diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2018-06-06 14:07:34 -0300 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2018-06-08 17:27:46 -0300 |
| commit | 283d98512272a12cb84e7798c23edbdf1adb287d (patch) | |
| tree | 3691f644eb1109e70b48e97ac64314c9fdcedb7f /posix/execvpe.c | |
| parent | 67c0579669ba1fc265d770252fab31babf887329 (diff) | |
| download | glibc-283d98512272a12cb84e7798c23edbdf1adb287d.tar.gz glibc-283d98512272a12cb84e7798c23edbdf1adb287d.tar.xz glibc-283d98512272a12cb84e7798c23edbdf1adb287d.zip | |
posix: Fix posix_spawnp to not execute invalid binaries in non compat mode (BZ#23264)
Current posix_spawnp implementation wrongly tries to execute invalid binaries (for instance script without shebang) as a shell script in non compat mode. It was a regression introduced by 9ff72da471a509a8c19791efe469f47fa6977410 when __spawni started to use __execvpe instead of __execve (glibc __execvpe try to execute ENOEXEC as shell script regardless). This patch fixes it by using an internal symbol (__execvpex) with the faulty semantic (since compat mode is handled by spawni.c itself). It was reported by Daniel Drake on libc-help [1]. Checked on x86_64-linux-gnu and i686-linux-gnu. [BZ #23264] * include/unistd.h (__execvpex): New prototype. * posix/Makefile (tests): Add tst-spawn4. (tests-internal): Add tst-spawn4-compat. * posix/execvpe.c (__execvpe_common, __execvpex): New functions. * posix/tst-spawn4-compat.c: New file. * posix/tst-spawn4.c: Likewise. * sysdeps/unix/sysv/linux/spawni.c (__spawni): Do not interpret invalid binaries as shell scripts. * sysdeps/posix/spawni.c (__spawni): Likewise. [1] https://sourceware.org/ml/libc-help/2018-06/msg00012.html
Diffstat (limited to 'posix/execvpe.c')
| -rw-r--r-- | posix/execvpe.c | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/posix/execvpe.c b/posix/execvpe.c index 859c0f69bf..ea67d19fcd 100644 --- a/posix/execvpe.c +++ b/posix/execvpe.c @@ -67,11 +67,9 @@ maybe_script_execute (const char *file, char *const argv[], char *const envp[]) __execve (new_argv[0], new_argv, envp); } - -/* Execute FILE, searching in the `PATH' environment variable if it contains - no slashes, with arguments ARGV and environment from ENVP. */ -int -__execvpe (const char *file, char *const argv[], char *const envp[]) +static int +__execvpe_common (const char *file, char *const argv[], char *const envp[], + bool exec_script) { /* We check the simple case first. */ if (*file == '\0') @@ -85,7 +83,7 @@ __execvpe (const char *file, char *const argv[], char *const envp[]) { __execve (file, argv, envp); - if (errno == ENOEXEC) + if (errno == ENOEXEC && exec_script) maybe_script_execute (file, argv, envp); return -1; @@ -137,7 +135,7 @@ __execvpe (const char *file, char *const argv[], char *const envp[]) __execve (buffer, argv, envp); - if (errno == ENOEXEC) + if (errno == ENOEXEC && exec_script) /* This has O(P*C) behavior, where P is the length of the path and C is the argument count. A better strategy would be allocate the substitute argv and reuse it each time through the loop (so it @@ -184,4 +182,18 @@ __execvpe (const char *file, char *const argv[], char *const envp[]) return -1; } +/* Execute FILE, searching in the `PATH' environment variable if it contains + no slashes, with arguments ARGV and environment from ENVP. */ +int +__execvpe (const char *file, char *const argv[], char *const envp[]) +{ + return __execvpe_common (file, argv, envp, true); +} weak_alias (__execvpe, execvpe) + +/* Same as __EXECVPE, but does not try to execute NOEXEC files. */ +int +__execvpex (const char *file, char *const argv[], char *const envp[]) +{ + return __execvpe_common (file, argv, envp, false); +} |