--- parser3/src/main/pa_exec.C 2002/11/21 15:29:05 1.44 +++ parser3/src/main/pa_exec.C 2003/03/17 14:48:06 1.48.4.1 @@ -1,13 +1,13 @@ /** @file Parser: program executing for different OS-es. - Copyright(c) 2000,2001, 2002 ArtLebedev Group(http://www.artlebedev.com) + Copyright(c) 2000,2001, 2003 ArtLebedev Group(http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) @todo setrlimit */ -static const char* IDENT_EXEC_C="$Date: 2002/11/21 15:29:05 $"; +static const char* IDENT_EXEC_C="$Date: 2003/03/17 14:48:06 $"; #include "pa_config_includes.h" @@ -114,7 +114,7 @@ error: static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec, String::Untaint_lang lang){ while(true) { - char *buf=(char *)result.pool().malloc(MAX_STRING); + char *buf=(char *)result.pool().malloc_atomic(MAX_STRING); unsigned long size; if(!ReadFile(hOutRead, buf, MAX_STRING, &size, NULL) || !size) break; @@ -163,10 +163,10 @@ static const char *buildCommand(Pool& po #else -static int execve_piped(const char *file_spec_cstr, +static pid_t execve_piped(const char *file_spec_cstr, char * const argv[], char * const env[], int *pipe_in, int *pipe_out, int *pipe_err) { - int pid; + pid_t pid; int in_fds[2]; int out_fds[2]; int err_fds[2]; @@ -211,7 +211,7 @@ static int execve_piped(const char *file close(err_fds[0]); close(err_fds[1]); } errno=save_errno; - return 0; + return -1; } if(!pid) { @@ -280,7 +280,7 @@ static int get_exit_status(int pid) { static void read_pipe(String& result, int file, const char *file_spec, String::Untaint_lang lang){ while(true) { - char *buf=(char *)result.pool().malloc(MAX_STRING); + char *buf=(char *)result.pool().malloc_atomic(MAX_STRING); ssize_t size=read(file, buf, MAX_STRING); if(size<=0) break; @@ -331,7 +331,7 @@ int pa_exec( if(env) { String string(env->pool()); env->for_each(append_env_pair, &string); - env_cstr=string.cstr(UL_UNSPECIFIED); + env_cstr=string.cstr(String::UL_UNSPECIFIED); } if(DWORD error=CreateHiddenConsoleProcess(cmd, env_cstr, &pi, &hInWrite, &hOutRead, &hErrRead)) { char szErrorDesc[MAX_STRING]; @@ -375,7 +375,7 @@ from http://www.apache.org/websrc/cvsweb int pipe_write, pipe_read, pipe_err; char *file_spec_cstr=file_spec.cstr(String::UL_FILE_SPEC); -#ifdef NO_FOREIGN_GROUP_FILES +#ifdef PA_SAFE_MODE if(!forced_allow) { struct stat finfo; if(stat(file_spec_cstr, &finfo)!=0) @@ -384,10 +384,11 @@ from http://www.apache.org/websrc/cvsweb "stat failed: %s (%d), actual filename '%s'", strerror(errno), errno, file_spec_cstr); - if(finfo.st_gid/*foreign?*/!=getegid()) - throw Exception("parser.runtime", - &file_spec, - "parser executing files of foreign group is disabled [recompile parser without --disable-foreign-group-files configure option], actual filename '%s'", + if(finfo.st_uid/*foreign?*/!=geteuid() + && finfo.st_gid/*foreign?*/!=getegid()) + throw Exception("parser.runtime", + &file_spec, + "parser is in safe mode: executing files of foreign group and user disabled [recompile parser with --disable-safe-mode configure option], actual filename '%s'", file_spec_cstr); } #endif @@ -413,11 +414,11 @@ from http://www.apache.org/websrc/cvsweb *env_ref=0; } - int pid=execve_piped( + pid_t pid=execve_piped( file_spec_cstr, argv_cstrs, env_cstrs, &pipe_write, &pipe_read, &pipe_err); - if(pid) { + if(pid>0) { // in child const char *in_cstr=in.cstr(); if(*in_cstr) // there is some in data @@ -432,7 +433,7 @@ from http://www.apache.org/websrc/cvsweb } else throw Exception(0, &file_spec, - "pipe error"); + "%s error: %s (%d)", pid<0?"fork":"pipe", strerror(errno), errno); #endif return 0;