wordexp.c revision 289938
1/*- 2 * Copyright (c) 2002 Tim J. Robbins. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include "namespace.h" 28#include <sys/cdefs.h> 29#include <sys/types.h> 30#include <sys/wait.h> 31#include <errno.h> 32#include <fcntl.h> 33#include <paths.h> 34#include <signal.h> 35#include <stdbool.h> 36#include <stdio.h> 37#include <stdlib.h> 38#include <string.h> 39#include <unistd.h> 40#include <wordexp.h> 41#include "un-namespace.h" 42#include "libc_private.h" 43 44__FBSDID("$FreeBSD: stable/10/lib/libc/gen/wordexp.c 289938 2015-10-25 17:17:50Z jilles $"); 45 46static int we_askshell(const char *, wordexp_t *, int); 47static int we_check(const char *); 48 49/* 50 * wordexp -- 51 * Perform shell word expansion on `words' and place the resulting list 52 * of words in `we'. See wordexp(3). 53 * 54 * Specified by IEEE Std. 1003.1-2001. 55 */ 56int 57wordexp(const char * __restrict words, wordexp_t * __restrict we, int flags) 58{ 59 int error; 60 61 if (flags & WRDE_REUSE) 62 wordfree(we); 63 if ((flags & WRDE_APPEND) == 0) { 64 we->we_wordc = 0; 65 we->we_wordv = NULL; 66 we->we_strings = NULL; 67 we->we_nbytes = 0; 68 } 69 if ((error = we_check(words)) != 0) { 70 wordfree(we); 71 return (error); 72 } 73 if ((error = we_askshell(words, we, flags)) != 0) { 74 wordfree(we); 75 return (error); 76 } 77 return (0); 78} 79 80static size_t 81we_read_fully(int fd, char *buffer, size_t len) 82{ 83 size_t done; 84 ssize_t nread; 85 86 done = 0; 87 do { 88 nread = _read(fd, buffer + done, len - done); 89 if (nread == -1 && errno == EINTR) 90 continue; 91 if (nread <= 0) 92 break; 93 done += nread; 94 } while (done != len); 95 return done; 96} 97 98static bool 99we_write_fully(int fd, const char *buffer, size_t len) 100{ 101 size_t done; 102 ssize_t nwritten; 103 104 done = 0; 105 do { 106 nwritten = _write(fd, buffer + done, len - done); 107 if (nwritten == -1 && errno == EINTR) 108 continue; 109 if (nwritten <= 0) 110 return (false); 111 done += nwritten; 112 } while (done != len); 113 return (true); 114} 115 116/* 117 * we_askshell -- 118 * Use the `freebsd_wordexp' /bin/sh builtin function to do most of the 119 * work in expanding the word string. This function is complicated by 120 * memory management. 121 */ 122static int 123we_askshell(const char *words, wordexp_t *we, int flags) 124{ 125 int pdesw[2]; /* Pipe for writing words */ 126 int pdes[2]; /* Pipe for reading output */ 127 char wfdstr[sizeof(int) * 3 + 1]; 128 char buf[35]; /* Buffer for byte and word count */ 129 long nwords, nbytes; /* Number of words, bytes from child */ 130 long i; /* Handy integer */ 131 size_t sofs; /* Offset into we->we_strings */ 132 size_t vofs; /* Offset into we->we_wordv */ 133 pid_t pid; /* Process ID of child */ 134 pid_t wpid; /* waitpid return value */ 135 int status; /* Child exit status */ 136 int error; /* Our return value */ 137 int serrno; /* errno to return */ 138 char *np, *p; /* Handy pointers */ 139 char *nstrings; /* Temporary for realloc() */ 140 char **nwv; /* Temporary for realloc() */ 141 sigset_t newsigblock, oldsigblock; 142 const char *ifs; 143 144 serrno = errno; 145 ifs = getenv("IFS"); 146 147 if (pipe2(pdesw, O_CLOEXEC) < 0) 148 return (WRDE_NOSPACE); /* XXX */ 149 snprintf(wfdstr, sizeof(wfdstr), "%d", pdesw[0]); 150 if (pipe2(pdes, O_CLOEXEC) < 0) { 151 _close(pdesw[0]); 152 _close(pdesw[1]); 153 return (WRDE_NOSPACE); /* XXX */ 154 } 155 (void)sigemptyset(&newsigblock); 156 (void)sigaddset(&newsigblock, SIGCHLD); 157 (void)__libc_sigprocmask(SIG_BLOCK, &newsigblock, &oldsigblock); 158 if ((pid = fork()) < 0) { 159 serrno = errno; 160 _close(pdesw[0]); 161 _close(pdesw[1]); 162 _close(pdes[0]); 163 _close(pdes[1]); 164 (void)__libc_sigprocmask(SIG_SETMASK, &oldsigblock, NULL); 165 errno = serrno; 166 return (WRDE_NOSPACE); /* XXX */ 167 } 168 else if (pid == 0) { 169 /* 170 * We are the child; make /bin/sh expand `words'. 171 */ 172 (void)__libc_sigprocmask(SIG_SETMASK, &oldsigblock, NULL); 173 if ((pdes[1] != STDOUT_FILENO ? 174 _dup2(pdes[1], STDOUT_FILENO) : 175 _fcntl(pdes[1], F_SETFD, 0)) < 0) 176 _exit(1); 177 if (_fcntl(pdesw[0], F_SETFD, 0) < 0) 178 _exit(1); 179 execl(_PATH_BSHELL, "sh", flags & WRDE_UNDEF ? "-u" : "+u", 180 "-c", "IFS=$1;eval \"$2\";" 181 "freebsd_wordexp -f \"$3\" ${4:+\"$4\"}", 182 "", 183 ifs != NULL ? ifs : " \t\n", 184 flags & WRDE_SHOWERR ? "" : "exec 2>/dev/null", 185 wfdstr, 186 flags & WRDE_NOCMD ? "-p" : "", 187 (char *)NULL); 188 _exit(1); 189 } 190 191 /* 192 * We are the parent; write the words. 193 */ 194 _close(pdes[1]); 195 _close(pdesw[0]); 196 if (!we_write_fully(pdesw[1], words, strlen(words))) { 197 _close(pdesw[1]); 198 error = WRDE_SYNTAX; 199 goto cleanup; 200 } 201 _close(pdesw[1]); 202 /* 203 * Read the output of the shell wordexp function, 204 * which is a byte indicating that the words were parsed successfully, 205 * a 64-bit hexadecimal word count, a dummy byte, a 64-bit hexadecimal 206 * byte count (not including terminating null bytes), followed by the 207 * expanded words separated by nulls. 208 */ 209 switch (we_read_fully(pdes[0], buf, 34)) { 210 case 1: 211 error = buf[0] == 'C' ? WRDE_CMDSUB : 212 flags & WRDE_UNDEF ? WRDE_BADVAL : 213 WRDE_SYNTAX; 214 serrno = errno; 215 goto cleanup; 216 case 34: 217 break; 218 default: 219 error = WRDE_SYNTAX; 220 serrno = errno; 221 goto cleanup; 222 } 223 buf[17] = '\0'; 224 nwords = strtol(buf + 1, NULL, 16); 225 buf[34] = '\0'; 226 nbytes = strtol(buf + 18, NULL, 16) + nwords; 227 228 /* 229 * Allocate or reallocate (when flags & WRDE_APPEND) the word vector 230 * and string storage buffers for the expanded words we're about to 231 * read from the child. 232 */ 233 sofs = we->we_nbytes; 234 vofs = we->we_wordc; 235 if ((flags & (WRDE_DOOFFS|WRDE_APPEND)) == (WRDE_DOOFFS|WRDE_APPEND)) 236 vofs += we->we_offs; 237 we->we_wordc += nwords; 238 we->we_nbytes += nbytes; 239 if ((nwv = realloc(we->we_wordv, (we->we_wordc + 1 + 240 (flags & WRDE_DOOFFS ? we->we_offs : 0)) * 241 sizeof(char *))) == NULL) { 242 error = WRDE_NOSPACE; 243 goto cleanup; 244 } 245 we->we_wordv = nwv; 246 if ((nstrings = realloc(we->we_strings, we->we_nbytes)) == NULL) { 247 error = WRDE_NOSPACE; 248 goto cleanup; 249 } 250 for (i = 0; i < vofs; i++) 251 if (we->we_wordv[i] != NULL) 252 we->we_wordv[i] += nstrings - we->we_strings; 253 we->we_strings = nstrings; 254 255 if (we_read_fully(pdes[0], we->we_strings + sofs, nbytes) != nbytes) { 256 error = flags & WRDE_UNDEF ? WRDE_BADVAL : WRDE_SYNTAX; 257 serrno = errno; 258 goto cleanup; 259 } 260 261 error = 0; 262cleanup: 263 _close(pdes[0]); 264 do 265 wpid = _waitpid(pid, &status, 0); 266 while (wpid < 0 && errno == EINTR); 267 (void)__libc_sigprocmask(SIG_SETMASK, &oldsigblock, NULL); 268 if (error != 0) { 269 errno = serrno; 270 return (error); 271 } 272 if (wpid < 0 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) 273 return (flags & WRDE_UNDEF ? WRDE_BADVAL : WRDE_SYNTAX); 274 275 /* 276 * Break the null-terminated expanded word strings out into 277 * the vector. 278 */ 279 if (vofs == 0 && flags & WRDE_DOOFFS) 280 while (vofs < we->we_offs) 281 we->we_wordv[vofs++] = NULL; 282 p = we->we_strings + sofs; 283 while (nwords-- != 0) { 284 we->we_wordv[vofs++] = p; 285 if ((np = memchr(p, '\0', nbytes)) == NULL) 286 return (WRDE_NOSPACE); /* XXX */ 287 nbytes -= np - p + 1; 288 p = np + 1; 289 } 290 we->we_wordv[vofs] = NULL; 291 292 return (0); 293} 294 295/* 296 * we_check -- 297 * Check that the string contains none of the following unquoted 298 * special characters: <newline> |&;<>(){} 299 * This mainly serves for {} which are normally legal in sh. 300 * It deliberately does not attempt to model full sh syntax. 301 */ 302static int 303we_check(const char *words) 304{ 305 char c; 306 /* Saw \ or $, possibly not special: */ 307 bool quote = false, dollar = false; 308 /* Saw ', ", ${, ` or $(, possibly not special: */ 309 bool have_sq = false, have_dq = false, have_par_begin = false; 310 bool have_cmd = false; 311 /* Definitely saw a ', ", ${, ` or $(, need a closing character: */ 312 bool need_sq = false, need_dq = false, need_par_end = false; 313 bool need_cmd_old = false, need_cmd_new = false; 314 315 while ((c = *words++) != '\0') { 316 switch (c) { 317 case '\\': 318 quote = !quote; 319 continue; 320 case '$': 321 if (quote) 322 quote = false; 323 else 324 dollar = !dollar; 325 continue; 326 case '\'': 327 if (!quote && !have_sq && !have_dq) 328 need_sq = true; 329 else 330 need_sq = false; 331 have_sq = true; 332 break; 333 case '"': 334 if (!quote && !have_sq && !have_dq) 335 need_dq = true; 336 else 337 need_dq = false; 338 have_dq = true; 339 break; 340 case '`': 341 if (!quote && !have_sq && !have_cmd) 342 need_cmd_old = true; 343 else 344 need_cmd_old = false; 345 have_cmd = true; 346 break; 347 case '{': 348 if (!quote && !dollar && !have_sq && !have_dq && 349 !have_cmd) 350 return (WRDE_BADCHAR); 351 if (dollar) { 352 if (!quote && !have_sq) 353 need_par_end = true; 354 have_par_begin = true; 355 } 356 break; 357 case '}': 358 if (!quote && !have_sq && !have_dq && !have_par_begin && 359 !have_cmd) 360 return (WRDE_BADCHAR); 361 need_par_end = false; 362 break; 363 case '(': 364 if (!quote && !dollar && !have_sq && !have_dq && 365 !have_cmd) 366 return (WRDE_BADCHAR); 367 if (dollar) { 368 if (!quote && !have_sq) 369 need_cmd_new = true; 370 have_cmd = true; 371 } 372 break; 373 case ')': 374 if (!quote && !have_sq && !have_dq && !have_cmd) 375 return (WRDE_BADCHAR); 376 need_cmd_new = false; 377 break; 378 case '|': case '&': case ';': case '<': case '>': case '\n': 379 if (!quote && !have_sq && !have_dq && !have_cmd) 380 return (WRDE_BADCHAR); 381 break; 382 default: 383 break; 384 } 385 quote = dollar = false; 386 } 387 if (quote || dollar || need_sq || need_dq || need_par_end || 388 need_cmd_old || need_cmd_new) 389 return (WRDE_SYNTAX); 390 391 return (0); 392} 393 394/* 395 * wordfree -- 396 * Free the result of wordexp(). See wordexp(3). 397 * 398 * Specified by IEEE Std. 1003.1-2001. 399 */ 400void 401wordfree(wordexp_t *we) 402{ 403 404 if (we == NULL) 405 return; 406 free(we->we_wordv); 407 free(we->we_strings); 408 we->we_wordv = NULL; 409 we->we_strings = NULL; 410 we->we_nbytes = 0; 411 we->we_wordc = 0; 412} 413