emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ash: is_safe_applet mustn't affect disabled applets

Browse Source
This commit is contained in:
Denis Vlasenko 2006-12-26 21:31:11 +00:00
parent 666da5e2c6
commit 8f27c34c28
1 changed files with 33 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
shell/ash.c
View File

@ -1381,15 +1381,7 @@ static const struct builtincmd builtincmd[] = {
{ BUILTIN_REGULAR "wait", waitcmd }, { BUILTIN_REGULAR "wait", waitcmd },
}; };
#define NUMBUILTINS (sizeof (builtincmd) / sizeof (struct builtincmd) ) #define NUMBUILTINS (sizeof(builtincmd) / sizeof(builtincmd[0]))
static const char *safe_applets[] = {
"[", "test", "echo", "cat",
"ln", "cp", "touch", "mkdir", "rm",
"cut", "hexdump", "awk", "sort",
"find", "xargs", "ls", "dd",
"chown", "chmod"
};
struct cmdentry { struct cmdentry {
@ -2042,7 +2034,30 @@ static void exitshell(void) ATTRIBUTE_NORETURN;
static int is_safe_applet(char *name) static int is_safe_applet(char *name)
{ {
int n = sizeof(safe_applets) / sizeof(char *); /* It isn't a bug to have non-existent applet here... */
/* ...just a waste of space... */
static const char safe_applets[][8] = {
"["
USE_AWK (, "awk" )
USE_CAT (, "cat" )
USE_CHMOD (, "chmod" )
USE_CHOWN (, "chown" )
USE_CP (, "cp" )
USE_CUT (, "cut" )
USE_DD (, "dd" )
USE_ECHO (, "echo" )
USE_FIND (, "find" )
USE_HEXDUMP(, "hexdump")
USE_LN (, "ln" )
USE_LS (, "ls" )
USE_MKDIR (, "mkdir" )
USE_RM (, "rm" )
USE_SORT (, "sort" )
USE_TEST (, "test" )
USE_TOUCH (, "touch" )
USE_XARGS (, "xargs" )
};
int n = sizeof(safe_applets) / sizeof(safe_applets[0]);
int i; int i;
for (i = 0; i < n; i++) for (i = 0; i < n; i++)
if (strcmp(safe_applets[i], name) == 0) if (strcmp(safe_applets[i], name) == 0)
@ -3702,12 +3717,11 @@ shellexec(char **argv, const char *path, int idx)
clearredir(1); clearredir(1);
envp = environment(); envp = environment();
if (strchr(argv[0], '/') != NULL if (strchr(argv[0], '/')
|| is_safe_applet(argv[0])
#ifdef CONFIG_FEATURE_SH_STANDALONE_SHELL #ifdef CONFIG_FEATURE_SH_STANDALONE_SHELL
|| find_applet_by_name(argv[0]) || find_applet_by_name(argv[0])
#endif #endif
) { ) {
tryexec(argv[0], argv, envp); tryexec(argv[0], argv, envp);
e = errno; e = errno;
} else { } else {
@ -3750,7 +3764,10 @@ tryexec(char *cmd, char **argv, char **envp)
int argc = 0; int argc = 0;
char **c; char **c;
if(strchr(cmd, '/') == NULL && is_safe_applet(cmd) && (a = find_applet_by_name(cmd)) != NULL) { if (strchr(cmd, '/') == NULL
&& (a = find_applet_by_name(cmd)) != NULL
&& is_safe_applet(cmd)
) {
c = argv; c = argv;
while (*c != NULL) { while (*c != NULL) {
c++; argc++; c++; argc++;
@ -3759,7 +3776,7 @@ tryexec(char *cmd, char **argv, char **envp)
exit(a->main(argc, argv)); exit(a->main(argc, argv));
} }
#ifdef CONFIG_FEATURE_SH_STANDALONE_SHELL #ifdef CONFIG_FEATURE_SH_STANDALONE_SHELL
if(find_applet_by_name(cmd) != NULL) { if (find_applet_by_name(cmd) != NULL) {
/* re-exec ourselves with the new arguments */ /* re-exec ourselves with the new arguments */
execve(CONFIG_BUSYBOX_EXEC_PATH,argv,envp); execve(CONFIG_BUSYBOX_EXEC_PATH,argv,envp);
/* If they called chroot or otherwise made the binary no longer /* If they called chroot or otherwise made the binary no longer