Annotation of embedaddon/sudo/plugins/sudoers/find_path.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (c) 1996, 1998-2005, 2010-2011
! 3: * Todd C. Miller <Todd.Miller@courtesan.com>
! 4: *
! 5: * Permission to use, copy, modify, and distribute this software for any
! 6: * purpose with or without fee is hereby granted, provided that the above
! 7: * copyright notice and this permission notice appear in all copies.
! 8: *
! 9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
! 10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
! 11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
! 12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
! 13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
! 14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
! 15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
! 16: *
! 17: * Sponsored in part by the Defense Advanced Research Projects
! 18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
! 19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
! 20: */
! 21:
! 22: #include <config.h>
! 23:
! 24: #include <sys/types.h>
! 25: #include <sys/param.h>
! 26: #include <sys/stat.h>
! 27: #include <stdio.h>
! 28: #ifdef STDC_HEADERS
! 29: # include <stdlib.h>
! 30: # include <stddef.h>
! 31: #else
! 32: # ifdef HAVE_STDLIB_H
! 33: # include <stdlib.h>
! 34: # endif
! 35: #endif /* STDC_HEADERS */
! 36: #ifdef HAVE_STRING_H
! 37: # include <string.h>
! 38: #endif /* HAVE_STRING_H */
! 39: #ifdef HAVE_STRINGS_H
! 40: # include <strings.h>
! 41: #endif /* HAVE_STRINGS_H */
! 42: #ifdef HAVE_UNISTD_H
! 43: # include <unistd.h>
! 44: #endif /* HAVE_UNISTD_H */
! 45: #include <errno.h>
! 46:
! 47: #include "sudoers.h"
! 48:
! 49: /*
! 50: * This function finds the full pathname for a command and
! 51: * stores it in a statically allocated array, filling in a pointer
! 52: * to the array. Returns FOUND if the command was found, NOT_FOUND
! 53: * if it was not found, or NOT_FOUND_DOT if it would have been found
! 54: * but it is in '.' and IGNORE_DOT is set.
! 55: */
! 56: int
! 57: find_path(char *infile, char **outfile, struct stat *sbp, char *path,
! 58: int ignore_dot)
! 59: {
! 60: static char command[PATH_MAX]; /* qualified filename */
! 61: char *n; /* for traversing path */
! 62: char *origpath; /* so we can free path later */
! 63: char *result = NULL; /* result of path/file lookup */
! 64: int checkdot = 0; /* check current dir? */
! 65: int len; /* length parameter */
! 66:
! 67: if (strlen(infile) >= PATH_MAX)
! 68: errorx(1, _("%s: %s"), infile, strerror(ENAMETOOLONG));
! 69:
! 70: /*
! 71: * If we were given a fully qualified or relative path
! 72: * there is no need to look at $PATH.
! 73: */
! 74: if (strchr(infile, '/')) {
! 75: strlcpy(command, infile, sizeof(command)); /* paranoia */
! 76: if (sudo_goodpath(command, sbp)) {
! 77: *outfile = command;
! 78: return FOUND;
! 79: } else
! 80: return NOT_FOUND;
! 81: }
! 82:
! 83: if (path == NULL)
! 84: return NOT_FOUND;
! 85: path = estrdup(path);
! 86: origpath = path;
! 87:
! 88: do {
! 89: if ((n = strchr(path, ':')))
! 90: *n = '\0';
! 91:
! 92: /*
! 93: * Search current dir last if it is in PATH This will miss sneaky
! 94: * things like using './' or './/'
! 95: */
! 96: if (*path == '\0' || (*path == '.' && *(path + 1) == '\0')) {
! 97: checkdot = 1;
! 98: path = n + 1;
! 99: continue;
! 100: }
! 101:
! 102: /*
! 103: * Resolve the path and exit the loop if found.
! 104: */
! 105: len = snprintf(command, sizeof(command), "%s/%s", path, infile);
! 106: if (len <= 0 || len >= sizeof(command))
! 107: errorx(1, _("%s: %s"), infile, strerror(ENAMETOOLONG));
! 108: if ((result = sudo_goodpath(command, sbp)))
! 109: break;
! 110:
! 111: path = n + 1;
! 112:
! 113: } while (n);
! 114: efree(origpath);
! 115:
! 116: /*
! 117: * Check current dir if dot was in the PATH
! 118: */
! 119: if (!result && checkdot) {
! 120: len = snprintf(command, sizeof(command), "./%s", infile);
! 121: if (len <= 0 || len >= sizeof(command))
! 122: errorx(1, _("%s: %s"), infile, strerror(ENAMETOOLONG));
! 123: result = sudo_goodpath(command, sbp);
! 124: if (result && ignore_dot)
! 125: return NOT_FOUND_DOT;
! 126: }
! 127:
! 128: if (result) {
! 129: *outfile = result;
! 130: return FOUND;
! 131: } else
! 132: return NOT_FOUND;
! 133: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>