From: Quentin Rameau <quinq@fifth.space>
To: musl@lists.openwall.com
Subject: [PATCH] Continue trying execution with "/bin/sh" for execlp and execvp
Date: Sun, 11 Mar 2018 14:47:45 +0100 [thread overview]
Message-ID: <20180311134745.GA92762@fifth.space> (raw)
In-Reply-To: <20180309170140.GQ1436@brightrain.aerifal.cx>
As Rick stated, this isn't a clean solution because argv can be
arbirtary long and overflow the stack.
I post it here in case you'd find it useful anyway.
---8<---
---
src/process/execlp.c | 10 +++++++++-
src/process/execsh.c | 18 ++++++++++++++++++
src/process/execvp.c | 8 +++++++-
3 files changed, 34 insertions(+), 2 deletions(-)
create mode 100644 src/process/execsh.c
diff --git a/src/process/execlp.c b/src/process/execlp.c
index 5eed886e..f6da398b 100644
--- a/src/process/execlp.c
+++ b/src/process/execlp.c
@@ -1,6 +1,9 @@
#include <unistd.h>
+#include <errno.h>
#include <stdarg.h>
+extern int __execsh(const char *, char *const []);
+
int execlp(const char *file, const char *argv0, ...)
{
int argc;
@@ -17,6 +20,11 @@ int execlp(const char *file, const char *argv0, ...)
argv[i] = va_arg(ap, char *);
argv[i] = NULL;
va_end(ap);
- return execvp(file, argv);
+ execvp(file, argv);
+ if (errno == ENOEXEC) {
+ errno = 0;
+ return __execsh(file, argv);
+ }
+ return -1;
}
}
diff --git a/src/process/execsh.c b/src/process/execsh.c
new file mode 100644
index 00000000..180bb2aa
--- /dev/null
+++ b/src/process/execsh.c
@@ -0,0 +1,18 @@
+#include <unistd.h>
+#include <errno.h>
+#include "libc.h"
+
+int
+__execsh(const char *file, char *const argv[])
+{
+ int i, argc;
+ char **p;
+
+ for (argc=1, p=(char **)argv; *p; ++argc, ++p);
+
+ char *nargv[argc+1];
+ nargv[0] = (char *)file;
+ for (i=0; i<argc; ++i)
+ nargv[i+1] = argv[i];
+ return execv("/bin/sh", nargv);
+}
diff --git a/src/process/execvp.c b/src/process/execvp.c
index 2dddeddb..fdd0ca48 100644
--- a/src/process/execvp.c
+++ b/src/process/execvp.c
@@ -6,6 +6,7 @@
#include "libc.h"
extern char **__environ;
+extern int __execsh(const char *, char *const []);
int __execvpe(const char *file, char *const argv[], char *const envp[])
{
@@ -56,7 +57,12 @@ int __execvpe(const char *file, char *const argv[], char *const envp[])
int execvp(const char *file, char *const argv[])
{
- return __execvpe(file, argv, __environ);
+ __execvpe(file, argv, __environ);
+ if (errno == ENOEXEC) {
+ errno = 0;
+ return __execsh(file, argv);
+ }
+ return -1;
}
weak_alias(__execvpe, execvpe);
--
2.16.2
prev parent reply other threads:[~2018-03-11 13:47 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-09 12:23 No fallback to /bin/sh in execvp Siebenborn, Axel
2018-03-09 17:01 ` Rich Felker
2018-03-11 13:47 ` Quentin Rameau [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180311134745.GA92762@fifth.space \
--to=quinq@fifth.space \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).