Merge "Rewrite the exec family."

libc/Android.bp

@@ -518,7 +518,6 @@ cc_library_static {
     name: "libc_openbsd_large_stack",
     defaults: ["libc_defaults"],
     srcs: [
-        "upstream-openbsd/lib/libc/gen/exec.c",
         "upstream-openbsd/lib/libc/stdio/vfprintf.c",
         "upstream-openbsd/lib/libc/stdio/vfwprintf.c",
         "upstream-openbsd/lib/libc/stdio/vfwscanf.c",
@@ -1238,6 +1237,7 @@ cc_library_static {
         "bionic/error.cpp",
         "bionic/eventfd_read.cpp",
         "bionic/eventfd_write.cpp",
+        "bionic/exec.cpp",
         "bionic/faccessat.cpp",
         "bionic/fchmod.cpp",
         "bionic/fchmodat.cpp",

libc/bionic/exec.cpp

@@ -0,0 +1,163 @@
+/*-
+ * Copyright (c) 1991, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/types.h>
+#include <sys/uio.h>
+
+#include <errno.h>
+#include <limits.h>
+#include <paths.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+extern "C" char** environ;
+
+enum ExecVariant { kIsExecL, kIsExecLE, kIsExecLP };
+
+static int __execl(const char* name, const char* argv0, ExecVariant variant, va_list ap) {
+  // Count the arguments.
+  va_list count_ap;
+  va_copy(count_ap, ap);
+  size_t n = 1;
+  while (va_arg(count_ap, char*) != nullptr) {
+    ++n;
+  }
+  va_end(count_ap);
+
+  // Construct the new argv.
+  char* argv[n + 1];
+  argv[0] = const_cast<char*>(argv0);
+  n = 1;
+  while ((argv[n] = va_arg(ap, char*)) != nullptr) {
+    ++n;
+  }
+
+  // Collect the argp too.
+  char** argp = (variant == kIsExecLE) ? va_arg(ap, char**) : environ;
+
+  va_end(ap);
+
+  return (variant == kIsExecLP) ? execvp(name, argv) : execve(name, argv, argp);
+}
+
+int execl(const char* name, const char* arg, ...) {
+  va_list ap;
+  va_start(ap, arg);
+  return __execl(name, arg, kIsExecL, ap);
+}
+
+int execle(const char* name, const char* arg, ...) {
+  va_list ap;
+  va_start(ap, arg);
+  return __execl(name, arg, kIsExecLE, ap);
+}
+
+int execlp(const char* name, const char* arg, ...) {
+  va_list ap;
+  va_start(ap, arg);
+  return __execl(name, arg, kIsExecLP, ap);
+}
+
+int execv(const char* name, char* const* argv) {
+  return execve(name, argv, environ);
+}
+
+int execvp(const char* name, char* const* argv) {
+  return execvpe(name, argv, environ);
+}
+
+static int __exec_as_script(char* buf, char* const* argv, char* const* envp) {
+  size_t arg_count = 0;
+  while (argv[arg_count] != nullptr) ++arg_count;
+
+  char* script_argv[arg_count + 2];
+  script_argv[0] = const_cast<char*>("sh");
+  script_argv[1] = buf;
+  bcopy(argv + 1, script_argv + 2, arg_count * sizeof(char*));
+  return execve(_PATH_BSHELL, script_argv, envp);
+}
+
+int execvpe(const char* name, char* const* argv, char* const* envp) {
+  // Do not allow null name.
+  if (name == nullptr || *name == '\0') {
+    errno = ENOENT;
+    return -1;
+  }
+
+  // If it's an absolute or relative path name, it's easy.
+  if (strchr(name, '/')) return execve(name, argv, envp);
+
+  // Get the path we're searching.
+  const char* path = getenv("PATH");
+  if (path == nullptr) path = _PATH_DEFPATH;
+
+  // Make a writable copy.
+  size_t len = strlen(path) + 1;
+  char writable_path[len];
+  memcpy(writable_path, path, len);
+
+  bool saw_EACCES = false;
+
+  // Try each element of $PATH in turn...
+  char* strsep_buf = writable_path;
+  const char* dir;
+  while ((dir = strsep(&strsep_buf, ":"))) {
+    // It's a shell path: double, leading and trailing colons
+    // mean the current directory.
+    if (*dir == '\0') dir = const_cast<char*>(".");
+
+    size_t dir_len = strlen(dir);
+    size_t name_len = strlen(name);
+
+    char buf[dir_len + 1 + name_len + 1];
+    mempcpy(mempcpy(mempcpy(buf, dir, dir_len), "/", 1), name, name_len + 1);
+
+    execve(buf, argv, envp);
+    switch (errno) {
+    case EISDIR:
+    case ELOOP:
+    case ENAMETOOLONG:
+    case ENOENT:
+    case ENOTDIR:
+      break;
+    case ENOEXEC:
+      return __exec_as_script(buf, argv, envp);
+    case EACCES:
+      saw_EACCES = true;
+      break;
+    default:
+      return -1;
+    }
+  }
+  if (saw_EACCES) errno = EACCES;
+  return -1;
+}

libc/upstream-openbsd/lib/libc/gen/exec.c

@@ -1,251 +0,0 @@
-/*	$OpenBSD: exec.c,v 1.21 2013/09/30 12:02:33 millert Exp $ */
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/types.h>
-#include <sys/uio.h>
-
-#include <errno.h>
-#include <limits.h>
-#include <paths.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-extern char **environ;
-
-int
-execl(const char *name, const char *arg, ...)
-{
-	va_list ap;
-	char **argv;
-	int n;
-
-	va_start(ap, arg);
-	n = 1;
-	while (va_arg(ap, char *) != NULL)
-		n++;
-	va_end(ap);
-	argv = alloca((n + 1) * sizeof(*argv));
-	if (argv == NULL) {
-		errno = ENOMEM;
-		return (-1);
-	}
-	va_start(ap, arg);
-	n = 1;
-	argv[0] = (char *)arg;
-	while ((argv[n] = va_arg(ap, char *)) != NULL)
-		n++;
-	va_end(ap);
-	return (execve(name, argv, environ));
-}
-
-int
-execle(const char *name, const char *arg, ...)
-{
-	va_list ap;
-	char **argv, **envp;
-	int n;
-
-	va_start(ap, arg);
-	n = 1;
-	while (va_arg(ap, char *) != NULL)
-		n++;
-	va_end(ap);
-	argv = alloca((n + 1) * sizeof(*argv));
-	if (argv == NULL) {
-		errno = ENOMEM;
-		return (-1);
-	}
-	va_start(ap, arg);
-	n = 1;
-	argv[0] = (char *)arg;
-	while ((argv[n] = va_arg(ap, char *)) != NULL)
-		n++;
-	envp = va_arg(ap, char **);
-	va_end(ap);
-	return (execve(name, argv, envp));
-}
-
-int
-execlp(const char *name, const char *arg, ...)
-{
-	va_list ap;
-	char **argv;
-	int n;
-
-	va_start(ap, arg);
-	n = 1;
-	while (va_arg(ap, char *) != NULL)
-		n++;
-	va_end(ap);
-	argv = alloca((n + 1) * sizeof(*argv));
-	if (argv == NULL) {
-		errno = ENOMEM;
-		return (-1);
-	}
-	va_start(ap, arg);
-	n = 1;
-	argv[0] = (char *)arg;
-	while ((argv[n] = va_arg(ap, char *)) != NULL)
-		n++;
-	va_end(ap);
-	return (execvp(name, argv));
-}
-
-int
-execv(const char *name, char *const *argv)
-{
-	(void)execve(name, argv, environ);
-	return (-1);
-}
-
-int
-execvpe(const char *name, char *const *argv, char *const *envp)
-{
-	char **memp;
-	int cnt;
-	size_t lp, ln, len;
-	char *p;
-	int eacces = 0;
-	char *bp, *cur, *path, buf[PATH_MAX];
-
-	/*
-	 * Do not allow null name
-	 */
-	if (name == NULL || *name == '\0') {
-		errno = ENOENT;
-		return (-1);
- 	}
-
-	/* If it's an absolute or relative path name, it's easy. */
-	if (strchr(name, '/')) {
-		bp = (char *)name;
-		cur = path = NULL;
-		goto retry;
-	}
-	bp = buf;
-
-	/* Get the path we're searching. */
-	if (!(path = getenv("PATH")))
-		path = _PATH_DEFPATH;
-	len = strlen(path) + 1;
-	cur = alloca(len);
-	if (cur == NULL) {
-		errno = ENOMEM;
-		return (-1);
-	}
-	strlcpy(cur, path, len);
-	path = cur;
-	while ((p = strsep(&cur, ":"))) {
-		/*
-		 * It's a SHELL path -- double, leading and trailing colons
-		 * mean the current directory.
-		 */
-		if (!*p) {
-			p = ".";
-			lp = 1;
-		} else
-			lp = strlen(p);
-		ln = strlen(name);
-
-		/*
-		 * If the path is too long complain.  This is a possible
-		 * security issue; given a way to make the path too long
-		 * the user may execute the wrong program.
-		 */
-		if (lp + ln + 2 > sizeof(buf)) {
-			struct iovec iov[3];
-
-			iov[0].iov_base = "execvp: ";
-			iov[0].iov_len = 8;
-			iov[1].iov_base = p;
-			iov[1].iov_len = lp;
-			iov[2].iov_base = ": path too long\n";
-			iov[2].iov_len = 16;
-			(void)writev(STDERR_FILENO, iov, 3);
-			continue;
-		}
-		bcopy(p, buf, lp);
-		buf[lp] = '/';
-		bcopy(name, buf + lp + 1, ln);
-		buf[lp + ln + 1] = '\0';
-
-retry:		(void)execve(bp, argv, envp);
-		switch(errno) {
-		case E2BIG:
-			goto done;
-		case EISDIR:
-		case ELOOP:
-		case ENAMETOOLONG:
-		case ENOENT:
-			break;
-		case ENOEXEC:
-			for (cnt = 0; argv[cnt]; ++cnt)
-				;
-			memp = alloca((cnt + 2) * sizeof(char *));
-			if (memp == NULL)
-				goto done;
-			memp[0] = "sh";
-			memp[1] = bp;
-			bcopy(argv + 1, memp + 2, cnt * sizeof(char *));
-			(void)execve(_PATH_BSHELL, memp, envp);
-			goto done;
-		case ENOMEM:
-			goto done;
-		case ENOTDIR:
-			break;
-		case ETXTBSY:
-			/*
-			 * We used to retry here, but sh(1) doesn't.
-			 */
-			goto done;
-		case EACCES:
-			eacces = 1;
-			break;
-		default:
-			goto done;
-		}
-	}
-	if (eacces)
-		errno = EACCES;
-	else if (!errno)
-		errno = ENOENT;
-done:
-	return (-1);
-}
-
-int
-execvp(const char *name, char *const *argv)
-{
-    return execvpe(name, argv, environ);
-}
-

tests/unistd_test.cpp

@@ -1073,3 +1073,138 @@ TEST(UNISTD_TEST, setdomainname) {
     ASSERT_EQ(0, capset(&header, &old_caps[0])) << "failed to restore admin privileges";
   }
 }
+
+class ExecTestHelper {
+ public:
+  char** GetArgs() { return const_cast<char**>(args_.data()); }
+  char** GetEnv() { return const_cast<char**>(env_.data()); }
+
+  void SetArgs(const std::vector<const char*> args) { args_ = args; }
+  void SetEnv(const std::vector<const char*> env) { env_ = env; }
+
+  void Run(const std::function<void ()>& child_fn,
+           int expected_exit_status,
+           const char* expected_output) {
+    ASSERT_EXIT({ dup2(STDERR_FILENO, STDOUT_FILENO); child_fn(); },
+                ::testing::ExitedWithCode(expected_exit_status),
+                expected_output);
+  }
+
+ private:
+  std::vector<const char*> args_;
+  std::vector<const char*> env_;
+};
+
+#if defined(__GLIBC__)
+#define BIN_DIR "/bin/"
+#else
+#define BIN_DIR "/system/bin/"
+#endif
+
+TEST(UNISTD_TEST, execve_failure) {
+  ExecTestHelper eth;
+  errno = 0;
+  ASSERT_EQ(-1, execve("/", eth.GetArgs(), eth.GetEnv()));
+  ASSERT_EQ(EACCES, errno);
+}
+
+TEST(UNISTD_TEST, execve) {
+  // int execve(const char* path, char* argv[], char* envp[]);
+
+  // Test basic argument passing.
+  ExecTestHelper eth;
+  eth.SetArgs({"echo", "hello", "world", nullptr});
+  eth.Run([&]() { execve(BIN_DIR "echo", eth.GetArgs(), eth.GetEnv()); }, 0, "hello world\n");
+
+  // Test environment variable setting too.
+  eth.SetArgs({"printenv", nullptr});
+  eth.SetEnv({"A=B", nullptr});
+  eth.Run([&]() { execve(BIN_DIR "printenv", eth.GetArgs(), eth.GetEnv()); }, 0, "A=B\n");
+}
+
+TEST(UNISTD_TEST, execl_failure) {
+  errno = 0;
+  ASSERT_EQ(-1, execl("/", "/", nullptr));
+  ASSERT_EQ(EACCES, errno);
+}
+
+TEST(UNISTD_TEST, execl) {
+  ExecTestHelper eth;
+  // int execl(const char* path, const char* arg, ...);
+  eth.Run([&]() { execl(BIN_DIR "echo", "echo", "hello", "world", nullptr); }, 0, "hello world\n");
+}
+
+TEST(UNISTD_TEST, execle_failure) {
+  ExecTestHelper eth;
+  errno = 0;
+  ASSERT_EQ(-1, execle("/", "/", nullptr, eth.GetEnv()));
+  ASSERT_EQ(EACCES, errno);
+}
+
+TEST(UNISTD_TEST, execle) {
+  ExecTestHelper eth;
+  eth.SetEnv({"A=B", nullptr});
+  // int execle(const char* path, const char* arg, ..., char* envp[]);
+  eth.Run([&]() { execle(BIN_DIR "printenv", "printenv", nullptr, eth.GetEnv()); }, 0, "A=B\n");
+}
+
+TEST(UNISTD_TEST, execv_failure) {
+  ExecTestHelper eth;
+  errno = 0;
+  ASSERT_EQ(-1, execv("/", eth.GetArgs()));
+  ASSERT_EQ(EACCES, errno);
+}
+
+TEST(UNISTD_TEST, execv) {
+  ExecTestHelper eth;
+  eth.SetArgs({"echo", "hello", "world", nullptr});
+  // int execv(const char* path, char* argv[]);
+  eth.Run([&]() { execv(BIN_DIR "echo", eth.GetArgs()); }, 0, "hello world\n");
+}
+
+TEST(UNISTD_TEST, execlp_failure) {
+  errno = 0;
+  ASSERT_EQ(-1, execlp("/", "/", nullptr));
+  ASSERT_EQ(EACCES, errno);
+}
+
+TEST(UNISTD_TEST, execlp) {
+  ExecTestHelper eth;
+  // int execlp(const char* file, const char* arg, ...);
+  eth.Run([&]() { execlp("echo", "echo", "hello", "world", nullptr); }, 0, "hello world\n");
+}
+
+TEST(UNISTD_TEST, execvp_failure) {
+  ExecTestHelper eth;
+  errno = 0;
+  ASSERT_EQ(-1, execvp("/", eth.GetArgs()));
+  ASSERT_EQ(EACCES, errno);
+}
+
+TEST(UNISTD_TEST, execvp) {
+  ExecTestHelper eth;
+  eth.SetArgs({"echo", "hello", "world", nullptr});
+  // int execvp(const char* file, char* argv[]);
+  eth.Run([&]() { execvp("echo", eth.GetArgs()); }, 0, "hello world\n");
+}
+
+TEST(UNISTD_TEST, execvpe_failure) {
+  ExecTestHelper eth;
+  errno = 0;
+  ASSERT_EQ(-1, execvpe("this-does-not-exist", eth.GetArgs(), eth.GetEnv()));
+  ASSERT_EQ(ENOENT, errno);
+}
+
+TEST(UNISTD_TEST, execvpe) {
+  // int execvpe(const char* file, char* argv[], char* envp[]);
+
+  // Test basic argument passing.
+  ExecTestHelper eth;
+  eth.SetArgs({"echo", "hello", "world", nullptr});
+  eth.Run([&]() { execvpe("echo", eth.GetArgs(), eth.GetEnv()); }, 0, "hello world\n");
+
+  // Test environment variable setting too.
+  eth.SetArgs({"printenv", nullptr});
+  eth.SetEnv({"A=B", nullptr});
+  eth.Run([&]() { execvpe("printenv", eth.GetArgs(), eth.GetEnv()); }, 0, "A=B\n");
+}