1 /* $OpenBSD: popen.c,v 1.23 2009/10/27 23:59:31 deraadt Exp $ */ 2 /* $NetBSD: popen.c,v 1.5 1995/04/11 02:45:00 cgd Exp $ */ 3 4 /* 5 * Copyright (c) 1988, 1993, 1994 6 * The Regents of the University of California. All rights reserved. 7 * 8 * This code is derived from software written by Ken Arnold and 9 * published in UNIX Review, Vol. 6, No. 8. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 * 35 */ 36 37 #include <sys/types.h> 38 #include <sys/wait.h> 39 40 #include <errno.h> 41 #include <glob.h> 42 #include <signal.h> 43 #include <stdio.h> 44 #include <stdlib.h> 45 #include <string.h> 46 #include <syslog.h> 47 #include <unistd.h> 48 49 #include <netinet/in.h> 50 51 #include "monitor.h" 52 #include "extern.h" 53 54 /* 55 * Special version of popen which avoids call to shell. This ensures noone 56 * may create a pipe to a hidden program as a side effect of a list or dir 57 * command. 58 */ 59 static pid_t *pids; 60 static int fds; 61 62 #define MAX_ARGV 100 63 #define MAX_GARGV 1000 64 65 FILE * 66 ftpd_popen(char *program, char *type) 67 { 68 char *cp; 69 FILE *iop; 70 int argc, gargc, pdes[2]; 71 pid_t pid; 72 char **pop, *argv[MAX_ARGV], *gargv[MAX_GARGV]; 73 74 if ((*type != 'r' && *type != 'w') || type[1]) 75 return (NULL); 76 77 if (!pids) { 78 if ((fds = getdtablesize()) <= 0) 79 return (NULL); 80 if ((pids = calloc(fds, sizeof(pid_t))) == NULL) 81 return (NULL); 82 } 83 if (pipe(pdes) < 0) 84 return (NULL); 85 86 /* break up string into pieces */ 87 for (argc = 0, cp = program;argc < MAX_ARGV-1; cp = NULL) 88 if (!(argv[argc++] = strtok(cp, " \t\n"))) 89 break; 90 argv[MAX_ARGV-1] = NULL; 91 92 /* glob each piece */ 93 gargv[0] = argv[0]; 94 for (gargc = argc = 1; argv[argc]; argc++) { 95 glob_t gl; 96 97 memset(&gl, 0, sizeof(gl)); 98 if (glob(argv[argc], 99 GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE|GLOB_LIMIT, 100 NULL, &gl)) { 101 if (gargc < MAX_GARGV-1) { 102 gargv[gargc++] = strdup(argv[argc]); 103 if (gargv[gargc -1] == NULL) 104 fatal ("Out of memory."); 105 } 106 107 } else 108 for (pop = gl.gl_pathv; *pop && gargc < MAX_GARGV-1; pop++) { 109 gargv[gargc++] = strdup(*pop); 110 if (gargv[gargc - 1] == NULL) 111 fatal ("Out of memory."); 112 } 113 globfree(&gl); 114 } 115 gargv[gargc] = NULL; 116 117 iop = NULL; 118 119 switch (pid = fork()) { 120 case -1: /* error */ 121 (void)close(pdes[0]); 122 (void)close(pdes[1]); 123 goto pfree; 124 /* NOTREACHED */ 125 case 0: /* child */ 126 if (*type == 'r') { 127 if (pdes[1] != STDOUT_FILENO) { 128 dup2(pdes[1], STDOUT_FILENO); 129 (void)close(pdes[1]); 130 } 131 dup2(STDOUT_FILENO, STDERR_FILENO); /* stderr too! */ 132 (void)close(pdes[0]); 133 } else { 134 if (pdes[0] != STDIN_FILENO) { 135 dup2(pdes[0], STDIN_FILENO); 136 (void)close(pdes[0]); 137 } 138 (void)close(pdes[1]); 139 } 140 closelog(); 141 142 if (strcmp(gargv[0], "/bin/ls") == 0) { 143 extern int optreset; 144 extern int ls_main(int, char **); 145 146 /* reset getopt for ls_main */ 147 optreset = optind = 1; 148 exit(ls_main(gargc, gargv)); 149 } 150 151 execv(gargv[0], gargv); 152 _exit(1); 153 } 154 /* parent; assume fdopen can't fail... */ 155 if (*type == 'r') { 156 iop = fdopen(pdes[0], type); 157 (void)close(pdes[1]); 158 } else { 159 iop = fdopen(pdes[1], type); 160 (void)close(pdes[0]); 161 } 162 pids[fileno(iop)] = pid; 163 164 pfree: for (argc = 1; gargv[argc] != NULL; argc++) 165 free(gargv[argc]); 166 167 return (iop); 168 } 169 170 int 171 ftpd_pclose(FILE *iop) 172 { 173 int fdes, status; 174 pid_t pid; 175 sigset_t sigset, osigset; 176 177 /* 178 * pclose returns -1 if stream is not associated with a 179 * `popened' command, or, if already `pclosed'. 180 */ 181 if (pids == 0 || pids[fdes = fileno(iop)] == 0) 182 return (-1); 183 (void)fclose(iop); 184 sigemptyset(&sigset); 185 sigaddset(&sigset, SIGINT); 186 sigaddset(&sigset, SIGQUIT); 187 sigaddset(&sigset, SIGHUP); 188 sigprocmask(SIG_BLOCK, &sigset, &osigset); 189 while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR) 190 continue; 191 sigprocmask(SIG_SETMASK, &osigset, NULL); 192 pids[fdes] = 0; 193 if (pid < 0) 194 return (-1); 195 if (WIFEXITED(status)) 196 return (WEXITSTATUS(status)); 197 return (1); 198 } 199