security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-05-24 16:43:28 +02:00
Code Activity

Fix use of GNUPG_PROCESS_DETACHED.

Browse Source 
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2023-04-17 14:10:00 +09:00
parent 5d8648e12d
commit df357a0335
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
5 changed files with 44 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
common/asshelp.c
View File

@ -524,10 +524,7 @@ start_new_service (assuan_context_t *r_ctx,
{ {
#ifdef HAVE_W32_SYSTEM #ifdef HAVE_W32_SYSTEM
err = gnupg_process_spawn (program? program : program_name, argv, err = gnupg_process_spawn (program? program : program_name, argv,
(GNUPG_PROCESS_DETACHED GNUPG_PROCESS_DETACHED,
|GNUPG_PROCESS_STDIN_NULL
|GNUPG_PROCESS_STDOUT_NULL
|GNUPG_PROCESS_STDERR_NULL),
NULL, NULL, NULL); NULL, NULL, NULL);
#else /*!W32*/ #else /*!W32*/
err = gnupg_process_spawn (program? program : program_name, argv, err = gnupg_process_spawn (program? program : program_name, argv,

43
common/exechelp-posix.c
View File

@ -1034,8 +1034,7 @@ my_exec (const char *pgmname, const char *argv[], struct spawn_cb_arg *sca)
} }
static gpg_err_code_t static gpg_err_code_t
spawn_detached (gnupg_process_t process, spawn_detached (const char *pgmname, const char *argv[],
const char *pgmname, const char *argv[],
void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg) void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
{ {
gpg_err_code_t ec; gpg_err_code_t ec;
@ -1044,7 +1043,6 @@ spawn_detached (gnupg_process_t process,
/* FIXME: Is this GnuPG specific or should we keep it. */ /* FIXME: Is this GnuPG specific or should we keep it. */
if (getuid() != geteuid()) if (getuid() != geteuid())
{ {
xfree (process);
xfree (argv); xfree (argv);
return GPG_ERR_BUG; return GPG_ERR_BUG;
} }
@ -1052,7 +1050,6 @@ spawn_detached (gnupg_process_t process,
if (access (pgmname, X_OK)) if (access (pgmname, X_OK))
{ {
ec = gpg_err_code_from_syserror (); ec = gpg_err_code_from_syserror ();
xfree (process);
xfree (argv); xfree (argv);
return ec; return ec;
} }
@ -1064,7 +1061,6 @@ spawn_detached (gnupg_process_t process,
{ {
ec = gpg_err_code_from_syserror (); ec = gpg_err_code_from_syserror ();
log_error (_("error forking process: %s\n"), gpg_strerror (ec)); log_error (_("error forking process: %s\n"), gpg_strerror (ec));
xfree (process);
xfree (argv); xfree (argv);
return ec; return ec;
} }
@ -1101,12 +1097,6 @@ spawn_detached (gnupg_process_t process,
else else
post_syscall (); post_syscall ();
process->pid = (pid_t)-1;
process->fd_in = -1;
process->fd_out = -1;
process->fd_err = -1;
process->wstatus = -1;
process->terminated = 1;
return 0; return 0;
} }
@ -1156,6 +1146,24 @@ gnupg_process_spawn (const char *pgmname, const char *argv1[],
for (i=0, j=1; argv1[i]; i++, j++) for (i=0, j=1; argv1[i]; i++, j++)
argv[j] = argv1[i]; argv[j] = argv1[i];
if ((flags & GNUPG_PROCESS_DETACHED))
{
if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
{
xfree (argv);
return GPG_ERR_INV_FLAG;
}
/* In detached case, it must be no R_PROCESS. */
if (r_process)
{
xfree (argv);
return GPG_ERR_INV_ARG;
}
return spawn_detached (pgmname, argv, spawn_cb, spawn_cb_arg);
}
process = xtrycalloc (1, sizeof (struct gnupg_process)); process = xtrycalloc (1, sizeof (struct gnupg_process));
if (process == NULL) if (process == NULL)
{ {
@ -1166,19 +1174,6 @@ gnupg_process_spawn (const char *pgmname, const char *argv1[],
process->pgmname = pgmname; process->pgmname = pgmname;
process->flags = flags; process->flags = flags;
if ((flags & GNUPG_PROCESS_DETACHED))
{
if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
{
xfree (process);
xfree (argv);
return GPG_ERR_INV_FLAG;
}
*r_process = process;
return spawn_detached (process, pgmname, argv, spawn_cb, spawn_cb_arg);
}
if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR)) if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR))
{ {
ec = do_create_socketpair (fd_in); ec = do_create_socketpair (fd_in);

48
common/exechelp-w32.c
View File

@ -1096,8 +1096,7 @@ post_syscall (void)
static gpg_err_code_t static gpg_err_code_t
spawn_detached (gnupg_process_t process, spawn_detached (const char *pgmname, char *cmdline,
const char *pgmname, char *cmdline,
void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg) void (*spawn_cb) (struct spawn_cb_arg *), void *spawn_cb_arg)
{ {
SECURITY_ATTRIBUTES sec_attr; SECURITY_ATTRIBUTES sec_attr;
@ -1113,7 +1112,6 @@ spawn_detached (gnupg_process_t process,
ec = gnupg_access (pgmname, X_OK); ec = gnupg_access (pgmname, X_OK);
if (ec) if (ec)
{ {
xfree (process);
xfree (cmdline); xfree (cmdline);
return ec; return ec;
} }
@ -1191,13 +1189,6 @@ spawn_detached (gnupg_process_t process,
CloseHandle (pi.hThread); CloseHandle (pi.hThread);
CloseHandle (pi.hProcess); CloseHandle (pi.hProcess);
process->hProcess = INVALID_HANDLE_VALUE;
process->hd_in = INVALID_HANDLE_VALUE;
process->hd_out = INVALID_HANDLE_VALUE;
process->hd_err = INVALID_HANDLE_VALUE;
process->exitcode = -1;
process->terminated = 1;
return 0; return 0;
} }
@ -1238,14 +1229,32 @@ gnupg_process_spawn (const char *pgmname, const char *argv[],
check_syscall_func (); check_syscall_func ();
if (r_process)
*r_process = NULL;
/* Build the command line. */ /* Build the command line. */
ec = build_w32_commandline (pgmname, argv, &cmdline); ec = build_w32_commandline (pgmname, argv, &cmdline);
if (ec) if (ec)
return ec; return ec;
if ((flags & GNUPG_PROCESS_DETACHED))
{
if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
{
xfree (cmdline);
return GPG_ERR_INV_FLAG;
}
/* In detached case, it must be no R_PROCESS. */
if (r_process)
{
xfree (cmdline);
return GPG_ERR_INV_ARG;
}
return spawn_detached (pgmname, cmdline, spawn_cb, spawn_cb_arg);
}
if (r_process)
*r_process = NULL;
process = xtrymalloc (sizeof (struct gnupg_process)); process = xtrymalloc (sizeof (struct gnupg_process));
if (process == NULL) if (process == NULL)
{ {
@ -1256,19 +1265,6 @@ gnupg_process_spawn (const char *pgmname, const char *argv[],
process->pgmname = pgmname; process->pgmname = pgmname;
process->flags = flags; process->flags = flags;
if ((flags & GNUPG_PROCESS_DETACHED))
{
if ((flags & GNUPG_PROCESS_STDFDS_SETTING))
{
xfree (process);
xfree (cmdline);
return GPG_ERR_INV_FLAG;
}
*r_process = process;
return spawn_detached (process, pgmname, cmdline, spawn_cb, spawn_cb_arg);
}
if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR)) if ((flags & GNUPG_PROCESS_STDINOUT_SOCKETPAIR))
{ {
xfree (process); xfree (process);

4
g13/be-encfs.c
View File

@ -82,9 +82,7 @@ run_umount_helper (const char *mountpoint)
args[2] = NULL; args[2] = NULL;
err = gnupg_process_spawn (pgmname, args, err = gnupg_process_spawn (pgmname, args,
(GNUPG_PROCESS_DETACHED | GNUPG_PROCESS_STDIN_NULL GNUPG_PROCESS_DETACHED,
| GNUPG_PROCESS_STDOUT_NULL
| GNUPG_PROCESS_STDERR_NULL),
NULL, NULL, NULL); NULL, NULL, NULL);
if (err) if (err)
log_error ("failed to run '%s': %s\n", log_error ("failed to run '%s': %s\n",

5
scd/app.c
View File

@ -2374,10 +2374,7 @@ report_change (int slot, int old_status, int cur_status)
fname = make_filename (gnupg_homedir (), "scd-event", NULL); fname = make_filename (gnupg_homedir (), "scd-event", NULL);
err = gnupg_process_spawn (fname, args, err = gnupg_process_spawn (fname, args,
(GNUPG_PROCESS_DETACHED GNUPG_PROCESS_DETACHED,
| GNUPG_PROCESS_STDIN_NULL
| GNUPG_PROCESS_STDOUT_NULL
| GNUPG_PROCESS_STDERR_NULL),
setup_env, envstr, NULL); setup_env, envstr, NULL);
if (err && gpg_err_code (err) != GPG_ERR_ENOENT) if (err && gpg_err_code (err) != GPG_ERR_ENOENT)
log_error ("failed to run event handler '%s': %s\n", log_error ("failed to run event handler '%s': %s\n",