aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2009-04-04 22:36:48 -0400
committerMike Frysinger <vapier@gentoo.org>2009-04-05 03:54:02 -0400
commit048b2a92e008868b3a2d64b3112884722dc93ad5 (patch)
treea568ad9b364066fb5528e527457aa8ca5a66a0b5 /libsandbox
parentlibsandbox: add a helper func to copy files to fds (diff)
downloadsandbox-048b2a92e008868b3a2d64b3112884722dc93ad5.tar.gz
sandbox-048b2a92e008868b3a2d64b3112884722dc93ad5.tar.bz2
sandbox-048b2a92e008868b3a2d64b3112884722dc93ad5.zip
libsandbox: check binary we execute via $PATH
If an exec func is used that searches $PATH, we need to do the search as well so that we don't miss out on binaries or denied locations that are run without a full path. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'libsandbox')
-rw-r--r--libsandbox/wrapper-funcs/__wrapper_exec.c34
1 files changed, 29 insertions, 5 deletions
diff --git a/libsandbox/wrapper-funcs/__wrapper_exec.c b/libsandbox/wrapper-funcs/__wrapper_exec.c
index 2c0894c..bbdb103 100644
--- a/libsandbox/wrapper-funcs/__wrapper_exec.c
+++ b/libsandbox/wrapper-funcs/__wrapper_exec.c
@@ -182,17 +182,36 @@ WRAPPER_RET_TYPE WRAPPER_NAME(WRAPPER_ARGS_PROTO)
save_errno();
#ifndef EXEC_NO_FILE
+ const char *check_path = path;
+ char *mem1 = NULL, *mem2 = NULL;
# ifndef EXEC_NO_PATH
/* Some exec funcs always operate on full paths, while others
* will search $PATH if the specified name lacks a slash.
*/
- if (strchr(path, '/'))
+ char *envpath = getenv("PATH");
+ if (!strchr(check_path, '/') && envpath) {
+ size_t len_path = strlen(check_path);
+ char *p, *pp;
+ check_path = NULL;
+ pp = envpath = mem1 = xstrdup(envpath);
+ p = strtok_r(envpath, ":", &pp);
+ while (p) {
+ mem2 = xrealloc(mem2, strlen(p) + 1 + len_path + 1);
+ sprintf(mem2, "%s/%s", p, path);
+ if (access(mem2, R_OK) == 0) {
+ check_path = mem2;
+ break;
+ }
+ p = strtok_r(NULL, ":", &pp);
+ }
+ }
+
# endif
- {
- if (!SB_SAFE(path))
- return result;
+ if (check_path) {
+ if (!SB_SAFE(check_path))
+ goto done;
- sb_check_exec(path, argv);
+ sb_check_exec(check_path, argv);
}
#endif
@@ -217,6 +236,11 @@ WRAPPER_RET_TYPE WRAPPER_NAME(WRAPPER_ARGS_PROTO)
--recursive;
#endif
+#ifndef EXEC_NO_FILE
+ done:
+ free(mem1);
+ free(mem2);
+#endif
return result;
}