NetBSD/lib/libc/gen/posix_spawnp.c

/*	$NetBSD: posix_spawnp.c,v 1.4 2020/05/11 14:54:34 kre Exp $	*/

/*-
 * Copyright (c) 2011 The NetBSD Foundation, Inc.
 * All rights reserved.
 *
 * This code is derived from software contributed to The NetBSD Foundation
 * by Martin Husemann <martin@NetBSD.org>.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#include <sys/cdefs.h>
#if defined(LIBC_SCCS) && !defined(lint)
__RCSID("$NetBSD: posix_spawnp.c,v 1.4 2020/05/11 14:54:34 kre Exp $");
#endif /* LIBC_SCCS and not lint */

#include "namespace.h"

#include <assert.h>
#include <errno.h>
#include <paths.h>
#include <spawn.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>


int posix_spawnp(pid_t * __restrict pid, const char * __restrict file,
    const posix_spawn_file_actions_t *fa,
    const posix_spawnattr_t * __restrict sa,
    char * const *__restrict cav, char * const *__restrict env)
{
	char fpath[FILENAME_MAX];
	const char *path, *p;
	size_t lp, ln;
	int err;

	_DIAGASSERT(file != NULL);

	/*
	 * If there is a / in the name, fall straight through to posix_spawn().
	 */
	if (strchr(file, '/') != NULL)
		return posix_spawn(pid, file, fa, sa, cav, env);

	/* Get the path we're searching. */
	if ((path = getenv("PATH")) == NULL)
		path = _PATH_DEFPATH;

	/*
	 * Find an executable image with the given name in the PATH
	 */

	ln = strlen(file);
	err = 0;
	do {
		/* Find the end of this path element. */
		for (p = path; *path != 0 && *path != ':'; path++)
			continue;
		/*
		 * It's a SHELL path -- double, leading and trailing colons
		 * mean the current directory.
		 */
		if (p == path) {
			p = ".";
			lp = 1;
		} else
			lp = (size_t)(path - p);

		/*
		 * Once we gain chdir/fchdir file actions, this will need
		 * serious work, as we must treat "." relative to the
		 * target of the (final) chdir performed.
		 *
		 * Fortunately, that day is yet to come.
		 */

		/*
		 * If the path is too long complain.  This is a possible
		 * security issue; given a way to make the path too long
		 * the user may execute the wrong program.
		 */
		if (lp + ln + 2 > sizeof(fpath)) {
			(void)write(STDERR_FILENO, "posix_spawnp: ", 14);
			(void)write(STDERR_FILENO, p, lp);
			(void)write(STDERR_FILENO, ": path too long\n", 16);
			continue;
		}
		memcpy(fpath, p, lp);
		fpath[lp] = '/';
		memcpy(fpath + lp + 1, file, ln);
		fpath[lp + ln + 1] = '\0';

		/*
		 * It would be nice (much better) to try posix_spawn()
		 * here, using the current fpath as the filename, but
		 * there's no guarantee that it is safe to execute it
		 * twice (the file actions may screw us) so that we
		 * cannot do.   This test is weak, barely even adequate.
		 * but unless we are forced into making posix_spawmp()
		 * become a system call (with PATH as an arg, or an array
		 * of possible paths to try, based upon PATH and file)
		 * we really have no better method.
		 */
		if (access(fpath, X_OK) == 0)
			break;

		if (err == 0)
			err = errno;

		fpath[0] = '\0';


	} while (*path++ == ':');	/* Otherwise, *path was NUL */

	if (fpath[0] == '\0')
		return err;

	/*
	 * Use posix_spawn() with the found binary
	 */
	return posix_spawn(pid, fpath, fa, sa, cav, env);
}
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`/* $NetBSD: posix_spawnp.c,v 1.4 2020/05/11 14:54:34 kre Exp $ */`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00
			`/*-`
			`* Copyright (c) 2011 The NetBSD Foundation, Inc.`
			`* All rights reserved.`
			`*`
			`* This code is derived from software contributed to The NetBSD Foundation`
			`* by Martin Husemann <martin@NetBSD.org>.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions`
			`* are met:`
			`* 1. Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* 2. Redistributions in binary form must reproduce the above copyright`
			`* notice, this list of conditions and the following disclaimer in the`
			`* documentation and/or other materials provided with the distribution.`
			`*`
			`* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS`
			* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
			`* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR`
			`* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS`
			`* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR`
			`* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF`
			`* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS`
			`* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN`
			`* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)`
			`* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE`
			`* POSSIBILITY OF SUCH DAMAGE.`
			`*/`

			`#include <sys/cdefs.h>`
			`#if defined(LIBC_SCCS) && !defined(lint)`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`__RCSID("$NetBSD: posix_spawnp.c,v 1.4 2020/05/11 14:54:34 kre Exp $");`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`#endif /* LIBC_SCCS and not lint */`

Add bunch of missing includes of namespace.h in libc The NetBSD Standard C Library uses internally some of its functions with a mangled symbol name, usually "_symbol". The internal functions shall not use the global (public) symbols. This change eliminates usage of the global changes of the following symbols: - strlcat -> _strlcat - sysconf -> __sysconf - closedir -> _closedir - fparseln -> _fparseln - kill -> _kill - mkstemp -> _mkstemp - reallocarr -> _reallocarr - strcasecmp -> _strcasecmp - strncasecmp -> _strncasecmp - strptime -> _strptime - strtok_r -> _strtok_r - sysctl -> _sysctl - dlopen -> __dlopen - dlclose -> __dlclose - dlsym -> __dlsym Sponsored by <The NetBSD Foundation> 2018-01-04 23:57:28 +03:00			`#include "namespace.h"`

Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`#include <assert.h>`
			`#include <errno.h>`
			`#include <paths.h>`
			`#include <spawn.h>`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`#include <stdio.h>`
			`#include <stdlib.h>`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`#include <string.h>`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`#include <unistd.h>`


			`int posix_spawnp(pid_t * __restrict pid, const char * __restrict file,`
			`const posix_spawn_file_actions_t *fa,`
			`const posix_spawnattr_t * __restrict sa,`
Use C++ compatible declaration for posix_spawn (instead of the C99 specific posix one). 2012-02-22 21:51:01 +04:00			`char * const __restrict cav, char const *__restrict env)`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`{`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`char fpath[FILENAME_MAX];`
			`const char path, p;`
			`size_t lp, ln;`
			`int err;`

			`_DIAGASSERT(file != NULL);`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00
			`/*`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`* If there is a / in the name, fall straight through to posix_spawn().`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`*/`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`if (strchr(file, '/') != NULL)`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`return posix_spawn(pid, file, fa, sa, cav, env);`

Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00			`/* Get the path we're searching. */`
			`if ((path = getenv("PATH")) == NULL)`
			`path = _PATH_DEFPATH;`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00
			`/*`
			`* Find an executable image with the given name in the PATH`
			`*/`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00
			`ln = strlen(file);`
			`err = 0;`
			`do {`
			`/* Find the end of this path element. */`
			`for (p = path; path != 0 && path != ':'; path++)`
			`continue;`
			`/*`
			`* It's a SHELL path -- double, leading and trailing colons`
			`* mean the current directory.`
			`*/`
			`if (p == path) {`
			`p = ".";`
			`lp = 1;`
			`} else`
			`lp = (size_t)(path - p);`

			`/*`
			`* Once we gain chdir/fchdir file actions, this will need`
			`* serious work, as we must treat "." relative to the`
			`* target of the (final) chdir performed.`
			`*`
			`* Fortunately, that day is yet to come.`
			`*/`

			`/*`
			`* If the path is too long complain. This is a possible`
			`* security issue; given a way to make the path too long`
			`* the user may execute the wrong program.`
			`*/`
			`if (lp + ln + 2 > sizeof(fpath)) {`
			`(void)write(STDERR_FILENO, "posix_spawnp: ", 14);`
			`(void)write(STDERR_FILENO, p, lp);`
			`(void)write(STDERR_FILENO, ": path too long\n", 16);`
			`continue;`
			`}`
			`memcpy(fpath, p, lp);`
			`fpath[lp] = '/';`
			`memcpy(fpath + lp + 1, file, ln);`
			`fpath[lp + ln + 1] = '\0';`

			`/*`
			`* It would be nice (much better) to try posix_spawn()`
			`* here, using the current fpath as the filename, but`
			`* there's no guarantee that it is safe to execute it`
			`* twice (the file actions may screw us) so that we`
			`* cannot do. This test is weak, barely even adequate.`
			`* but unless we are forced into making posix_spawmp()`
			`* become a system call (with PATH as an arg, or an array`
			`* of possible paths to try, based upon PATH and file)`
			`* we really have no better method.`
			`*/`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00			`if (access(fpath, X_OK) == 0)`
			`break;`
Do as the manual says, and use _PATH_DEFPATH if PATH is not present in the environment rather than simply turning into posix_spawn() in that case. Also, we cannot use strtok() to parse PATH, the semantics don't fit the API. Borrow the guts of execvp for the PATH search. We still simply check for a file with 'x' permission, and assume that one will do, whatever it is, which isn't really correct, but ... 2020-05-11 17:54:34 +03:00
			`if (err == 0)`
			`err = errno;`

			`fpath[0] = '\0';`


			`} while (path++ == ':'); / Otherwise, path was NUL /`

			`if (fpath[0] == '\0')`
			`return err;`
Add userland part of posix_spawn. Libc functions imported from FreeBSD. Based on Charles Zhang's summer of code project. 2012-02-12 03:31:22 +04:00
			`/*`
			`* Use posix_spawn() with the found binary`
			`*/`
			`return posix_spawn(pid, fpath, fa, sa, cav, env);`
			`}`