From: Todd C. Miller Date: Thu, 22 Jan 2004 17:14:18 +0000 (+0000) Subject: Alas, all the world does not go through execve(2). Many systems X-Git-Tag: SUDO_1_6_8~209 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4ad4ba174009e9df21ed0c5b7ddd96b6caf74241;p=sudo Alas, all the world does not go through execve(2). Many systems still have an execv(2) system call, Linux 2.6 provides fexecve(2) and it is not uncommon for libc to have underscore ('_') versions of the functions to be used internally by the library. Instead of stubbing all these out by hand, define a macro and let it do the work. Extra exec functions pointed out by Reznic Valery. --- diff --git a/sudo_noexec.c b/sudo_noexec.c index 72f790195..2a5080f0b 100644 --- a/sudo_noexec.c +++ b/sudo_noexec.c @@ -41,20 +41,33 @@ static const char rcsid[] = "$Sudo$"; #endif /* lint */ /* - * Dummy replacement for libc execve(2) + * Dummy versions of the execve() family of syscalls. We don't need + * to stub out all of them, just the ones that correspond to actual + * system calls (which varies by OS). Note that it is still possible + * to access the real syscalls via the syscall() interface but very + * few programs actually do that. */ -int -#ifdef __STDC__ -execve(const char *path, char *const argv[], char *const envp[]) -#else -execve(path, argv, envp) - const char *path; - char *const argv[]; - char *const envp[]; -#endif -{ - extern int errno; - errno = EACCES; - return(-1); +extern int errno; + +#define DUMMY(fn, args, atypes) \ +int \ +fn args \ + atypes \ +{ \ + errno = EACCES; \ + return(-1); \ } + +DUMMY(execve, (path, argv, envp), + const char *path; char *const argv[]; char *const envp[];) +DUMMY(_execve, (path, argv, envp), + const char *path; char *const argv[]; char *const envp[];) +DUMMY(execv, (path, argv, envp), + const char *path; char *const argv[];) +DUMMY(_execv, (path, argv, envp), + const char *path; char *const argv[];) +DUMMY(fexecve, (fd, argv, envp), + int fd; char *const argv[]; char *const envp[];) +DUMMY(_fexecve, (fd, argv, envp), + int fd; char *const argv[]; char *const envp[];)