lzh/MentOS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libc: prevent execvpe to search for files containing '/'

Browse Source 
The current implementation always searches for the file in PATH
if it is not an absolute path.
This prevents executing relative paths like ./executable.

As specified by exec(3) the p-family of exec functions only search if
the filename does not contain slash '/' characters.
This commit is contained in:
Florian Fischer
2024-02-12 11:19:33 +01:00
parent 1832c77fdb
commit dea54c7dae
1 changed files with 2 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libc/src/unistd/exec.c
+2 -16
View File
@@ -72,21 +72,7 @@ int execv(const char *path, char *const argv[])
int execvp(const char *file, char *const argv[]) int execvp(const char *file, char *const argv[])
{ {
if (!file || !argv || !environ) { return execvpe(file, argv, environ);
errno = ENOENT;
return -1;
}
if (file[0] == '/') {
return execve(file, argv, environ);
}
// Prepare a buffer for the absolute path.
char absolute_path[PATH_MAX] = { 0 };
// Find the file inside the entries of the PATH variable.
if (__find_in_path(file, absolute_path, PATH_MAX) == 0) {
return execve(absolute_path, argv, environ);
}
errno = ENOENT;
return -1;
} }
int execvpe(const char *file, char *const argv[], char *const envp[]) int execvpe(const char *file, char *const argv[], char *const envp[])
@@ -95,7 +81,7 @@ int execvpe(const char *file, char *const argv[], char *const envp[])
errno = ENOENT; errno = ENOENT;
return -1; return -1;
} }
if (file[0] == '/') { if (strchr(file, '/')) {
return execve(file, argv, envp); return execve(file, argv, envp);
} }
// Prepare a buffer for the absolute path. // Prepare a buffer for the absolute path.