X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=applets%2Fapplets.c;h=bd8cfec5da2356ace2e14c4b57be656cb9f47dc7;hb=eea561871b45a2335ab6a09f14dad627ffcdc1cd;hp=e214f85abfb6e72328adc6e16fde5cdea9b6416a;hpb=6ead3abd5549b9342245820fbac6dd32647bdcb1;p=oweals%2Fbusybox.git diff --git a/applets/applets.c b/applets/applets.c index e214f85ab..bd8cfec5d 100644 --- a/applets/applets.c +++ b/applets/applets.c @@ -6,417 +6,472 @@ * isn't something I'm going to worry about... If you wrote something * here, please feel free to acknowledge your work. * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * Based in part on code from sash, Copyright (c) 1999 by David I. Bell + * Based in part on code from sash, Copyright (c) 1999 by David I. Bell * Permission has been granted to redistribute this code under the GPL. * + * Licensed under GPLv2 or later, see file License in this tarball for details. */ +#include "busybox.h" #include -#include -#include #include -#include "busybox.h" +#include + +#if ENABLE_SHOW_USAGE && !ENABLE_FEATURE_COMPRESS_USAGE +static const char usage_messages[] = +#define MAKE_USAGE +#include "usage.h" +#include "applets.h" +; +#undef MAKE_USAGE +#else +#define usage_messages 0 +#endif /* ENABLE_SHOW_USAGE */ #undef APPLET #undef APPLET_NOUSAGE #undef PROTOTYPES #include "applets.h" -struct BB_applet *applet_using; +static struct BB_applet *applet_using; /* The -1 arises because of the {0,NULL,0,-1} entry above. */ const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1); -#ifdef CONFIG_FEATURE_SUID - -static void check_suid ( struct BB_applet *app ); - #ifdef CONFIG_FEATURE_SUID_CONFIG -#include #include #include "pwd_.h" #include "grp_.h" -static int parse_config_file ( void ); - -static int config_ok; - #define CONFIG_FILE "/etc/busybox.conf" /* applets [] is const, so we have to define this "override" structure */ -struct BB_suid_config { - struct BB_applet *m_applet; +static struct BB_suid_config +{ + struct BB_applet *m_applet; - uid_t m_uid; - gid_t m_gid; - mode_t m_mode; + uid_t m_uid; + gid_t m_gid; + mode_t m_mode; - struct BB_suid_config *m_next; -}; + struct BB_suid_config *m_next; +} *suid_config; -static struct BB_suid_config *suid_config; +static int suid_cfg_readable; -#endif /* CONFIG_FEATURE_SUID_CONFIG */ +/* check if u is member of group g */ +static int ingroup (uid_t u, gid_t g) +{ + struct group *grp = getgrgid (g); -#endif /* CONFIG_FEATURE_SUID */ + if (grp) { + char **mem; + for (mem = grp->gr_mem; *mem; mem++) { + struct passwd *pwd = getpwnam (*mem); + if (pwd && (pwd->pw_uid == u)) + return 1; + } + } + return 0; +} -extern void show_usage(void) +/* This should probably be a libbb routine. In that case, + * I'd probably rename it to something like bb_trimmed_slice. + */ +static char *get_trimmed_slice(char *s, char *e) { - const char *usage_string = usage_messages; - int i; - - for (i = applet_using - applets; i > 0; ) { - if (!*usage_string++) { - --i; + /* First, consider the value at e to be nul and back up until we + * reach a non-space char. Set the char after that (possibly at + * the original e) to nul. */ + while (e-- > s) { + if (!isspace(*e)) { + break; } } + e[1] = 0; - if(*usage_string == '\b') { - fprintf(stderr, "%s\n\nNo help available.\n\n", full_version); - } else { - fprintf(stderr, "%s\n\nUsage: %s %s\n\n", full_version, applet_using->name, usage_string); - } - exit(EXIT_FAILURE); + /* Next, advance past all leading space and return a ptr to the + * first non-space char; possibly the terminating nul. */ + return skip_whitespace(s); } -static int applet_name_compare(const void *x, const void *y) -{ - const char *name = x; - const struct BB_applet *applet = y; - return strcmp(name, applet->name); -} +#define parse_error(x) { err=x; goto pe_label; } -extern const size_t NUM_APPLETS; +/* Don't depend on the tools to combine strings. */ +static const char config_file[] = CONFIG_FILE; -struct BB_applet *find_applet_by_name(const char *name) -{ - return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet), - applet_name_compare); -} +/* There are 4 chars + 1 nul for each of user/group/other. */ +static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-"; -void run_applet_by_name(const char *name, int argc, char **argv) +/* We don't supply a value for the nul, so an index adjustment is + * necessary below. Also, we use unsigned short here to save some + * space even though these are really mode_t values. */ +static const unsigned short mode_mask[] = { + /* SST sst xxx --- */ + S_ISUID, S_ISUID|S_IXUSR, S_IXUSR, 0, /* user */ + S_ISGID, S_ISGID|S_IXGRP, S_IXGRP, 0, /* group */ + 0, S_IXOTH, S_IXOTH, 0 /* other */ +}; + +static void parse_config_file(void) { - static int recurse_level = 0; - extern int been_there_done_that; /* From busybox.c */ + struct BB_suid_config *sct_head; + struct BB_suid_config *sct; + struct BB_applet *applet; + FILE *f; + char *err; + char *s; + char *e; + int i, lc, section; + char buffer[256]; + struct stat st; -#ifdef CONFIG_FEATURE_SUID_CONFIG - if ( recurse_level == 0 ) - config_ok = parse_config_file ( ); -#endif + assert(!suid_config); /* Should be set to NULL by bss init. */ - recurse_level++; - /* Do a binary search to find the applet entry given the name. */ - if ((applet_using = find_applet_by_name(name)) != NULL) { - applet_name = applet_using->name; - if (argv[1] && strcmp(argv[1], "--help") == 0) { - if (strcmp(applet_using->name, "busybox")==0) { - if(argv[2]) - applet_using = find_applet_by_name(argv[2]); - else - applet_using = NULL; + if ((stat(config_file, &st) != 0) /* No config file? */ + || !S_ISREG(st.st_mode) /* Not a regular file? */ + || (st.st_uid != 0) /* Not owned by root? */ + || (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */ + || !(f = fopen(config_file, "r")) /* Can not open? */ + ) { + return; + } + + suid_cfg_readable = 1; + sct_head = NULL; + section = lc = 0; + + do { + s = buffer; + + if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */ + if (ferror(f)) { /* Make sure it wasn't a read error. */ + parse_error("reading"); } - if(applet_using) - show_usage(); - been_there_done_that=1; - busybox_main(0, NULL); + fclose(f); + suid_config = sct_head; /* Success, so set the pointer. */ + return; } -#ifdef CONFIG_FEATURE_SUID - check_suid ( applet_using ); -#endif - exit((*(applet_using->main)) (argc, argv)); - } - /* Just in case they have renamed busybox - Check argv[1] */ - if (recurse_level == 1) { - run_applet_by_name("busybox", argc, argv); - } - recurse_level--; -} + lc++; /* Got a (partial) line. */ + + /* If a line is too long for our buffer, we consider it an error. + * The following test does mistreat one corner case though. + * If the final line of the file does not end with a newline and + * yet exactly fills the buffer, it will be treated as too long + * even though there isn't really a problem. But it isn't really + * worth adding code to deal with such an unlikely situation, and + * we do err on the side of caution. Besides, the line would be + * too long if it did end with a newline. */ + if (!strchr(s, '\n') && !feof(f)) { + parse_error("line too long"); + } + /* Trim leading and trailing whitespace, ignoring comments, and + * check if the resulting string is empty. */ + if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) { + continue; + } -#ifdef CONFIG_FEATURE_SUID + /* Check for a section header. */ + + if (*s == '[') { + /* Unlike the old code, we ignore leading and trailing + * whitespace for the section name. We also require that + * there are no stray characters after the closing bracket. */ + if (!(e = strchr(s, ']')) /* Missing right bracket? */ + || e[1] /* Trailing characters? */ + || !*(s = get_trimmed_slice(s+1, e)) /* Missing name? */ + ) { + parse_error("section header"); + } + /* Right now we only have one section so just check it. + * If more sections are added in the future, please don't + * resort to cascading ifs with multiple strcasecmp calls. + * That kind of bloated code is all too common. A loop + * and a string table would be a better choice unless the + * number of sections is very small. */ + if (strcasecmp(s, "SUID") == 0) { + section = 1; + continue; + } + section = -1; /* Unknown section so set to skip. */ + continue; + } -#ifdef CONFIG_FEATURE_SUID_CONFIG + /* Process sections. */ -/* check if u is member of group g */ -static int ingroup ( uid_t u, gid_t g ) -{ - struct group *grp = getgrgid ( g ); + if (section == 1) { /* SUID */ + /* Since we trimmed leading and trailing space above, we're + * now looking for strings of the form + * [::space::]*=[::space::]* + * where both key and value could contain inner whitespace. */ - if ( grp ) { - char **mem; + /* First get the key (an applet name in our case). */ + if (!!(e = strchr(s, '='))) { + s = get_trimmed_slice(s, e); + } + if (!e || !*s) { /* Missing '=' or empty key. */ + parse_error("keyword"); + } - for ( mem = grp-> gr_mem; *mem; mem++ ) { - struct passwd *pwd = getpwnam ( *mem ); + /* Ok, we have an applet name. Process the rhs if this + * applet is currently built in and ignore it otherwise. + * Note: This can hide config file bugs which only pop + * up when the busybox configuration is changed. */ + if ((applet = find_applet_by_name(s))) { + /* Note: We currently don't check for duplicates! + * The last config line for each applet will be the + * one used since we insert at the head of the list. + * I suppose this could be considered a feature. */ + sct = xmalloc(sizeof(struct BB_suid_config)); + sct->m_applet = applet; + sct->m_mode = 0; + sct->m_next = sct_head; + sct_head = sct; + + /* Get the specified mode. */ + + e = skip_whitespace(e+1); + + for (i=0 ; i < 3 ; i++) { + const char *q; + if (!*(q = strchrnul(mode_chars + 5*i, *e++))) { + parse_error("mode"); + } + /* Adjust by -i to account for nul. */ + sct->m_mode |= mode_mask[(q - mode_chars) - i]; + } + + /* Now get the the user/group info. */ + + s = skip_whitespace(e); + + /* Note: We require whitespace between the mode and the + * user/group info. */ + if ((s == e) || !(e = strchr(s, '.'))) { + parse_error("."); + } + *e++ = 0; + + /* We can't use get_ug_id here since it would exit() + * if a uid or gid was not found. Oh well... */ + { + char *e2; + + sct->m_uid = strtoul(s, &e2, 10); + if (*e2 || (s == e2)) { + struct passwd *pwd; + if (!(pwd = getpwnam(s))) { + parse_error("user"); + } + sct->m_uid = pwd->pw_uid; + } + + sct->m_gid = strtoul(e, &e2, 10); + if (*e2 || (e == e2)) { + struct group *grp; + if (!(grp = getgrnam(e))) { + parse_error("group"); + } + sct->m_gid = grp->gr_gid; + } + } + } + continue; + } - if ( pwd && ( pwd-> pw_uid == u )) - return 1; + /* Unknown sections are ignored. */ + + /* Encountering configuration lines prior to seeing a + * section header is treated as an error. This is how + * the old code worked, but it may not be desirable. + * We may want to simply ignore such lines in case they + * are used in some future version of busybox. */ + if (!section) { + parse_error("keyword outside section"); } + + } while (1); + + pe_label: + fprintf(stderr, "Parse error in %s, line %d: %s\n", + config_file, lc, err); + + fclose(f); + /* Release any allocated memory before returning. */ + while (sct_head) { + sct = sct_head->m_next; + free(sct_head); + sct_head = sct; } - return 0; + return; } -#endif - +#else +#define parse_config_file() +#endif /* CONFIG_FEATURE_SUID_CONFIG */ -void check_suid ( struct BB_applet *applet ) +#ifdef CONFIG_FEATURE_SUID +static void check_suid (struct BB_applet *applet) { - uid_t ruid = getuid ( ); /* real [ug]id */ - uid_t rgid = getgid ( ); + uid_t ruid = getuid (); /* real [ug]id */ + uid_t rgid = getgid (); #ifdef CONFIG_FEATURE_SUID_CONFIG - if ( config_ok ) { - struct BB_suid_config *sct; - - for ( sct = suid_config; sct; sct = sct-> m_next ) { - if ( sct-> m_applet == applet ) - break; - } - if ( sct ) { - mode_t m = sct-> m_mode; - - if ( sct-> m_uid == ruid ) /* same uid */ - m >>= 6; - else if (( sct-> m_gid == rgid ) || ingroup ( ruid, sct-> m_gid )) /* same group / in group */ - m >>= 3; - - if (!( m & S_IXOTH )) /* is x bit not set ? */ - error_msg_and_die ( "You have no permission to run this applet!" ); - - if (( sct-> m_mode & ( S_ISGID | S_IXGRP )) == ( S_ISGID | S_IXGRP )) { /* *both* have to be set for sgid */ - if ( setegid ( sct-> m_gid )) - error_msg_and_die ( "BusyBox binary has insufficient rights to set proper GID for applet!" ); - } - else - setgid ( rgid ); /* no sgid -> drop */ - - if ( sct-> m_mode & S_ISUID ) { - if ( seteuid ( sct-> m_uid )) - error_msg_and_die ( "BusyBox binary has insufficient rights to set proper UID for applet!" ); - } - else - setuid ( ruid ); /* no suid -> drop */ - } - else { /* default: drop all priviledges */ - setgid ( rgid ); - setuid ( ruid ); - } - return; + if (suid_cfg_readable) { + struct BB_suid_config *sct; + + for (sct = suid_config; sct; sct = sct->m_next) { + if (sct->m_applet == applet) + break; } - else { -#ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET - static int onetime = 0; + if (sct) { + mode_t m = sct->m_mode; - if ( !onetime ) { - onetime = 1; - fprintf ( stderr, "Using fallback suid method\n" ); - } -#endif + if (sct->m_uid == ruid) /* same uid */ + m >>= 6; + else if ((sct->m_gid == rgid) || ingroup (ruid, sct->m_gid)) /* same group / in group */ + m >>= 3; + + if (!(m & S_IXOTH)) /* is x bit not set ? */ + bb_error_msg_and_die ("You have no permission to run this applet!"); + + if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { /* *both* have to be set for sgid */ + xsetgid(sct->m_gid); + } else xsetgid(rgid); /* no sgid -> drop */ + + if (sct->m_mode & S_ISUID) xsetuid(sct->m_uid); + else xsetuid(ruid); /* no suid -> drop */ + } else { + /* default: drop all privileges */ + xsetgid(rgid); + xsetuid(ruid); } + return; + } else { +#ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET + static int onetime = 0; + + if (!onetime) { + onetime = 1; + fprintf (stderr, "Using fallback suid method\n"); + } +#endif + } #endif - if ( applet-> need_suid == _BB_SUID_ALWAYS ) { - if ( geteuid ( ) != 0 ) - error_msg_and_die ( "This applet requires root priviledges!" ); - } - else if ( applet-> need_suid == _BB_SUID_NEVER ) { - setgid ( rgid ); /* drop all priviledges */ - setuid ( ruid ); - } + if (applet->need_suid == _BB_SUID_ALWAYS) { + if (geteuid()) bb_error_msg_and_die("Applet requires root privileges!"); + } else if (applet->need_suid == _BB_SUID_NEVER) { + xsetgid(rgid); /* drop all privileges */ + xsetuid(ruid); + } } +#else +#define check_suid(x) +#endif /* CONFIG_FEATURE_SUID */ -#ifdef CONFIG_FEATURE_SUID_CONFIG -#define parse_error(x) { err=x; goto pe_label; } +#if ENABLE_FEATURE_COMPRESS_USAGE +#include "usage_compressed.h" +#include "unarchive.h" -int parse_config_file ( void ) +static const char *unpack_usage_messages(void) { - struct stat st; - char *err = 0; - FILE *f = 0; - int lc = 0; - - suid_config = 0; + int input[2], output[2], pid; + char *buf; + + if(pipe(input) < 0 || pipe(output) < 0) + exit(1); + + pid = fork(); + switch (pid) { + case -1: /* error */ + exit(1); + case 0: /* child */ + close(input[1]); + close(output[0]); + uncompressStream(input[0], output[1]); + exit(0); + } + /* parent */ + + close(input[0]); + close(output[1]); + pid = fork(); + switch (pid) { + case -1: /* error */ + exit(1); + case 0: /* child */ + full_write(input[1], packed_usage, sizeof(packed_usage)); + exit(0); + } + /* parent */ + close(input[1]); - /* is there a config file ? */ - if ( stat ( CONFIG_FILE, &st ) == 0 ) { - /* is it owned by root with no write perm. for group and others ? */ - if ( S_ISREG( st. st_mode ) && ( st. st_uid == 0 ) && (!( st. st_mode & ( S_IWGRP | S_IWOTH )))) { - /* that's ok .. then try to open it */ - f = fopen ( CONFIG_FILE, "r" ); + buf = xmalloc(SIZEOF_usage_messages); + full_read(output[0], buf, SIZEOF_usage_messages); + return buf; +} - if ( f ) { - char buffer [256]; - int section = 0; +#else +#define unpack_usage_messages() usage_messages +#endif /* ENABLE_FEATURE_COMPRESS_USAGE */ - while ( fgets ( buffer, sizeof( buffer ) - 1, f )) { - char c = buffer [0]; - char *p; +void bb_show_usage (void) +{ + if (ENABLE_SHOW_USAGE) { + const char *format_string; + const char *usage_string = unpack_usage_messages(); + int i; + + for (i = applet_using - applets; i > 0;) + if (!*usage_string++) --i; + + format_string = "%s\n\nUsage: %s %s\n\n"; + if (*usage_string == '\b') + format_string = "%s\n\nNo help available.\n\n"; + fprintf (stderr, format_string, bb_msg_full_version, + applet_using->name, usage_string); + } - lc++; + exit (bb_default_error_retval); +} - p = strchr ( buffer, '#' ); - if ( p ) - *p = 0; - p = buffer + xstrlen ( buffer ); - while (( p > buffer ) && isspace ( *--p )) - *p = 0; +static int applet_name_compare(const void *name, const void *vapplet) +{ + const struct BB_applet *applet = vapplet; - if ( p == buffer ) - continue; + return strcmp(name, applet->name); +} - if ( c == '[' ) { - p = strchr ( buffer, ']' ); +extern const size_t NUM_APPLETS; - if ( !p || ( p == ( buffer + 1 ))) /* no matching ] or empty [] */ - parse_error ( "malformed section header" ); +struct BB_applet *find_applet_by_name(const char *name) +{ + return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet), + applet_name_compare); +} - *p = 0; +void run_applet_by_name(const char *name, int argc, char **argv) +{ + if (ENABLE_FEATURE_SUID_CONFIG) parse_config_file(); - if ( strcasecmp ( buffer + 1, "SUID" ) == 0 ) - section = 1; - else - section = -1; /* unknown section - just skip */ - } - else if ( section ) { - switch ( section ) { - case 1: { /* SUID */ - int l; - struct BB_applet *applet; - - p = strchr ( buffer, '=' ); /* [::space::]*=[::space::]* */ - - if ( !p || ( p == ( buffer + 1 ))) /* no = or key is empty */ - parse_error ( "malformed keyword" ); - - l = p - buffer; - while ( isspace ( buffer [--l] )) { } /* skip whitespace */ - - buffer [l+1] = 0; - - if (( applet = find_applet_by_name ( buffer ))) { - struct BB_suid_config *sct = xmalloc ( sizeof( struct BB_suid_config )); - - sct-> m_applet = applet; - sct-> m_next = suid_config; - suid_config = sct; - - while ( isspace ( *++p )) { } /* skip whitespace */ - - sct-> m_mode = 0; - - switch ( *p++ ) { - case 'S': sct-> m_mode |= S_ISUID; break; - case 's': sct-> m_mode |= S_ISUID; /* no break */ - case 'x': sct-> m_mode |= S_IXUSR; break; - case '-': break; - default : parse_error ( "invalid user mode" ); - } - - switch ( *p++ ) { - case 's': sct-> m_mode |= S_ISGID; /* no break */ - case 'x': sct-> m_mode |= S_IXGRP; break; - case 'S': break; - case '-': break; - default : parse_error ( "invalid group mode" ); - } - - switch ( *p ) { - case 't': - case 'x': sct-> m_mode |= S_IXOTH; break; - case 'T': - case '-': break; - default : parse_error ( "invalid other mode" ); - } - - while ( isspace ( *++p )) { } /* skip whitespace */ - - if ( isdigit ( *p )) { - sct-> m_uid = strtol ( p, &p, 10 ); - if ( *p++ != '.' ) - parse_error ( "parsing ." ); - } - else { - struct passwd *pwd; - char *p2 = strchr ( p, '.' ); - - if ( !p2 ) - parse_error ( "parsing ." ); - - *p2 = 0; - pwd = getpwnam ( p ); - - if ( !pwd ) - parse_error ( "invalid user name" ); - - sct-> m_uid = pwd-> pw_uid; - p = p2 + 1; - } - if ( isdigit ( *p )) - sct-> m_gid = strtol ( p, &p, 10 ); - else { - struct group *grp = getgrnam ( p ); - - if ( !grp ) - parse_error ( "invalid group name" ); - - sct-> m_gid = grp-> gr_gid; - } - } - break; - } - default: /* unknown - skip */ - break; - } - } - else - parse_error ( "keyword not within section" ); - } - fclose ( f ); - return 1; - } - } + if (!strncmp(name, "busybox", 7)) busybox_main(argc, argv); + /* Do a binary search to find the applet entry given the name. */ + applet_using = find_applet_by_name(name); + if (applet_using) { + bb_applet_name = applet_using->name; + if(argc==2 && !strcmp(argv[1], "--help")) bb_show_usage(); + if(ENABLE_FEATURE_SUID) check_suid(applet_using); + exit((*(applet_using->main))(argc, argv)); } - return 0; /* no config file or not readable (not an error) */ - -pe_label: - fprintf ( stderr, "Parse error in %s, line %d: %s\n", CONFIG_FILE, lc, err ); - - if ( f ) - fclose ( f ); - return 0; } - -#endif - -#endif - -/* END CODE */ -/* -Local Variables: -c-file-style: "linux" -c-basic-offset: 4 -tab-width: 4 -End: -*/