--- parser3/src/main/pa_exec.C 2002/02/26 13:45:12 1.26 +++ parser3/src/main/pa_exec.C 2002/11/22 10:28:42 1.45 @@ -4,12 +4,11 @@ Copyright(c) 2000,2001, 2002 ArtLebedev Group(http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) - $Id: pa_exec.C,v 1.26 2002/02/26 13:45:12 paf Exp $ - - @todo setrlimit */ +static const char* IDENT_EXEC_C="$Date: 2002/11/22 10:28:42 $"; + #include "pa_config_includes.h" #include "pa_exec.h" @@ -27,14 +26,15 @@ #ifdef WIN32 /// this func from http://www.ccas.ru/~posp/popov/spawn.htm -static BOOL WINAPI CreateHiddenConsoleProcess(LPCTSTR szCmdLine, +static DWORD CreateHiddenConsoleProcess(LPCTSTR szCmdLine, char *szEnv, PROCESS_INFORMATION* ppi, LPHANDLE phInWrite, LPHANDLE phOutRead, LPHANDLE phErrRead) { - BOOL fCreated; + DWORD result=0; + BOOL fCreated; STARTUPINFO si; SECURITY_ATTRIBUTES sa={0}; HANDLE hInRead; @@ -70,17 +70,26 @@ static BOOL WINAPI CreateHiddenConsolePr si.hStdOutput=hOutWrite; si.hStdError=hErrWrite; + // calculating script's directory + char dir[MAX_STRING]; + strncpy(dir, szCmdLine, MAX_STRING-1); dir[MAX_STRING-1]=0; + lsplit(dir,' '); // trim arguments + rsplit(dir,'/'); rsplit(dir,'\\'); // trim filename + chdir(dir); + // Create a child process (suspended) fCreated=CreateProcess(NULL, (LPTSTR)szCmdLine, NULL, NULL, TRUE, - 0, //todo CREATE_NO_WINDOW, + CREATE_NO_WINDOW, szEnv, - NULL, + dir, &si, ppi); + if(!fCreated) + result=GetLastError(); CloseHandle(hInRead); CloseHandle(hOutWrite); @@ -89,24 +98,27 @@ static BOOL WINAPI CreateHiddenConsolePr if(!fCreated) goto error; - return TRUE; + return result; error: + if(!result/*yet*/) + result=GetLastError(); // get it + CloseHandle(*phInWrite); CloseHandle(*phOutRead); CloseHandle(*phErrRead); - return FALSE; + return result; } -static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec){ +static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec, + String::Untaint_lang lang){ while(true) { char *buf=(char *)result.pool().malloc(MAX_STRING); unsigned long size; - ReadFile(hOutRead, buf, MAX_STRING, &size, NULL); - if(!size) + if(!ReadFile(hOutRead, buf, MAX_STRING, &size, NULL) || !size) break; - result.APPEND_AS_IS(buf, size, file_spec, 0); + result.APPEND(buf, size, lang, file_spec, 0); } } @@ -129,9 +141,6 @@ static const char *buildCommand(Pool& po string.APPEND_AS_IS(begin, end-begin, origin_string.origin().file, 0); string << " " << file_spec_cstr; - if(argv) - for(int i=0; isize(); i++) - string << argv->get_string(i)->cstr(); result=string.cstr(); } } @@ -154,14 +163,9 @@ static const char *buildCommand(Pool& po #else -static int execle_piped(const char *path, - const char *arg1, const char *arg2, - const char *arg3, const char *arg4, - const char *arg5, const char *arg6, - const char *arg7, const char *arg8, - const char *arg9, const char *arg10, - char * const env[], - int *pipe_in, int *pipe_out, int *pipe_err) { +static int execve_piped(const char *file_spec_cstr, + char * const argv[], char * const env[], + int *pipe_in, int *pipe_out, int *pipe_err) { int pid; int in_fds[2]; int out_fds[2]; @@ -231,10 +235,18 @@ static int execle_piped(const char *path close(err_fds[1]); } - /* HP-UX SIGCHLD fix goes here, if someone will remind me what it is... */ + /* grabbed this from Apache source: */ + /* HP-UX SIGCHLD fix goes here, if someone will remind me what it is... */ signal(SIGCHLD, SIG_DFL); /* Was that it? */ - execle(path, path, arg1, arg2, arg3, arg4, arg5, NULL, env); + // chdir to script's directory + char dir[MAX_STRING]; + strncpy(dir, file_spec_cstr, MAX_STRING-1); dir[MAX_STRING-1]=0; + rsplit(dir,'/'); // trim filename + chdir(dir); + + // execute + execve(file_spec_cstr, argv, env); exit(-errno); } @@ -266,18 +278,19 @@ static int get_exit_status(int pid) { WEXITSTATUS(status) : -2; } -static void read_pipe(String& result, int file, const char *file_spec){ +static void read_pipe(String& result, int file, const char *file_spec, String::Untaint_lang lang){ while(true) { char *buf=(char *)result.pool().malloc(MAX_STRING); - size_t size=read(file, buf, MAX_STRING); - if(!size) + ssize_t size=read(file, buf, MAX_STRING); + if(size<=0) break; - result.APPEND_AS_IS(buf, size, file_spec, 0); + result.APPEND(buf, size, lang, file_spec, 0); } } #endif +///@test maybe here and at argv construction --- cstr(String::UL_UNSPECIFIED static void append_env_pair(const Hash::Key& key, Hash::Val *value, void *info) { #ifdef WIN32 String& string=*static_cast(info); @@ -289,21 +302,26 @@ static void append_env_pair(const Hash:: string << key << "=" << *static_cast(value); char ***env_ref=static_cast(info); - **env_ref=string.cstr(); (*env_ref)++; + **env_ref=string.cstr(String::UL_UNSPECIFIED); (*env_ref)++; #endif } -int pa_exec(const String& file_spec, + +int pa_exec( + bool forced_allow, + const String& file_spec, const Hash *env, const Array *argv, const String& in, String& out, String& err) { Pool& pool=file_spec.pool(); -#ifdef WIN32 +#ifdef NO_PA_EXECS + if(!forced_allow) + throw Exception("parser.runtime", + &file_spec, + "parser execs are disabled [recompile parser without --disable-execs configure option]"); +#endif - char pwd[MAX_STRING]; - GetCurrentDirectory(sizeof(pwd), pwd); - char *dir=file_spec.cstr(String::UL_FILE_SPEC); - rsplit(dir, '/'); SetCurrentDirectory(dir); +#ifdef WIN32 PROCESS_INFORMATION pi; HANDLE hInWrite, hOutRead, hErrRead; @@ -313,11 +331,23 @@ int pa_exec(const String& file_spec, if(env) { String string(env->pool()); env->for_each(append_env_pair, &string); - env_cstr=string.cstr(); + env_cstr=string.cstr(String::UL_UNSPECIFIED); } - if(CreateHiddenConsoleProcess(cmd, env_cstr, &pi, &hInWrite, &hOutRead, &hErrRead)) { - SetCurrentDirectory(pwd); - + if(DWORD error=CreateHiddenConsoleProcess(cmd, env_cstr, &pi, &hInWrite, &hOutRead, &hErrRead)) { + char szErrorDesc[MAX_STRING]; + char *param="the file you tried to run"; + size_t error_size=FormatMessage( + FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_ARGUMENT_ARRAY , NULL, error, + MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL), + szErrorDesc, sizeof(szErrorDesc), ¶m); + if(error_size>3) // ".\r\n" + szErrorDesc[error_size-3]=0; + + throw Exception(0, + &file_spec, + "exec failed - %s (%ld). Consider adding shbang line (#!x:\\interpreter\\command line)", + error_size?szErrorDesc:"", (long)error); + } else { const char *in_cstr=in.cstr(); DWORD written_size; WriteFile(hInWrite, in_cstr, in.size(), &written_size, NULL); @@ -326,9 +356,9 @@ int pa_exec(const String& file_spec, // without this char WriteFile(hInWrite, "\x1A", 1, &written_size, NULL); CloseHandle(hInWrite); - read_pipe(out, hOutRead, file_spec_cstr); + read_pipe(out, hOutRead, file_spec_cstr, String::UL_AS_IS); CloseHandle(hOutRead); - read_pipe(err, hErrRead, file_spec_cstr); + read_pipe(err, hErrRead, file_spec_cstr, String::UL_TAINTED); CloseHandle(hErrRead); /* from http://www.apache.org/websrc/cvsweb.cgi/apache-1.3/src/main/util_script.c?rev=1.151&content-type=text/vnd.viewcvs-markup @@ -338,43 +368,42 @@ from http://www.apache.org/websrc/cvsweb */ CloseHandle(pi.hProcess); CloseHandle(pi.hThread); - } else { - SetCurrentDirectory(pwd); - - DWORD error=GetLastError(); - char szErrorDesc[MAX_STRING]; - FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, error, - MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL), - szErrorDesc, sizeof(szErrorDesc), NULL); - size_t error_size=strlen(szErrorDesc); - if(error_size>3) // ".\r\n" - szErrorDesc[error_size-3]=0; - - throw Exception(0, 0, - &file_spec, - "(real command line=\"%s\") exec failed - %s (%ld)", - cmd, - szErrorDesc, (long)error); } #else int pipe_write, pipe_read, pipe_err; - const char *argv_cstrs[10]={ - "", "", "", "", "", - "", "", "", "", "" - }; + char *file_spec_cstr=file_spec.cstr(String::UL_FILE_SPEC); + +#ifdef NO_FOREIGN_GROUP_FILES + if(!forced_allow) { + struct stat finfo; + if(stat(file_spec_cstr, &finfo)!=0) + throw Exception("file.missing", + &file_spec, + "stat failed: %s (%d), actual filename '%s'", + strerror(errno), errno, file_spec_cstr); + + if(finfo.st_gid/*foreign?*/!=getegid()) + throw Exception("parser.runtime", + &file_spec, + "parser executing files of foreign group is disabled [recompile parser without --disable-foreign-group-files configure option], actual filename '%s'", + file_spec_cstr); + } +#endif + + char *argv_cstrs[1+10+1]={file_spec_cstr, 0}; if(argv) { const int argv_size=argv->size(); - const int argv_max=sizeof(argv_cstrs)/sizeof(argv_cstrs[0]); + const int argv_max=sizeof(argv_cstrs)/sizeof(argv_cstrs[0])-1-1; if(argv_size>argv_max) - throw Exception(0, 0, + throw Exception("parser.runtime", &file_spec, "too many arguments (%d > max %d)", argv_size, argv_max); for(int i=0; iget_string(i)->cstr(); + argv_cstrs[1+i]=argv->get_string(i)->cstr(); + argv_cstrs[1+argv_size]=0; } - const char *file_spec_cstr=file_spec.cstr(String::UL_FILE_SPEC); char **env_cstrs=0; if(env) { env_cstrs= @@ -383,32 +412,25 @@ from http://www.apache.org/websrc/cvsweb env->for_each(append_env_pair, &env_ref); *env_ref=0; } - const char *pwd=getcwd(NULL, 0); - char dir[MAX_STRING]; - strncpy(dir, file_spec_cstr, MAX_STRING); - rsplit(dir,'/'); // trim filename - chdir(dir); - int pid=execle_piped( + + int pid=execve_piped( file_spec_cstr, - argv_cstrs[0], argv_cstrs[1], argv_cstrs[2], argv_cstrs[3], argv_cstrs[4], - argv_cstrs[5], argv_cstrs[6], argv_cstrs[7], argv_cstrs[8], argv_cstrs[9], - env_cstrs, + argv_cstrs, env_cstrs, &pipe_write, &pipe_read, &pipe_err); - if (pwd) - chdir(pwd); if(pid) { // in child const char *in_cstr=in.cstr(); - write(pipe_write, in_cstr, in.size()); + if(*in_cstr) // there is some in data + write(pipe_write, in_cstr, in.size()); close(pipe_write); - read_pipe(out, pipe_read, file_spec_cstr); + read_pipe(out, pipe_read, file_spec_cstr, String::UL_AS_IS); close(pipe_read); - read_pipe(err, pipe_err, file_spec_cstr); + read_pipe(err, pipe_err, file_spec_cstr, String::UL_TAINTED); close(pipe_err); return get_exit_status(pid); // negative may mean "-errno[execl()]" } else - throw Exception(0, 0, + throw Exception(0, &file_spec, "pipe error"); #endif