aboutsummaryrefslogtreecommitdiff
path: root/nix
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-05-19 08:02:52 +0200
committerLudovic Courtès <ludo@gnu.org>2015-05-19 16:09:58 +0200
commita88b8c5c985a87586159c0621974a1dfe5b9b92d (patch)
treede07afac97f3f3061bd75a13e83576f48284c225 /nix
parente53fc0c8a33b1ea4f8503aca899da34ff9ebaa3c (diff)
downloadguix-a88b8c5c985a87586159c0621974a1dfe5b9b92d.tar.gz
guix-a88b8c5c985a87586159c0621974a1dfe5b9b92d.zip
Revert "daemon: Fix possible use-after-free."
This reverts commit 1303a4a4517260def862ce7fe97e6b28dd8005e1.
Diffstat (limited to 'nix')
-rw-r--r--nix/libstore/build.cc29
-rw-r--r--nix/libutil/util.cc20
-rw-r--r--nix/libutil/util.hh5
3 files changed, 28 insertions, 26 deletions
diff --git a/nix/libstore/build.cc b/nix/libstore/build.cc
index b3c994d6de..f38cd29940 100644
--- a/nix/libstore/build.cc
+++ b/nix/libstore/build.cc
@@ -401,6 +401,18 @@ static void commonChildInit(Pipe & logPipe)
}
+/* Convert a string list to an array of char pointers. Careful: the
+ string list should outlive the array. */
+const char * * strings2CharPtrs(const Strings & ss)
+{
+ const char * * arr = new const char * [ss.size() + 1];
+ const char * * p = arr;
+ foreach (Strings::const_iterator, i, ss) *p++ = i->c_str();
+ *p = 0;
+ return arr;
+}
+
+
/* Restore default handling of SIGPIPE, otherwise some programs will
randomly say "Broken pipe". */
static void restoreSIGPIPE()
@@ -2123,7 +2135,11 @@ void DerivationGoal::initChild()
Strings envStrs;
foreach (Environment::const_iterator, i, env)
envStrs.push_back(rewriteHashes(i->first + "=" + i->second, rewritesToTmp));
- std::vector<const char *> envArr = stringsToCharPtrs(envStrs);
+ const char * * envArr = strings2CharPtrs(envStrs);
+
+ Path program = drv.builder.c_str();
+ std::vector<const char *> args; /* careful with c_str()! */
+ string user; /* must be here for its c_str()! */
/* If we are running in `build-users' mode, then switch to the
user we allocated above. Make sure that we drop all root
@@ -2149,18 +2165,17 @@ void DerivationGoal::initChild()
}
/* Fill in the arguments. */
- Strings args;
string builderBasename = baseNameOf(drv.builder);
args.push_back(builderBasename.c_str());
foreach (Strings::iterator, i, drv.args)
- args.push_back(rewriteHashes(*i, rewritesToTmp));
- std::vector<const char *> argArr = stringsToCharPtrs(args);
+ args.push_back(rewriteHashes(*i, rewritesToTmp).c_str());
+ args.push_back(0);
restoreSIGPIPE();
/* Execute the program. This should not return. */
inSetup = false;
- execve(drv.builder.c_str(), (char * *) &argArr[0], (char * *) &envArr[0]);
+ execve(program.c_str(), (char * *) &args[0], (char * *) envArr);
throw SysError(format("executing `%1%'") % drv.builder);
@@ -2763,7 +2778,7 @@ void SubstitutionGoal::tryToRun()
args.push_back("--substitute");
args.push_back(storePath);
args.push_back(destPath);
- std::vector<const char *> argArr = stringsToCharPtrs(args);
+ const char * * argArr = strings2CharPtrs(args);
/* Fork the substitute program. */
pid = maybeVfork();
@@ -2781,7 +2796,7 @@ void SubstitutionGoal::tryToRun()
if (dup2(outPipe.writeSide, STDOUT_FILENO) == -1)
throw SysError("cannot dup output pipe into stdout");
- execv(sub.c_str(), (char * *) &argArr[0]);
+ execv(sub.c_str(), (char * *) argArr);
throw SysError(format("executing `%1%'") % sub);
diff --git a/nix/libutil/util.cc b/nix/libutil/util.cc
index 024cea83d1..846674a29d 100644
--- a/nix/libutil/util.cc
+++ b/nix/libutil/util.cc
@@ -852,20 +852,16 @@ void killUser(uid_t uid)
//////////////////////////////////////////////////////////////////////
-std::vector<const char *> stringsToCharPtrs(const Strings & ss)
-{
- std::vector<const char *> res;
- foreach (Strings::const_iterator, i, ss)
- res.push_back(i->c_str());
- res.push_back(0);
- return res;
-}
-
-
string runProgram(Path program, bool searchPath, const Strings & args)
{
checkInterrupt();
+ std::vector<const char *> cargs; /* careful with c_str()! */
+ cargs.push_back(program.c_str());
+ for (Strings::const_iterator i = args.begin(); i != args.end(); ++i)
+ cargs.push_back(i->c_str());
+ cargs.push_back(0);
+
/* Create a pipe. */
Pipe pipe;
pipe.create();
@@ -884,10 +880,6 @@ string runProgram(Path program, bool searchPath, const Strings & args)
if (dup2(pipe.writeSide, STDOUT_FILENO) == -1)
throw SysError("dupping stdout");
- Strings args_(args);
- args_.push_front(program);
- auto cargs = stringsToCharPtrs(args_);
-
if (searchPath)
execvp(program.c_str(), (char * *) &cargs[0]);
else
diff --git a/nix/libutil/util.hh b/nix/libutil/util.hh
index a70981877b..ce2d77c19a 100644
--- a/nix/libutil/util.hh
+++ b/nix/libutil/util.hh
@@ -257,11 +257,6 @@ void killUser(uid_t uid);
string runProgram(Path program, bool searchPath = false,
const Strings & args = Strings());
-/* Convert a list of strings to a null-terminated vector of char
- *'s. The result must not be accessed beyond the lifetime of the
- list of strings. */
-std::vector<const char *> stringsToCharPtrs(const Strings & ss);
-
/* Close all file descriptors except stdin, stdout, stderr, and those
listed in the given set. Good practice in child processes. */
void closeMostFDs(const set<int> & exceptions);
Add a recipe for running Guix System on a Kimsufi server.Thomas Ieong * doc/guix-cookbook.texi (Running Guix on a Kimsufi Server): New section. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> 2023-09-01doc: cookbook: Document the configuration of a Yubikey with KeePassXC.Maxim Cournoyer * doc/guix-cookbook.texi (Using security keys) [Requiring a Yubikey to open a KeePassXC database]: New subsection. Series-to: 65354@debbugs.gnu.org 2023-08-25image: Add mbr-raw-image-type and use by default.Josselin Poiret * gnu/system/image.scm (mbr-disk-image, mbr-raw-image-type): New variables. (qcow2-image-type): Inherit mbr-disk-image. * guix/scripts/system.scm (%default-options): Use mbr-raw-image-type by default. * gnu/tests/install.scm (run-install): Use mbr-raw in the tests. * doc/guix-cookbook.texi (Guix System Image API): Update the list of image types. * doc/guix.texi (Invoking guix system, System Images, image-type Reference): Add mbr-raw and switch documented default to it. 2023-08-17doc: cookbook: Document how to disable the Yubikey OTP application.Maxim Cournoyer * doc/guix-cookbook.texi (Using security keys) <Disabling OTP code generation for a Yubikey>: New subsection. Reviewed-by: John Kehayias <john.kehayias@protonmail.com> 2023-08-16doc: cookbook: Document a dynamic DNS update mcron job.Maxim Cournoyer * doc/guix-cookbook.texi (System Configuration) <Dynamic DNS mcron job>: New subsection. Reviewed-by: Ludovic Courtès <ludo@gnu.org> 2023-08-16doc: Update Cookbook Texinfo menus.Maxim Cournoyer Automated via C-c C-u C-a (M-x texinfo-all-menus-update) in Emacs. 2023-08-15doc: cookbook: Mention common SRFI-1 procedures.Ludovic Courtès * doc/guix-cookbook.texi (A Scheme Crash Course): Add item about SRFI-1. 2023-08-15doc: cookbook: Add 'use-modules' in gexp example.Ludovic Courtès * doc/guix-cookbook.texi (A Scheme Crash Course): Add 'use-modules' line in gexp example. 2023-08-15doc: cookbook: Link to "Package Modules".Ludovic Courtès * doc/guix-cookbook.texi (A Scheme Crash Course): Add link to "Package Modules". 2023-07-14doc: Mention gexps in the "Scheme Crash Course".Ludovic Courtès * doc/guix-cookbook.texi (A Scheme Crash Course): Add note on gexps. 2023-06-05doc: cookbook: Update example my-libgit2 package.Efraim Flashner * doc/guix-cookbook.texi (Packaging Tutorial): Improve the code quality of the example my-libgit2 package. 2023-06-04services: screen-locker-service-type: Configurable PAM and setuid.muradm screen-locker-service-type by default does both define PAM entry and make program setuid binary. Normally both methods are mutually exclusive, if binary has setuid set it does not really needs PAM, otherway around also similar, if PAM is enabled binary should not relay on setuid. Recent swaylock package now compiled with PAM support. When PAM support is compiled in, swaylock rejects executing if binary is also setuid program. This change turns screen-locker-configuration from strict PAM AND setuid to more flexible PAM AND/OR setuid. Allowing swaylock to be configured properly while supporting other screen locker preferences. * gnu/services/xorg.scm (screen-locker-configuration): Switch from define-record-type to define-configuration. [using-pam?]: New field to control PAM entry existence. [using-setuid?]: New field to control setuid binary existence. (screen-locker-pam-services): Should not make unix-pam-service if using-pam? is set to #f. (screen-locker-setuid-programs): Should not make program setuid program if using-setuid? is set to #f. (screen-locker-generate-doc): Internal function to generate configuration documentation. (screen-locker-service): Adapt to new screen-locker-configuration. * gnu/services/desktop.scm (desktop-services-for-system): Adapt to new screen-locker-configuration. * doc/guix.texi: Reflect new changes to screen-locker-configuration. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz> 2023-05-31nls: Update translations.Florian Pelz * doc/guix-cookbook.texi (Top): Mention Slovak. 2023-05-06doc: cookbook: Remove outdated section about GUIX_PACKAGE_PATH.Ludovic Courtès The section insisted on GUIX_PACKAGE_PATH, mentioned version 0.16, and didn't say much about channels, which made it look obsolete. * doc/guix-cookbook.texi (GUIX_PACKAGE_PATH): Remove section. (Guix channels): Rename to... (Channels): ... this. Merge most of the explanations previously in the GUIX_PACKAGE_PATH section. Say more about channels and add cross-references. 2023-01-09doc: cookbook: Add "Installing Guix on a Cluster" chapter.Ludovic Courtès This is derived from the article at <https://hpc.guix.info/blog/2017/11/installing-guix-on-a-cluster/>, with clarifications and updates. * doc/guix-cookbook.texi (Installing Guix on a Cluster): New chapter. 2023-01-06doc: cookbook: Remove 404 link to mitpress.mit.edu.Ludovic Courtès * doc/guix-cookbook.texi (A Scheme Crash Course): Remove 404 link to mitpress.mit.edu. 2022-11-27doc: cookbook: Fix commands in example.Florian Pelz Fixes <https://issues.guix.gnu.org/59463>. Reported by Luca Cirrottola <luca.cirrottola@inria.fr>. * doc/guix-cookbook.texi (Reproducible profiles): Make it work. 2022-11-24doc: Add a security keys section to the cookbook.Maxim Cournoyer * doc/guix-cookbook.texi (Top): Register new menu. (System Configuration): Likewise. (Using security keys): New section. 2022-11-06doc: cookbook: Add section on MPD with bluealsa.Ricardo Wurmus * doc/guix-cookbook.texi (Music Server with Bluetooth Audio): New section under System Configuration. 2022-11-06doc: cookbook: Update detailed menu for "System Configuration".Ricardo Wurmus * doc/guix-cookbook.texi: Update menu. 2022-10-13doc: Add chapter on containers to Cookbook.Ricardo Wurmus * doc/guix-cookbook.texi (Containers): New chapter.