--- parser3/src/main/pa_exec.C 2001/04/17 19:00:41 1.2 +++ parser3/src/main/pa_exec.C 2002/04/16 09:38:49 1.35 @@ -1,15 +1,21 @@ /** @file Parser: program executing for different OS-es. - Copyright(c) 2000,2001 ArtLebedev Group(http://www.artlebedev.com) + Copyright(c) 2000,2001, 2002 ArtLebedev Group(http://www.artlebedev.com) + Author: Alexandr Petrosian (http://paf.design.ru) - Author: Alexander Petrosyan (http://design.ru/paf) + $Id: pa_exec.C,v 1.35 2002/04/16 09:38:49 paf Exp $ - $Id: pa_exec.C,v 1.2 2001/04/17 19:00:41 paf Exp $ + + @todo setrlimit */ #include "pa_config_includes.h" +#include "pa_exec.h" +#include "pa_exception.h" +#include "pa_common.h" + #ifdef WIN32 # include #else @@ -18,23 +24,15 @@ # include #endif -#include -#include - -#include "pa_exec.h" -#include "pa_exception.h" -#include "pa_common.h" - - #ifdef WIN32 /// this func from http://www.ccas.ru/~posp/popov/spawn.htm -static BOOL WINAPI CreateHiddenConsoleProcess( LPCTSTR szChildName, +static BOOL WINAPI CreateHiddenConsoleProcess(LPCTSTR szCmdLine, char *szEnv, PROCESS_INFORMATION* ppi, LPHANDLE phInWrite, LPHANDLE phOutRead, - LPHANDLE phErrRead ) + LPHANDLE phErrRead) { BOOL fCreated; STARTUPINFO si; @@ -45,70 +43,77 @@ static BOOL WINAPI CreateHiddenConsolePr // Create pipes // initialize security attributes for handle inheritance (for WinNT) - sa.nLength = sizeof( sa ); - sa.bInheritHandle = TRUE; - sa.lpSecurityDescriptor = NULL; + sa.nLength=sizeof(sa); + sa.bInheritHandle=TRUE; + sa.lpSecurityDescriptor=NULL; // create STDIN pipe - if( !CreatePipe( &hInRead, phInWrite, &sa, 0 )) + if(!CreatePipe(&hInRead, phInWrite, &sa, 0)) goto error; // create STDOUT pipe - if( !CreatePipe( phOutRead, &hOutWrite, &sa, 0 )) + if(!CreatePipe(phOutRead, &hOutWrite, &sa, 0)) goto error; // create STDERR pipe - if( !CreatePipe( phErrRead, &hErrWrite, &sa, 0 )) + if(!CreatePipe(phErrRead, &hErrWrite, &sa, 0)) goto error; // process startup information - memset( &si, 0, sizeof( si )); - si.cb = sizeof( si ); - si.dwFlags = STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES; + memset(&si, 0, sizeof(si)); + si.cb=sizeof(si); + si.dwFlags=STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES; // child process' console must be hidden for Win95 compatibility - si.wShowWindow = SW_HIDE; + si.wShowWindow=SW_HIDE; // assign "other" sides of pipes -// si.hStdInput = hInRead; - si.hStdOutput = hOutWrite; - si.hStdError = hErrWrite; + si.hStdInput=hInRead; + si.hStdOutput=hOutWrite; + si.hStdError=hErrWrite; + + // calculating script's directory + char dir[MAX_STRING]; + strncpy(dir, szCmdLine, MAX_STRING-1); dir[MAX_STRING-1]=0; + lsplit(dir,' '); // trim arguments + rsplit(dir,'/'); rsplit(dir,'\\'); // trim filename + chdir(dir); // Create a child process (suspended) - fCreated = CreateProcess( NULL, - (LPTSTR)szChildName, + fCreated=CreateProcess(NULL, + (LPTSTR)szCmdLine, NULL, NULL, TRUE, - DETACHED_PROCESS, + CREATE_NO_WINDOW, szEnv, - NULL, + dir, &si, - ppi ); + ppi); - CloseHandle( hInRead ); - CloseHandle( hOutWrite ); - CloseHandle( hErrWrite ); + CloseHandle(hInRead); + CloseHandle(hOutWrite); + CloseHandle(hErrWrite); - if( !fCreated ) + if(!fCreated) goto error; return TRUE; error: - CloseHandle( *phInWrite ); - CloseHandle( *phOutRead ); - CloseHandle( *phErrRead ); + CloseHandle(*phInWrite); + CloseHandle(*phOutRead); + CloseHandle(*phErrRead); return FALSE; } -static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec){ +static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec, + String::Untaint_lang lang){ while(true) { char *buf=(char *)result.pool().malloc(MAX_STRING); unsigned long size; - ReadFile( hOutRead, buf, MAX_STRING, &size, NULL ); - if(!size) + if(!ReadFile(hOutRead, buf, MAX_STRING, &size, NULL) || !size) break; - result.APPEND_CLEAN(buf, size, file_spec, 0); + result.APPEND(buf, size, lang, file_spec, 0); } } @@ -116,41 +121,49 @@ static void read_pipe(String& result, HA static const char *buildCommand(Pool& pool, const String& origin_string, const char *file_spec_cstr, const Array *argv) { - FILE *f=fopen(file_spec_cstr, "r"); - if(f) { + const char *result=file_spec_cstr; + if(FILE *f=fopen(file_spec_cstr, "r")) { char buf[MAX_STRING]; size_t size=fread(buf, 1, MAX_STRING-1, f); if(size>2) { buf[size]=0; if(strncmp(buf, "#!", 2)==0) { - char *atEOL=strchr(buf, '\n'); - if(atEOL) { + const char *begin=buf+2; + if(*begin==' ') // alx: were an old magic for some linux-es + begin++; + if(char *end=strchr(begin, '\n')) { String string(pool); - string.APPEND_CLEAN(buf+2, atEOL-(buf+2), + string.APPEND_AS_IS(begin, end-begin, origin_string.origin().file, 0); string << " " << file_spec_cstr; if(argv) for(int i=0; isize(); i++) - string << argv->get_string(i)->cstr(String::UL_AS_IS); - file_spec_cstr=string.cstr(); + string << argv->get_string(i)->cstr(); + result=string.cstr(); } } } fclose(f); } - return file_spec_cstr; + if(argv) { + String buf(pool); + buf << result; + for(int i=0; isize(); i++) { + buf << " "; + buf << *argv->get_string(i); + } + + result=buf.cstr(); + } + + return result; } #else -static int execle_piped(const char *path, - const char *arg1, - const char *arg2, - const char *arg3, - const char *arg4, - const char *arg5, - char * const env[], - int *pipe_in, int *pipe_out, int *pipe_err) { +static int execve_piped(const char *file_spec_cstr, + char * const argv[], char * const env[], + int *pipe_in, int *pipe_out, int *pipe_err) { int pid; int in_fds[2]; int out_fds[2]; @@ -223,7 +236,14 @@ static int execle_piped(const char *path /* HP-UX SIGCHLD fix goes here, if someone will remind me what it is... */ signal(SIGCHLD, SIG_DFL); /* Was that it? */ - execle(path, arg1, arg2, arg3, arg4, arg5, NULL, env); + // chdir to script's directory + char dir[MAX_STRING]; + strncpy(dir, file_spec_cstr, MAX_STRING-1); dir[MAX_STRING-1]=0; + rsplit(dir,'/'); // trim filename + chdir(dir); + + // execute + execve(file_spec_cstr, argv, env); exit(-errno); } @@ -255,24 +275,25 @@ static int get_exit_status(int pid) { WEXITSTATUS(status) : -2; } -static void read_pipe(String& result, int file, const char *file_spec){ +static void read_pipe(String& result, int file, const char *file_spec, String::Untaint_lang lang){ while(true) { char *buf=(char *)result.pool().malloc(MAX_STRING); size_t size=read(file, buf, MAX_STRING); - if(!size) + if(!size) break; - result.APPEND_CLEAN(buf, size, file_spec, 0); + result.APPEND(buf, size, lang, file_spec, 0); } } #endif +///@test maybe here and at argv construction --- cstr(String::UL_UNSPECIFIED static void append_env_pair(const Hash::Key& key, Hash::Val *value, void *info) { #ifdef WIN32 String& string=*static_cast(info); string << key << "=" << *static_cast(value); - string.APPEND_CLEAN("", 1, 0, 0); // zero byte + string.APPEND_AS_IS("", 1, 0, 0); // zero byte #else String string(key.pool()); string << key << "=" << *static_cast(value); @@ -281,37 +302,47 @@ static void append_env_pair(const Hash:: **env_ref=string.cstr(); (*env_ref)++; #endif } -int pa_exec(const String& file_spec, + +int pa_exec( + bool forced_allow, + const String& file_spec, const Hash *env, const Array *argv, const String& in, String& out, String& err) { Pool& pool=file_spec.pool(); -#ifdef WIN32 +#ifdef NO_PA_EXECS + if(!forced_allow) + throw Exception("parser.runtime", + &file_spec, + "parser execs are disabled [recompile parser without --disable-execs configure option]"); +#endif - char pwd[MAX_STRING]; - GetCurrentDirectory(sizeof(pwd), pwd); - char *dir=file_spec.cstr(String::UL_FILE_NAME); - rsplit(dir, '/'); SetCurrentDirectory(dir); +#ifdef WIN32 PROCESS_INFORMATION pi; HANDLE hInWrite, hOutRead, hErrRead; - char *file_spec_cstr=file_spec.cstr(String::UL_FILE_NAME); + char *file_spec_cstr=file_spec.cstr(String::UL_FILE_SPEC); const char *cmd=buildCommand(file_spec.pool(), file_spec, file_spec_cstr, argv); char *env_cstr=0; if(env) { String string(env->pool()); env->for_each(append_env_pair, &string); - env_cstr=string.cstr(String::UL_AS_IS); + env_cstr=string.cstr(); } - if( CreateHiddenConsoleProcess(cmd, env_cstr, &pi, &hInWrite, &hOutRead, &hErrRead )) { - SetCurrentDirectory(pwd); - - read_pipe(out, hOutRead, file_spec_cstr); - read_pipe(err, hErrRead, file_spec_cstr); - CloseHandle( hInWrite ); - CloseHandle( hOutRead ); - CloseHandle( hErrRead ); + if(CreateHiddenConsoleProcess(cmd, env_cstr, &pi, &hInWrite, &hOutRead, &hErrRead)) { + const char *in_cstr=in.cstr(); + DWORD written_size; + WriteFile(hInWrite, in_cstr, in.size(), &written_size, NULL); + // EOF for stupid text reads + // normally they should read CONTENT_LENGTH bytes, + // without this char + WriteFile(hInWrite, "\x1A", 1, &written_size, NULL); + CloseHandle(hInWrite); + read_pipe(out, hOutRead, file_spec_cstr, String::UL_AS_IS); + CloseHandle(hOutRead); + read_pipe(err, hErrRead, file_spec_cstr, String::UL_TAINTED); + CloseHandle(hErrRead); /* from http://www.apache.org/websrc/cvsweb.cgi/apache-1.3/src/main/util_script.c?rev=1.151&content-type=text/vnd.viewcvs-markup @@ -321,8 +352,6 @@ from http://www.apache.org/websrc/cvsweb CloseHandle(pi.hProcess); CloseHandle(pi.hThread); } else { - SetCurrentDirectory(pwd); - DWORD error=GetLastError(); char szErrorDesc[MAX_STRING]; FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, error, @@ -332,23 +361,47 @@ from http://www.apache.org/websrc/cvsweb if(error_size>3) // ".\r\n" szErrorDesc[error_size-3]=0; - PTHROW(0, 0, + throw Exception(0, &file_spec, - "exec failed - %s (%d)", - szErrorDesc, - (long)error); + "(real command line=\"%s\") exec failed - %s (%ld)", + cmd, + szErrorDesc, (long)error); } #else int pipe_write, pipe_read, pipe_err; - const char *argv_cstrs[5]={"", "", "", "", ""}; + char *file_spec_cstr=file_spec.cstr(String::UL_FILE_SPEC); + +#ifdef NO_FOREIGN_GROUP_FILES + if(!forced_allow) { + struct stat finfo; + if(stat(file_spec_cstr, &finfo)!=0) + throw Exception("file.missing", + &file_spec, + "stat failed: %s (%d), actual filename '%s'", + strerror(errno), errno, file_spec_cstr); + + if(finfo.st_gid/*foreign?*/!=getegid()) + throw Exception("parser.runtime", + &file_spec, + "parser executing files of foreign group is disabled [recompile parser without --disable-foreign-group-files configure option], actual filename '%s'", + file_spec_cstr); + } +#endif + + char *argv_cstrs[1+10+1]={file_spec_cstr, 0}; if(argv) { - int size=min(5, argv->size()); - for(int i=0; iget_string(i)->cstr(String::UL_AS_IS); + const int argv_size=argv->size(); + const int argv_max=sizeof(argv_cstrs)/sizeof(argv_cstrs[0])-1-1; + if(argv_size>argv_max) + throw Exception("parser.runtime", + &file_spec, + "too many arguments (%d > max %d)", argv_size, argv_max); + for(int i=0; iget_string(i)->cstr(); + argv_cstrs[1+argv_size]=0; } - const char *file_spec_cstr=file_spec.cstr(String::UL_FILE_NAME); char **env_cstrs=0; if(env) { env_cstrs= @@ -357,23 +410,24 @@ from http://www.apache.org/websrc/cvsweb env->for_each(append_env_pair, &env_ref); *env_ref=0; } - if(int pid=execle_piped( - file_spec_cstr, - argv_cstrs[0], argv_cstrs[1], argv_cstrs[2], argv_cstrs[3], argv_cstrs[4], - env_cstrs, - &pipe_write, &pipe_read, &pipe_err)) { - const char *in_cstr=in.cstr(String::UL_AS_IS); + int pid=execve_piped( + file_spec_cstr, + argv_cstrs, env_cstrs, + &pipe_write, &pipe_read, &pipe_err); + if(pid) { + // in child + const char *in_cstr=in.cstr(); write(pipe_write, in_cstr, in.size()); close(pipe_write); - read_pipe(out, pipe_read, file_spec_cstr); - read_pipe(err, pipe_err, file_spec_cstr); + read_pipe(out, pipe_read, file_spec_cstr, String::UL_AS_IS); close(pipe_read); + read_pipe(err, pipe_err, file_spec_cstr, String::UL_TAINTED); close(pipe_err); return get_exit_status(pid); // negative may mean "-errno[execl()]" } else - PTHROW(0, 0, + throw Exception(0, &file_spec, "pipe error"); #endif