diff options
author | Mike Frysinger <vapier@gentoo.org> | 2009-04-04 22:36:48 -0400 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2009-04-05 03:54:02 -0400 |
commit | 048b2a92e008868b3a2d64b3112884722dc93ad5 (patch) | |
tree | a568ad9b364066fb5528e527457aa8ca5a66a0b5 /libsandbox/wrapper-funcs | |
parent | libsandbox: add a helper func to copy files to fds (diff) | |
download | sandbox-048b2a92e008868b3a2d64b3112884722dc93ad5.tar.gz sandbox-048b2a92e008868b3a2d64b3112884722dc93ad5.tar.bz2 sandbox-048b2a92e008868b3a2d64b3112884722dc93ad5.zip |
libsandbox: check binary we execute via $PATH
If an exec func is used that searches $PATH, we need to do the search as
well so that we don't miss out on binaries or denied locations that are
run without a full path.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'libsandbox/wrapper-funcs')
-rw-r--r-- | libsandbox/wrapper-funcs/__wrapper_exec.c | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/libsandbox/wrapper-funcs/__wrapper_exec.c b/libsandbox/wrapper-funcs/__wrapper_exec.c index 2c0894c..bbdb103 100644 --- a/libsandbox/wrapper-funcs/__wrapper_exec.c +++ b/libsandbox/wrapper-funcs/__wrapper_exec.c @@ -182,17 +182,36 @@ WRAPPER_RET_TYPE WRAPPER_NAME(WRAPPER_ARGS_PROTO) save_errno(); #ifndef EXEC_NO_FILE + const char *check_path = path; + char *mem1 = NULL, *mem2 = NULL; # ifndef EXEC_NO_PATH /* Some exec funcs always operate on full paths, while others * will search $PATH if the specified name lacks a slash. */ - if (strchr(path, '/')) + char *envpath = getenv("PATH"); + if (!strchr(check_path, '/') && envpath) { + size_t len_path = strlen(check_path); + char *p, *pp; + check_path = NULL; + pp = envpath = mem1 = xstrdup(envpath); + p = strtok_r(envpath, ":", &pp); + while (p) { + mem2 = xrealloc(mem2, strlen(p) + 1 + len_path + 1); + sprintf(mem2, "%s/%s", p, path); + if (access(mem2, R_OK) == 0) { + check_path = mem2; + break; + } + p = strtok_r(NULL, ":", &pp); + } + } + # endif - { - if (!SB_SAFE(path)) - return result; + if (check_path) { + if (!SB_SAFE(check_path)) + goto done; - sb_check_exec(path, argv); + sb_check_exec(check_path, argv); } #endif @@ -217,6 +236,11 @@ WRAPPER_RET_TYPE WRAPPER_NAME(WRAPPER_ARGS_PROTO) --recursive; #endif +#ifndef EXEC_NO_FILE + done: + free(mem1); + free(mem2); +#endif return result; } |