diff options
| author | Ron Yorston <rmy@pobox.com> | 2024-03-07 14:34:22 +0000 |
|---|---|---|
| committer | Ron Yorston <rmy@pobox.com> | 2024-03-07 14:34:22 +0000 |
| commit | 3aef195c435771e43ccddb6226f8c98519e2b830 (patch) | |
| tree | 4cb0d19a759eb80a7e2a329ad1656694adf1c864 | |
| parent | f53b77dcfee44156aa2ead90748dca3df4c0b710 (diff) | |
| download | busybox-w32-3aef195c435771e43ccddb6226f8c98519e2b830.tar.gz busybox-w32-3aef195c435771e43ccddb6226f8c98519e2b830.tar.bz2 busybox-w32-3aef195c435771e43ccddb6226f8c98519e2b830.zip | |
su: handle restricted disk drivers
Certain tools which allow disk image files and RAM disks to be
mounted were found to lack a feature used to implement realpath(3).
This resulted in a segfault in the 'su' applet when it was run in
such a virtual filesystem.
'su' uses realpath(3) to canonicalise the current directory. This
is only really required to handle network shares mapped to a drive
letter. (GitHub issue #148)
- If the call to realpath(3) fails for some reason fall back to
using the current directory determined by calling getcwd(3).
- If getcwd(3) fails simply don't pass any directory to the shell
being started by 'su'.
Also, ensure all allocated memory is freed, if required.
(GitHub issue #389)
Adds 16-32 bytes.
| -rw-r--r-- | loginutils/suw32.c | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/loginutils/suw32.c b/loginutils/suw32.c index 240a692bc..89ccec220 100644 --- a/loginutils/suw32.c +++ b/loginutils/suw32.c | |||
| @@ -40,7 +40,7 @@ int suw32_main(int argc UNUSED_PARAM, char **argv) | |||
| 40 | unsigned opt; | 40 | unsigned opt; |
| 41 | char *opt_command = NULL; | 41 | char *opt_command = NULL; |
| 42 | SHELLEXECUTEINFO info; | 42 | SHELLEXECUTEINFO info; |
| 43 | char *bb_path, *cwd, *q, *args; | 43 | char *bb_path, *cwd, *realcwd, *q, *args; |
| 44 | DECLARE_PROC_ADDR(BOOL, ShellExecuteExA, SHELLEXECUTEINFOA *); | 44 | DECLARE_PROC_ADDR(BOOL, ShellExecuteExA, SHELLEXECUTEINFOA *); |
| 45 | 45 | ||
| 46 | opt = getopt32(argv, "c:NW", &opt_command); | 46 | opt = getopt32(argv, "c:NW", &opt_command); |
| @@ -74,11 +74,16 @@ int suw32_main(int argc UNUSED_PARAM, char **argv) | |||
| 74 | * a network share it may not be available once we have elevated | 74 | * a network share it may not be available once we have elevated |
| 75 | * privileges. | 75 | * privileges. |
| 76 | */ | 76 | */ |
| 77 | cwd = xmalloc_realpath(getcwd(NULL, 0)); | 77 | args = xasprintf("--busybox ash -t \"BusyBox ash (Admin)\""); |
| 78 | q = quote_arg(cwd); | 78 | |
| 79 | args = xasprintf("--busybox ash -d %s -t \"BusyBox ash (Admin)\"", q); | 79 | cwd = getcwd(NULL, 0); |
| 80 | free(q); | 80 | realcwd = cwd ? xmalloc_realpath(cwd) : NULL; |
| 81 | free(cwd); | 81 | if (realcwd || cwd) { |
| 82 | args = xappendword(args, "-d"); | ||
| 83 | q = quote_arg(realcwd ?: cwd); | ||
| 84 | args = xappendword(args, q); | ||
| 85 | free(q); | ||
| 86 | } | ||
| 82 | 87 | ||
| 83 | if (opt & OPT_N) | 88 | if (opt & OPT_N) |
| 84 | args = xappendword(args, "-N"); | 89 | args = xappendword(args, "-N"); |
| @@ -106,6 +111,13 @@ int suw32_main(int argc UNUSED_PARAM, char **argv) | |||
| 106 | if (!ShellExecuteExA(&info)) | 111 | if (!ShellExecuteExA(&info)) |
| 107 | return 1; | 112 | return 1; |
| 108 | 113 | ||
| 114 | if (ENABLE_FEATURE_CLEAN_UP) { | ||
| 115 | free(bb_path); | ||
| 116 | free(cwd); | ||
| 117 | free(realcwd); | ||
| 118 | free(args); | ||
| 119 | } | ||
| 120 | |||
| 109 | if (opt & OPT_W) { | 121 | if (opt & OPT_W) { |
| 110 | DWORD r; | 122 | DWORD r; |
| 111 | 123 | ||