 0; argv[cnt]; ++cnt)
;
memp = malloc((cnt + 2) * sizeof(char *));
if (memp == NULL)
goto done;
memp[0] = "sh";
memp[1] = bp;
bcopy(argv + 1, memp + 2, cnt * sizeof(char *));
(void)execve(_PATH_BSHELL, memp, environ);
free(memp);
goto done;
case ENOMEM:
goto done;
case ENOTDIR:
break;
case ETXTBSY:
/*
* We used to retry here, but sh(1) doesn't.
*/
goto done;
default:
/*
* EACCES may be for an inaccessible directory or
* a non-executable file. Call stat() to decide
* which. This also handles ambiguities for EFAULT
* and EIO, and undocumented errors like ESTALE.
* We hope that the race for a stat() is unimportant.
*/
save_errno = errno;
if (stat(argv[0], &sb) != 0)
break;
if (save_errno == EACCES) {
eacces = 1;
continue;
}
errno = save_errno;
goto done;
}
}
if (eacces)
errno = EACCES;
else
errno = ENOENT;
done: if (path)
free(path);
return (-1);
}
Reference in New Issue View Git Blame Copy Permalink