mirror of
https://github.com/sudo-project/sudo.git
synced 2025-08-22 01:49:11 +00:00
sudo_intercept.so: only replace execvpe() if it is present.
execvpe() is a GNU extension also found on *BSD (but not macOS).
This commit is contained in:
Todd C. Miller
parent
6d5f450a62
commit
3a4aec7a62
2
MANIFEST
2
MANIFEST
@ -1112,7 +1112,7 @@ src/exec_preload.c
|
||||
src/exec_pty.c
|
||||
src/get_pty.c
|
||||
src/hooks.c
|
||||
src/intercept.exp
|
||||
src/intercept.exp.in
|
||||
src/intercept.pb-c.c
|
||||
src/intercept.proto
|
||||
src/limits.c
|
||||
|
||||
22
configure
vendored
22
configure
vendored
@ -771,6 +771,7 @@ relay_dir
|
||||
logpath
|
||||
log_dir
|
||||
iolog_dir
|
||||
INTERCEPT_EXP
|
||||
FUZZ_LD
|
||||
FUZZ_ENGINE
|
||||
PPFILES
|
||||
@ -3555,6 +3556,7 @@ ac_config_headers="$ac_config_headers config.h pathnames.h"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#
|
||||
@ -3651,6 +3653,7 @@ COMPAT_EXP=
|
||||
SIGNAME=
|
||||
FUZZ_ENGINE=
|
||||
FUZZ_LD='$(CC)'
|
||||
INTERCEPT_EXP=
|
||||
WEAK_ALIAS=no
|
||||
CHECKSHADOW=true
|
||||
shadow_funcs=
|
||||
@ -20964,6 +20967,22 @@ done
|
||||
|
||||
|
||||
|
||||
for ac_func in execvpe
|
||||
do :
|
||||
ac_fn_c_check_func "$LINENO" "execvpe" "ac_cv_func_execvpe"
|
||||
if test "x$ac_cv_func_execvpe" = xyes
|
||||
then :
|
||||
printf "%s\n" "#define HAVE_EXECVPE 1" >>confdefs.h
|
||||
|
||||
for _sym in execvpe; do
|
||||
INTERCEPT_EXP="${INTERCEPT_EXP}${_sym}
|
||||
"
|
||||
done
|
||||
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
for ac_func in pread
|
||||
do :
|
||||
ac_fn_c_check_func "$LINENO" "pread" "ac_cv_func_pread"
|
||||
@ -30976,7 +30995,7 @@ elif test X"$TMPFILES_D" != X""; then
|
||||
|
||||
fi
|
||||
|
||||
ac_config_files="$ac_config_files Makefile doc/Makefile examples/Makefile examples/sudo.conf include/Makefile lib/eventlog/Makefile lib/fuzzstub/Makefile lib/iolog/Makefile lib/logsrv/Makefile lib/protobuf-c/Makefile lib/util/Makefile lib/util/util.exp logsrvd/Makefile src/sudo_usage.h src/Makefile plugins/audit_json/Makefile plugins/sample/Makefile plugins/group_file/Makefile plugins/sample_approval/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers"
|
||||
ac_config_files="$ac_config_files Makefile doc/Makefile examples/Makefile examples/sudo.conf include/Makefile lib/eventlog/Makefile lib/fuzzstub/Makefile lib/iolog/Makefile lib/logsrv/Makefile lib/protobuf-c/Makefile lib/util/Makefile lib/util/util.exp logsrvd/Makefile src/intercept.exp src/sudo_usage.h src/Makefile plugins/audit_json/Makefile plugins/sample/Makefile plugins/group_file/Makefile plugins/sample_approval/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers"
|
||||
|
||||
|
||||
cat >confcache <<\_ACEOF
|
||||
@ -31980,6 +31999,7 @@ do
|
||||
"lib/util/Makefile") CONFIG_FILES="$CONFIG_FILES lib/util/Makefile" ;;
|
||||
"lib/util/util.exp") CONFIG_FILES="$CONFIG_FILES lib/util/util.exp" ;;
|
||||
"logsrvd/Makefile") CONFIG_FILES="$CONFIG_FILES logsrvd/Makefile" ;;
|
||||
"src/intercept.exp") CONFIG_FILES="$CONFIG_FILES src/intercept.exp" ;;
|
||||
"src/sudo_usage.h") CONFIG_FILES="$CONFIG_FILES src/sudo_usage.h" ;;
|
||||
"src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;;
|
||||
"plugins/audit_json/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/audit_json/Makefile" ;;
|
||||
|
||||
@ -126,6 +126,7 @@ AC_SUBST([LIBLOGSRV])
|
||||
AC_SUBST([PPFILES])
|
||||
AC_SUBST([FUZZ_ENGINE])
|
||||
AC_SUBST([FUZZ_LD])
|
||||
AC_SUBST([INTERCEPT_EXP])
|
||||
|
||||
dnl
|
||||
dnl Variables that get substituted in docs (not overridden by environment)
|
||||
@ -271,6 +272,7 @@ COMPAT_EXP=
|
||||
SIGNAME=
|
||||
FUZZ_ENGINE=
|
||||
FUZZ_LD='$(CC)'
|
||||
INTERCEPT_EXP=
|
||||
dnl
|
||||
dnl Other variables
|
||||
dnl
|
||||
@ -2543,6 +2545,7 @@ dnl
|
||||
AC_FUNC_GETGROUPS
|
||||
AC_FUNC_FSEEKO
|
||||
AC_CHECK_FUNCS_ONCE([fexecve fmemopen killpg nl_langinfo faccessat wordexp getauxval])
|
||||
AC_CHECK_FUNCS([execvpe], [SUDO_APPEND_INTERCEPT_EXP(execvpe)])
|
||||
AC_CHECK_FUNCS([pread], [
|
||||
# pread/pwrite on 32-bit HP-UX 11.x may not support large files
|
||||
case "$host_os" in
|
||||
@ -4895,7 +4898,7 @@ elif test X"$TMPFILES_D" != X""; then
|
||||
AC_CONFIG_FILES([etc/init.d/sudo.conf])
|
||||
fi
|
||||
|
||||
AC_CONFIG_FILES([Makefile doc/Makefile examples/Makefile examples/sudo.conf include/Makefile lib/eventlog/Makefile lib/fuzzstub/Makefile lib/iolog/Makefile lib/logsrv/Makefile lib/protobuf-c/Makefile lib/util/Makefile lib/util/util.exp logsrvd/Makefile src/sudo_usage.h src/Makefile plugins/audit_json/Makefile plugins/sample/Makefile plugins/group_file/Makefile plugins/sample_approval/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers])
|
||||
AC_CONFIG_FILES([Makefile doc/Makefile examples/Makefile examples/sudo.conf include/Makefile lib/eventlog/Makefile lib/fuzzstub/Makefile lib/iolog/Makefile lib/logsrv/Makefile lib/protobuf-c/Makefile lib/util/Makefile lib/util/util.exp logsrvd/Makefile src/intercept.exp src/sudo_usage.h src/Makefile plugins/audit_json/Makefile plugins/sample/Makefile plugins/group_file/Makefile plugins/sample_approval/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers])
|
||||
|
||||
AC_OUTPUT
|
||||
|
||||
|
||||
11
m4/sudo.m4
11
m4/sudo.m4
@ -504,6 +504,17 @@ AC_DEFUN([SUDO_APPEND_COMPAT_EXP], [
|
||||
done
|
||||
])
|
||||
|
||||
dnl
|
||||
dnl
|
||||
dnl Append one or more symbols to INTERCEPT_EXP
|
||||
dnl
|
||||
AC_DEFUN([SUDO_APPEND_INTERCEPT_EXP], [
|
||||
for _sym in $1; do
|
||||
INTERCEPT_EXP="${INTERCEPT_EXP}${_sym}
|
||||
"
|
||||
done
|
||||
])
|
||||
|
||||
dnl
|
||||
dnl Determine the mail spool location
|
||||
dnl NOTE: must be run *after* check for paths.h
|
||||
|
||||
@ -117,7 +117,7 @@ install_gid = 0
|
||||
# File extension, mode and map file to use for shared libraries/objects
|
||||
shlib_enable = @SHLIB_ENABLE@
|
||||
shlib_mode = @SHLIB_MODE@
|
||||
shlib_exp = $(srcdir)/intercept.exp
|
||||
shlib_exp = ./intercept.exp
|
||||
shlib_map = intercept.map
|
||||
shlib_opt = intercept.opt
|
||||
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
execl
|
||||
@INTERCEPT_EXP@execl
|
||||
execle
|
||||
execlp
|
||||
execv
|
||||
execve
|
||||
execvp
|
||||
execvpe
|
||||
@ -241,11 +241,13 @@ my_execv(const char *cmnd, char * const argv[])
|
||||
return execve(cmnd, argv, environ);
|
||||
}
|
||||
|
||||
#ifdef HAVE_EXECVPE
|
||||
static int
|
||||
my_execvpe(const char *cmnd, char * const argv[], char * const envp[])
|
||||
{
|
||||
return exec_wrapper(cmnd, argv, envp, true);
|
||||
}
|
||||
#endif
|
||||
|
||||
static int
|
||||
my_execvp(const char *cmnd, char * const argv[])
|
||||
@ -298,7 +300,9 @@ __attribute__((__section__("__DATA,__interpose"))) = {
|
||||
{ (void *)my_execv, (void *)execv },
|
||||
{ (void *)my_execve, (void *)execve },
|
||||
{ (void *)my_execvp, (void *)execvp },
|
||||
#ifdef HAVE_EXECVPE
|
||||
{ (void *)my_execvpe, (void *)execvpe }
|
||||
#endif
|
||||
};
|
||||
|
||||
#else /* HAVE___INTERPOSE */
|
||||
@ -340,11 +344,13 @@ execv(const char *cmnd, char * const argv[])
|
||||
return execve(cmnd, argv, environ);
|
||||
}
|
||||
|
||||
#ifdef HAVE_EXECVPE
|
||||
sudo_dso_public int
|
||||
execvpe(const char *cmnd, char * const argv[], char * const envp[])
|
||||
{
|
||||
return exec_wrapper(cmnd, argv, envp, true);
|
||||
}
|
||||
#endif
|
||||
|
||||
sudo_dso_public int
|
||||
execvp(const char *cmnd, char * const argv[])
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user