Changed all exec calls in all applets to BB_EXECVP. This allows for more control over executed processes, by having only one function that actually calls exec.
Signed-off-by: Nadav Tasher <[email protected]> --- console-tools/reset.c | 2 +- debianutils/start_stop_daemon.c | 2 +- init/bootchartd.c | 19 +++++++++++++++---- init/halt.c | 12 +++++------- libbb/run_shell.c | 2 +- loginutils/adduser.c | 4 ++-- loginutils/getty.c | 8 ++++++-- miscutils/conspy.c | 7 +++++-- miscutils/crond.c | 22 +++++++++++++++++----- miscutils/crontab.c | 7 +++++-- networking/ftpd.c | 2 +- networking/httpd.c | 2 +- networking/ifupdown.c | 3 ++- runit/runsv.c | 7 +++++-- runit/runsvdir.c | 3 ++- runit/svlogd.c | 7 ++++++- util-linux/script.c | 8 ++++++-- util-linux/switch_root.c | 2 +- 18 files changed, 82 insertions(+), 37 deletions(-) diff --git a/console-tools/reset.c b/console-tools/reset.c index 655a5ef7a..b2f34a1eb 100644 --- a/console-tools/reset.c +++ b/console-tools/reset.c @@ -58,7 +58,7 @@ int reset_main(int argc UNUSED_PARAM, char **argv UNUSED_PARAM) #else /* Make sure stdout gets drained before we execvp */ fflush_all(); - execvp("stty", (char**)args); + BB_EXECVP("stty", (char**)args); #endif } return EXIT_SUCCESS; diff --git a/debianutils/start_stop_daemon.c b/debianutils/start_stop_daemon.c index 271bc4edf..4b42b23a8 100644 --- a/debianutils/start_stop_daemon.c +++ b/debianutils/start_stop_daemon.c @@ -629,6 +629,6 @@ int start_stop_daemon_main(int argc UNUSED_PARAM, char **argv) * strace -oLOG start-stop-daemon -S -x /bin/usleep -a qwerty 500000 * should exec "/bin/usleep", but argv[0] should be "qwerty": */ - execvp(execname, argv); + BB_EXECVP(execname, argv); bb_perror_msg_and_die("can't execute '%s'", startas); } diff --git a/init/bootchartd.c b/init/bootchartd.c index 0929890a3..6ba2be272 100644 --- a/init/bootchartd.c +++ b/init/bootchartd.c @@ -355,6 +355,7 @@ int bootchartd_main(int argc UNUSED_PARAM, char **argv) CMD_INIT, CMD_PID1, /* used to mark pid 1 case */ }; + char *exec_argv[2]; INIT_G(); @@ -446,10 +447,20 @@ int bootchartd_main(int argc UNUSED_PARAM, char **argv) if (cmd == CMD_PID1) { char *bootchart_init = getenv("bootchart_init"); - if (bootchart_init) - execl(bootchart_init, bootchart_init, NULL); - execl("/init", "init", NULL); - execl("/sbin/init", "init", NULL); + + /* make second arg always NULL */ + exec_argv[1] = NULL; + + if (bootchart_init) { + exec_argv[0] = bootchart_init; + BB_EXECVP(bootchart_init, exec_argv); + } + + /* fallback, we are calling different init binaries */ + exec_argv[0] = (char *) "init"; + + BB_EXECVP("/init", exec_argv); + BB_EXECVP("/sbin/init", exec_argv); bb_perror_msg_and_die("can't execute '%s'", "/sbin/init"); } diff --git a/init/halt.c b/init/halt.c index 7aea8cfec..46857a3d4 100644 --- a/init/halt.c +++ b/init/halt.c @@ -170,6 +170,7 @@ int halt_main(int argc UNUSED_PARAM, char **argv) RB_AUTOBOOT }; static const smallint signals[] = { SIGUSR1, SIGUSR2, SIGTERM }; + char *telinit_argv[3]; int delay = 0; int which, flags, rc; @@ -230,13 +231,10 @@ int halt_main(int argc UNUSED_PARAM, char **argv) /* runlevels: * 0 == shutdown * 6 == reboot */ - execlp(CONFIG_TELINIT_PATH, - CONFIG_TELINIT_PATH, - which == 2 ? "6" : "0", - (char *)NULL - ); - bb_perror_msg_and_die("can't execute '%s'", - CONFIG_TELINIT_PATH); + telinit_argv[0] = (char *) CONFIG_TELINIT_PATH; + telinit_argv[1] = which == 2 ? (char *) "6" : (char *) "0"; + telinit_argv[2] = NULL; + BB_EXECVP_or_die(telinit_argv); } } } else { diff --git a/libbb/run_shell.c b/libbb/run_shell.c index c22bba87b..99184ebe9 100644 --- a/libbb/run_shell.c +++ b/libbb/run_shell.c @@ -80,7 +80,7 @@ void FAST_FUNC exec_shell(const char *shell, int loginshell, const char **additi if (ENABLE_FEATURE_CLEAN_UP) freecon(current_sid); #endif - execv(shell, (char **) args); + BB_EXECVP(shell, (char **) args); bb_perror_msg_and_die("can't execute '%s'", shell); } diff --git a/loginutils/adduser.c b/loginutils/adduser.c index d3c795afa..cd75ee699 100644 --- a/loginutils/adduser.c +++ b/loginutils/adduser.c @@ -158,8 +158,8 @@ static void passwd_wrapper(const char *login_name) NORETURN; static void passwd_wrapper(const char *login_name) { - BB_EXECLP("passwd", "passwd", "--", login_name, NULL); - bb_simple_error_msg_and_die("can't execute passwd, you must set password manually"); + const char *passwd_argv[] = { "passwd", "--", login_name, NULL }; + BB_EXECVP_or_die_msg((char **)passwd_argv, "can't execute '%s', you must set password manually"); } //FIXME: upstream adduser has no short options! NOT COMPATIBLE! diff --git a/loginutils/getty.c b/loginutils/getty.c index 4581cc9f7..36c080428 100644 --- a/loginutils/getty.c +++ b/loginutils/getty.c @@ -552,6 +552,7 @@ int getty_main(int argc UNUSED_PARAM, char **argv) int n; pid_t pid, tsid; char *logname; + char *login_argv[4]; INIT_G(); G.login = _PATH_LOGIN; /* default login program */ @@ -732,6 +733,9 @@ int getty_main(int argc UNUSED_PARAM, char **argv) /* We use PATH because we trust that root doesn't set "bad" PATH, * and getty is not suid-root applet */ /* With -n, logname == NULL, and login will ask for username instead */ - BB_EXECLP(G.login, G.login, "--", logname, (char *)0); - bb_error_msg_and_die("can't execute '%s'", G.login); + login_argv[0] = (char *) G.login; + login_argv[1] = (char *) "--"; + login_argv[2] = (char *) logname; + login_argv[3] = NULL; + BB_EXECVP_or_die(login_argv); } diff --git a/miscutils/conspy.c b/miscutils/conspy.c index 21a498d0f..fff3709cc 100644 --- a/miscutils/conspy.c +++ b/miscutils/conspy.c @@ -332,6 +332,7 @@ static void create_cdev_if_doesnt_exist(const char* name, dev_t dev) static NOINLINE void start_shell_in_child(const char* tty_name) { + const char *shell_argv[3]; int pid = xvfork(); if (pid == 0) { struct termios termchild; @@ -353,8 +354,10 @@ static NOINLINE void start_shell_in_child(const char* tty_name) termchild.c_iflag |= ICRNL; termchild.c_iflag &= ~IXOFF; tcsetattr_stdin_TCSANOW(&termchild); - execl(shell, shell, "-i", (char *) NULL); - bb_simple_perror_msg_and_die(shell); + shell_argv[0] = shell; + shell_argv[1] = "-i"; + shell_argv[2] = NULL; + BB_EXECVP_or_die((char **)shell_argv); } } diff --git a/miscutils/crond.c b/miscutils/crond.c index b3762d327..2fe0dabff 100644 --- a/miscutils/crond.c +++ b/miscutils/crond.c @@ -699,6 +699,8 @@ fork_job(const char *user, int mailFd, CronLine *line, bool run_sendmail) const char *shell, *prog; smallint sv_logmode; pid_t pid; + char *shell_argv[4]; + const char *sendmail_argv[] = {SENDMAIL, SENDMAIL_ARGS, NULL}; /* prepare things before vfork */ pas = getpwnam(user); @@ -725,10 +727,15 @@ fork_job(const char *user, int mailFd, CronLine *line, bool run_sendmail) } /* crond 3.0pl1-100 puts tasks in separate process groups */ bb_setpgrp(); - if (!run_sendmail) - execlp(prog, prog, "-c", line->cl_cmd, (char *) NULL); - else - execlp(prog, prog, SENDMAIL_ARGS, (char *) NULL); + if (!run_sendmail) { + shell_argv[0] = (char *) shell; + shell_argv[1] = (char *) "-c"; + shell_argv[2] = line->cl_cmd; + shell_argv[3] = NULL; + BB_EXECVP(shell_argv[0], shell_argv); + } else { + BB_EXECVP(sendmail_argv[0], (char **) sendmail_argv); + } /* * I want this error message on stderr too, * even if other messages go only to syslog: @@ -845,6 +852,7 @@ static pid_t start_one_job(const char *user, CronLine *line) const char *shell; struct passwd *pas; pid_t pid; + char *shell_argv[4]; pas = getpwnam(user); if (!pas) { @@ -865,7 +873,11 @@ static pid_t start_one_job(const char *user, CronLine *line) log5("child running %s", shell); /* crond 3.0pl1-100 puts tasks in separate process groups */ bb_setpgrp(); - execl(shell, shell, "-c", line->cl_cmd, (char *) NULL); + shell_argv[0] = (char *) shell; + shell_argv[1] = (char *) "-c"; + shell_argv[2] = line->cl_cmd; + shell_argv[3] = NULL; + BB_EXECVP(shell_argv[0], shell_argv); bb_error_msg_and_die("can't execute '%s' for user %s", shell, user); } if (pid < 0) { diff --git a/miscutils/crontab.c b/miscutils/crontab.c index 1111f4d54..ff16d4288 100644 --- a/miscutils/crontab.c +++ b/miscutils/crontab.c @@ -44,6 +44,7 @@ static void edit_file(const struct passwd *pas, const char *file) { const char *ptr; pid_t pid; + char *edit_argv[3]; pid = xvfork(); if (pid) { /* parent */ @@ -64,8 +65,10 @@ static void edit_file(const struct passwd *pas, const char *file) ptr = "vi"; } - BB_EXECLP(ptr, ptr, file, NULL); - bb_perror_msg_and_die("can't execute '%s'", ptr); + edit_argv[0] = (char *) ptr; + edit_argv[1] = (char *) file; + edit_argv[2] = NULL; + BB_EXECVP_or_die(edit_argv); } int crontab_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; diff --git a/networking/ftpd.c b/networking/ftpd.c index 0d6a289c7..e4519d25a 100644 --- a/networking/ftpd.c +++ b/networking/ftpd.c @@ -733,7 +733,7 @@ popen_ls(const char *opt) } /* Child expects directory to list on fd #3 */ xmove_fd(cur_fd, 3); - execv(bb_busybox_exec_path, (char**) argv); + BB_EXECVP(argv[0], (char**) argv); _exit(127); #endif } diff --git a/networking/httpd.c b/networking/httpd.c index ddcb03bca..f4816ddf5 100644 --- a/networking/httpd.c +++ b/networking/httpd.c @@ -1706,7 +1706,7 @@ static void send_cgi_and_exit( /* _NOT_ execvp. We do not search PATH. argv[0] is a filename * without any dir components and will only match a file * in the current directory */ - execv(argv[0], argv); + BB_EXECVP(argv[0], argv); if (verbose) bb_perror_msg("can't execute '%s'", argv[0]); error_execing_cgi: diff --git a/networking/ifupdown.c b/networking/ifupdown.c index 9c3640be7..d083eeee2 100644 --- a/networking/ifupdown.c +++ b/networking/ifupdown.c @@ -1146,6 +1146,7 @@ static void set_environ(struct interface_defn_t *iface, const char *mode, const static int doit(char *str) { + char* shell_argv[4] = { G.shell, (char *) "-c", str, NULL}; if (option_mask32 & (OPT_no_act|OPT_verbose)) { puts(str); } @@ -1158,7 +1159,7 @@ static int doit(char *str) if (child < 0) /* failure */ return 0; if (child == 0) { /* child */ - execle(G.shell, G.shell, "-c", str, (char *) NULL, G.my_environ); + BB_EXECVPE(shell_argv[0], shell_argv, G.my_environ); _exit(127); } safe_waitpid(child, &status, 0); diff --git a/runit/runsv.c b/runit/runsv.c index 20a445319..c06aab40f 100644 --- a/runit/runsv.c +++ b/runit/runsv.c @@ -280,6 +280,7 @@ static unsigned custom(struct svdir *s, char c) int w; char a[10]; struct stat st; + char *exec_argv[2]; if (s->islog) return 0; @@ -296,7 +297,9 @@ static unsigned custom(struct svdir *s, char c) /* child */ if (haslog && dup2(logpipe.wr, 1) == -1) warn2_cannot("setup stdout for ", a); - execl(a, a, (char *) NULL); + exec_argv[0] = a; + exec_argv[1] = NULL; + BB_EXECVP(exec_argv[0], exec_argv); fatal2_cannot("run ", a); } /* parent */ @@ -391,7 +394,7 @@ static void startservice(struct svdir *s) signal(SIGTERM, SIG_DFL); sig_unblock(SIGCHLD); sig_unblock(SIGTERM); - execv(arg[0], (char**) arg); + BB_EXECVP(arg[0], (char**) arg); fatal2_cannot(s->islog ? "start log/" : "start ", arg[0]); } /* parent */ diff --git a/runit/runsvdir.c b/runit/runsvdir.c index d6629dedd..66143b64b 100644 --- a/runit/runsvdir.c +++ b/runit/runsvdir.c @@ -119,6 +119,7 @@ static void warnx(const char *m1) static NOINLINE pid_t runsv(const char *name) { pid_t pid; + const char *runsv_argv[] = { "runsv", name, NULL }; /* If we got signaled, stop spawning children at once! */ if (bb_got_signal) @@ -143,7 +144,7 @@ static NOINLINE pid_t runsv(const char *name) | (1 << SIGTERM) , SIG_DFL); #endif - execlp("runsv", "runsv", name, (char *) NULL); + BB_EXECVP(runsv_argv[0], (char**)runsv_argv); fatal2_cannot("start runsv ", name); } return pid; diff --git a/runit/svlogd.c b/runit/svlogd.c index f7576f0fa..7c70fd5af 100644 --- a/runit/svlogd.c +++ b/runit/svlogd.c @@ -393,6 +393,7 @@ static void processorstart(struct logdir *ld) { char sv_ch; int pid; + char *shell_argv[4]; if (!ld->processor) return; if (ld->ppid) { @@ -453,7 +454,11 @@ static void processorstart(struct logdir *ld) fd = xopen("newstate", O_WRONLY|O_NDELAY|O_TRUNC|O_CREAT); xmove_fd(fd, 5); - execl(G.shell, G.shell, "-c", ld->processor, (char*) NULL); + shell_argv[0] = (char *) G.shell; + shell_argv[1] = (char *) "-c"; + shell_argv[2] = ld->processor; + shell_argv[3] = NULL; + BB_EXECVP(shell_argv[0], shell_argv); bb_perror_msg_and_die(FATAL"can't %s processor %s", "run", ld->name); } ld->fnsave[26] = sv_ch; /* ...restore */ diff --git a/util-linux/script.c b/util-linux/script.c index 58b844e77..904011f34 100644 --- a/util-linux/script.c +++ b/util-linux/script.c @@ -69,6 +69,7 @@ int script_main(int argc UNUSED_PARAM, char **argv) OPT_q = (1 << 3), OPT_t = (1 << 4), }; + char *shell_argv[4]; #if ENABLE_LONG_OPTS static const char script_longopts[] ALIGN1 = @@ -235,6 +236,9 @@ int script_main(int argc UNUSED_PARAM, char **argv) /* Non-ignored signals revert to SIG_DFL on exec anyway */ /*signal(SIGCHLD, SIG_DFL);*/ - execl(shell, shell, shell_opt, shell_arg, (char *) NULL); - bb_simple_perror_msg_and_die(shell); + shell_argv[0] = (char *) shell; + shell_argv[1] = shell_opt; + shell_argv[2] = shell_arg; + shell_argv[3] = NULL; + BB_EXECVP_or_die(shell_argv); } diff --git a/util-linux/switch_root.c b/util-linux/switch_root.c index 14139736e..ec65b35ca 100644 --- a/util-linux/switch_root.c +++ b/util-linux/switch_root.c @@ -281,7 +281,7 @@ int switch_root_main(int argc UNUSED_PARAM, char **argv) return 0; } else { // Exec NEW_INIT - execv(argv[0], argv); + BB_EXECVP(argv[0], argv); } bb_perror_msg_and_die("can't execute '%s'", argv[0]); } -- 2.43.0 _______________________________________________ busybox mailing list [email protected] https://lists.busybox.net/mailman/listinfo/busybox
