sudo/goodpath.c

/*
 * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
 * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "config.h"

#include <stdio.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif /* HAVE_UNISTD_H */
#ifdef HAVE_STRING_H
#include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
#include <strings.h>
#endif /* HAVE_STRINGS_H */
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>

#include "sudo.h"

#ifndef STDC_HEADERS
extern int stat		__P((const char *, struct stat *));
#endif /* !STDC_HEADERS */

#ifndef lint
static const char rcsid[] = "$Sudo$";
#endif /* lint */

/*
 * Verify that path is a normal file and executable by root.
 */
char *
sudo_goodpath(path)
    const char *path;
{
    struct stat sb;
    int err;

    /* Check for brain damage */
    if (path == NULL || path[0] == '\0')
	return(NULL);

    /* Do the stat() as root. */
    set_perms(PERM_ROOT, 0);
    err = stat(path, &sb);
    set_perms(PERM_USER, 0);

    /* stat() failed */
    if (err)
	return(NULL);

    /* Make sure path describes an executable regular file. */
    if (!S_ISREG(sb.st_mode) || !(sb.st_mode & 0000111)) {
	errno = EACCES;
	return(NULL);
    }

    return((char *)path);
}
Initial revision 1995-03-26 05:04:11 +00:00			`/*`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`* Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com>`
			`* All rights reserved.`
Initial revision 1995-03-26 05:04:11 +00:00			`*`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions`
			`* are met:`
			`* 1. Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* 2. Redistributions in binary form must reproduce the above copyright`
			`* notice, this list of conditions and the following disclaimer in the`
			`* documentation and/or other materials provided with the distribution.`
			`* 3. The name of the author may not be used to endorse or promote products`
			`* derived from this software without specific prior written permission.`
Initial revision 1995-03-26 05:04:11 +00:00			`*`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
			`* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY`
			`* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL`
			`* THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,`
			`* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,`
			`* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;`
			`* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,`
			`* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR`
			`* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF`
			`* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
Initial revision 1995-03-26 05:04:11 +00:00			`*/`

			`#include "config.h"`

			`#include <stdio.h>`
			`#ifdef HAVE_UNISTD_H`
			`#include <unistd.h>`
			`#endif /* HAVE_UNISTD_H */`
			`#ifdef HAVE_STRING_H`
			`#include <string.h>`
			`#endif /* HAVE_STRING_H */`
			`#ifdef HAVE_STRINGS_H`
			`#include <strings.h>`
			`#endif /* HAVE_STRINGS_H */`
			`#include <errno.h>`
			`#include <sys/types.h>`
			`#include <sys/stat.h>`
			`#include <sys/param.h>`

			`#include "sudo.h"`

			`#ifndef STDC_HEADERS`
			`extern int stat __P((const char , struct stat ));`
			`#endif /* !STDC_HEADERS */`

more -Wall 1998-11-18 04:16:13 +00:00			`#ifndef lint`
add sudo tags 1999-01-17 23:16:20 +00:00			`static const char rcsid[] = "$Sudo$";`
more -Wall 1998-11-18 04:16:13 +00:00			`#endif /* lint */`
Initial revision 1995-03-26 05:04:11 +00:00
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`/*`
			`* Verify that path is a normal file and executable by root.`
Initial revision 1995-03-26 05:04:11 +00:00			`*/`
Function names should be flush with the start of the line so they can be found trivially in an editor and with grep 1999-04-10 04:49:03 +00:00			`char *`
			`sudo_goodpath(path)`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`const char *path;`
Initial revision 1995-03-26 05:04:11 +00:00			`{`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`struct stat sb;`
			`int err;`
Initial revision 1995-03-26 05:04:11 +00:00
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`/* Check for brain damage */`
Initial revision 1995-03-26 05:04:11 +00:00			`if (path == NULL \|\| path[0] == '\0')`
			`return(NULL);`

BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`/* Do the stat() as root. */`
++version 1996-10-07 05:05:33 +00:00			`set_perms(PERM_ROOT, 0);`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`err = stat(path, &sb);`
++version 1996-10-07 05:05:33 +00:00			`set_perms(PERM_USER, 0);`
Initial revision 1995-03-26 05:04:11 +00:00
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`/* stat() failed */`
fixed negation problem (doh!) 1995-09-01 04:49:48 +00:00			`if (err)`
now set errno to EACCES if not a regular file or not executable 1995-09-01 04:05:55 +00:00			`return(NULL);`

BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00			`/* Make sure path describes an executable regular file. */`
			`if (!S_ISREG(sb.st_mode) \|\| !(sb.st_mode & 0000111)) {`
now set errno to EACCES if not a regular file or not executable 1995-09-01 04:05:55 +00:00			`errno = EACCES;`
Initial revision 1995-03-26 05:04:11 +00:00			`return(NULL);`
now set errno to EACCES if not a regular file or not executable 1995-09-01 04:05:55 +00:00			`}`
BSD-style copyright, cosmetic changes 1999-07-22 12:49:28 +00:00
			`return((char *)path);`
Initial revision 1995-03-26 05:04:11 +00:00			`}`