1 /* $NetBSD: popen.c,v 1.6 2018/06/14 22:04:28 christos Exp $ */
2
3 /*
4 * Copyright (c) 1988, 1993, 1994
5 * The Regents of the University of California. All rights reserved.
6 *
7 * This code is derived from software written by Ken Arnold and
8 * published in UNIX Review, Vol. 6, No. 8.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 */
36
37 /* this came out of the ftpd sources; it's been modified to avoid the
38 * globbing stuff since we don't need it. also execvp instead of execv.
39 */
40
41 #include <sys/cdefs.h>
42 #ifndef lint
43 #if 0
44 static sccsid[] = "@(#)popen.c 8.3 (Berkeley) 4/6/94";
45 static char rcsid[] = "Id: popen.c,v 1.6 2003/02/16 04:40:01 vixie Exp";
46 #else
47 __RCSID("$NetBSD: popen.c,v 1.6 2018/06/14 22:04:28 christos Exp $");
48 #endif
49 #endif /* not lint */
50
51 #include "cron.h"
52
53 #define MAX_ARGV 100
54 #define MAX_GARGV 1000
55
56 /*
57 * Special version of popen which avoids call to shell. This ensures noone
58 * may create a pipe to a hidden program as a side effect of a list or dir
59 * command.
60 */
61 static PID_T *pids;
62
63 FILE *
cron_popen(char * program,const char * type,struct passwd * pw)64 cron_popen(char *program, const char *type, struct passwd *pw) {
65 char *cp;
66 FILE *iop;
67 int argc, pdes[2];
68 PID_T pid;
69 char *argv[MAX_ARGV];
70
71 if ((*type != 'r' && *type != 'w') || type[1] != '\0')
72 return (NULL);
73
74 if (!pids) {
75 size_t len;
76 long fds;
77 if ((fds = sysconf(_SC_OPEN_MAX)) <= 0)
78 return (NULL);
79 len = (size_t)fds * sizeof(*pids);
80 if ((pids = malloc(len)) == NULL)
81 return (NULL);
82 (void)memset(pids, 0, len);
83 }
84 if (pipe(pdes) < 0)
85 return (NULL);
86
87 /* break up string into pieces */
88 for (argc = 0, cp = program; argc < MAX_ARGV - 1; cp = NULL)
89 if (!(argv[argc++] = strtok(cp, " \t\n")))
90 break;
91 argv[MAX_ARGV-1] = NULL;
92
93 switch (pid = vfork()) {
94 case -1: /* error */
95 (void)close(pdes[0]);
96 (void)close(pdes[1]);
97 return (NULL);
98 /* NOTREACHED */
99 case 0: /* child */
100 if (pw) {
101 if (setsid() == -1)
102 warn("setsid() failed for %s", pw->pw_name);
103 #ifdef LOGIN_CAP
104 if (setusercontext(0, pw, pw->pw_uid, LOGIN_SETALL) < 0)
105 {
106 warn("setusercontext() failed for %s",
107 pw->pw_name);
108 _exit(ERROR_EXIT);
109 }
110 #else
111 if (setgid(pw->pw_gid) < 0 ||
112 initgroups(pw->pw_name, pw->pw_gid) < 0) {
113 warn("unable to set groups for %s",
114 pw->pw_name);
115 _exit(ERROR_EXIT);
116 }
117 #if (defined(BSD)) && (BSD >= 199103)
118 if (setlogin(pw->pw_name) < 0) {
119 warn("setlogin() failed for %s",
120 pw->pw_name);
121 _exit(ERROR_EXIT);
122 }
123 #endif /* BSD */
124 #ifdef USE_PAM
125 if (!cron_pam_setcred())
126 _exit(1);
127 cron_pam_child_close();
128 #endif
129 if (setuid(pw->pw_uid)) {
130 warn("unable to set uid for %s", pw->pw_name);
131 _exit(ERROR_EXIT);
132 }
133 #endif /* LOGIN_CAP */
134 }
135 if (*type == 'r') {
136 if (pdes[1] != STDOUT) {
137 (void)dup2(pdes[1], STDOUT);
138 (void)close(pdes[1]);
139 }
140 (void)dup2(STDOUT, STDERR); /* stderr too! */
141 (void)close(pdes[0]);
142 } else {
143 if (pdes[0] != STDIN) {
144 (void)dup2(pdes[0], STDIN);
145 (void)close(pdes[0]);
146 }
147 (void)close(pdes[1]);
148 }
149 (void)execvp(argv[0], argv);
150 _exit(ERROR_EXIT);
151 }
152
153 /* parent; assume fdopen can't fail... */
154 if (*type == 'r') {
155 iop = fdopen(pdes[0], type);
156 (void)close(pdes[1]);
157 } else {
158 iop = fdopen(pdes[1], type);
159 (void)close(pdes[0]);
160 }
161 pids[fileno(iop)] = pid;
162
163 return (iop);
164 }
165
166 static int
cron_finalize(FILE * iop,int sig)167 cron_finalize(FILE *iop, int sig) {
168 int fdes;
169 PID_T pid;
170 WAIT_T status;
171 sigset_t sset, osset;
172
173 /*
174 * pclose returns -1 if stream is not associated with a
175 * `popened' command, or, if already `pclosed'.
176 */
177 if (pids == 0 || pids[fdes = fileno(iop)] == 0)
178 return (-1);
179
180 if (sig) {
181 if (kill(pids[fdes], sig) == -1)
182 return -1;
183 } else {
184 (void)fclose(iop);
185 }
186 (void)sigemptyset(&sset);
187 (void)sigaddset(&sset, SIGINT);
188 (void)sigaddset(&sset, SIGQUIT);
189 (void)sigaddset(&sset, SIGHUP);
190 (void)sigprocmask(SIG_BLOCK, &sset, &osset);
191 while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR)
192 continue;
193 (void)sigprocmask(SIG_SETMASK, &osset, NULL);
194 if (sig)
195 (void)fclose(iop);
196 pids[fdes] = 0;
197 if (pid < 0)
198 return pid;
199 if (WIFEXITED(status))
200 return WEXITSTATUS(status);
201 else
202 return WTERMSIG(status);
203 }
204
205 int
cron_pclose(FILE * iop)206 cron_pclose(FILE *iop) {
207 return cron_finalize(iop, 0);
208 }
209
210 int
cron_pabort(FILE * iop)211 cron_pabort(FILE *iop) {
212 int e = cron_finalize(iop, SIGKILL);
213 return e == SIGKILL ? 0 : e;
214 }
215