2018-01-11 12:17:08 +00:00
|
|
|
/* Copyright (c) 2018 Pablo Marcos Oltra <pablo.marcos.oltra@gmail.com>
|
2017-12-06 13:37:47 +00:00
|
|
|
*
|
2018-01-11 12:17:08 +00:00
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
|
|
* in the Software without restriction, including without limitation the rights
|
|
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
|
|
* furnished to do so, subject to the following conditions:
|
2017-12-06 13:37:47 +00:00
|
|
|
*
|
2018-01-11 12:17:08 +00:00
|
|
|
* The above copyright notice and this permission notice shall be included in all
|
|
|
|
* copies or substantial portions of the Software.
|
2017-12-06 13:37:47 +00:00
|
|
|
*
|
2018-01-11 12:17:08 +00:00
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
|
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
|
|
* SOFTWARE.
|
2017-12-06 13:37:47 +00:00
|
|
|
*/
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
/*
|
|
|
|
* This exec.so library is intended to restore the environment of the AppImage's
|
|
|
|
* parent process. This is done to avoid library clashing of bundled libraries
|
|
|
|
* with external processes. e.g when running the web browser
|
|
|
|
*
|
|
|
|
* The intended usage is as follows:
|
|
|
|
*
|
|
|
|
* 1. This library is injected to the dynamic loader through LD_PRELOAD
|
|
|
|
* automatically in AppRun **only** if `usr/optional/exec.so` exists:
|
|
|
|
* e.g `LD_PRELOAD=$APPDIR/usr/optional/exec.so My.AppImage`
|
|
|
|
*
|
|
|
|
* 2. This library will intercept calls to new processes and will detect whether
|
|
|
|
* those calls are for binaries within the AppImage bundle or external ones.
|
|
|
|
*
|
|
|
|
* 3. In case it's an internal process, it will not change anything.
|
|
|
|
* In case it's an external process, it will restore the environment of
|
|
|
|
* the AppImage parent by reading `/proc/[pid]/environ`.
|
|
|
|
* This is the conservative approach taken.
|
|
|
|
*/
|
2017-12-06 13:37:47 +00:00
|
|
|
|
|
|
|
#define _GNU_SOURCE
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
#include "env.h"
|
2018-01-06 18:09:53 +00:00
|
|
|
#include "debug.h"
|
2018-01-06 09:27:32 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
#include <stdlib.h>
|
2017-12-06 13:37:47 +00:00
|
|
|
#include <unistd.h>
|
|
|
|
#include <dlfcn.h>
|
|
|
|
#include <string.h>
|
2018-01-11 12:17:08 +00:00
|
|
|
#include <errno.h>
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
typedef int (*execve_func_t)(const char *filename, char *const argv[], char *const envp[]);
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
#define MIN(X,Y) ((X) < (Y) ? (X) : (Y))
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
static const char* get_fullpath(const char *filename) {
|
|
|
|
// Try to get the canonical path in case it's a relative path or symbolic
|
|
|
|
// link. Otherwise, use which to get the fullpath of the binary
|
|
|
|
char *fullpath = canonicalize_file_name(filename);
|
|
|
|
DEBUG("filename %s, canonical path %s\n", filename, fullpath);
|
|
|
|
if (fullpath)
|
|
|
|
return fullpath;
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
return filename;
|
|
|
|
}
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
static int is_external_process(const char *filename) {
|
|
|
|
const char *appdir = getenv("APPDIR");
|
|
|
|
if (!appdir)
|
|
|
|
return 0;
|
|
|
|
DEBUG("APPDIR = %s\n", appdir);
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
return strncmp(filename, appdir, MIN(strlen(filename), strlen(appdir)));
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
static int exec_common(execve_func_t function, const char *filename, char* const argv[], char* const envp[]) {
|
|
|
|
const char *fullpath = get_fullpath(filename);
|
|
|
|
DEBUG("filename %s, fullpath %s\n", filename, fullpath);
|
|
|
|
char* const *env = envp;
|
|
|
|
if (is_external_process(fullpath)) {
|
|
|
|
DEBUG("External process detected. Restoring env vars from parent %d\n", getppid());
|
|
|
|
env = read_parent_env();
|
|
|
|
if (!env)
|
|
|
|
env = envp;
|
|
|
|
else
|
|
|
|
DEBUG("Error restoring env vars from parent\n");
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
2018-01-11 12:17:08 +00:00
|
|
|
int ret = function(filename, argv, env);
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
if (fullpath != filename)
|
|
|
|
free((char*)fullpath);
|
|
|
|
if (env != envp)
|
|
|
|
env_free(env);
|
2017-12-06 13:37:47 +00:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
int execve(const char *filename, char *const argv[], char *const envp[]) {
|
|
|
|
DEBUG("execve call hijacked: %s\n", filename);
|
|
|
|
execve_func_t execve_orig = dlsym(RTLD_NEXT, "execve");
|
|
|
|
if (!execve_orig)
|
|
|
|
DEBUG("Error getting execve original symbol: %s\n", strerror(errno));
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
return exec_common(execve_orig, filename, argv, envp);
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
int execv(const char *filename, char *const argv[]) {
|
|
|
|
DEBUG("execv call hijacked: %s\n", filename);
|
|
|
|
return execve(filename, argv, environ);
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
int execvpe(const char *filename, char *const argv[], char *const envp[]) {
|
|
|
|
DEBUG("execvpe call hijacked: %s\n", filename);
|
|
|
|
execve_func_t execve_orig = dlsym(RTLD_NEXT, "execvpe");
|
|
|
|
if (!execve_orig)
|
|
|
|
DEBUG("Error getting execvpe original symbol: %s\n", strerror(errno));
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
return exec_common(execve_orig, filename, argv, envp);
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
int execvp(const char *filename, char *const argv[]) {
|
|
|
|
DEBUG("execvp call hijacked: %s\n", filename);
|
|
|
|
return execvpe(filename, argv, environ);
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
#ifdef EXEC_TEST
|
|
|
|
int main(int argc, char *argv[]) {
|
|
|
|
putenv("APPIMAGE_CHECKRT_DEBUG=1");
|
|
|
|
DEBUG("EXEC TEST\n");
|
|
|
|
execv("./env_test", argv);
|
2017-12-06 13:37:47 +00:00
|
|
|
|
2018-01-11 12:17:08 +00:00
|
|
|
return 0;
|
2017-12-06 13:37:47 +00:00
|
|
|
}
|
2018-01-11 12:17:08 +00:00
|
|
|
#endif
|