| /* gspawn-win32-helper.c - Helper program for process launching on Win32. |
| * |
| * Copyright 2000 Red Hat, Inc. |
| * Copyright 2000 Tor Lillqvist |
| * |
| * SPDX-License-Identifier: LGPL-2.1-or-later |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General Public License |
| * along with this library; if not, see <http://www.gnu.org/licenses/>. |
| */ |
| |
| #include "config.h" |
| |
| #include <fcntl.h> |
| |
| #undef G_LOG_DOMAIN |
| #include "glib.h" |
| #define GSPAWN_HELPER |
| #include "gspawn-win32.c" /* For shared definitions */ |
| #include "glib/glib-private.h" |
| |
| |
| static void |
| write_err_and_exit (gint fd, |
| gintptr msg) |
| { |
| gintptr en = errno; |
| |
| write (fd, &msg, sizeof(gintptr)); |
| write (fd, &en, sizeof(gintptr)); |
| |
| _exit (1); |
| } |
| |
| #ifdef __GNUC__ |
| # ifndef _stdcall |
| # define _stdcall __attribute__((stdcall)) |
| # endif |
| #endif |
| |
| /* We build gspawn-win32-helper.exe as a Windows GUI application |
| * to avoid any temporarily flashing console windows in case |
| * the gspawn function is invoked by a GUI program. Thus, no main() |
| * but a WinMain(). |
| */ |
| |
| /* Copy of protect_argv that handles wchar_t strings */ |
| |
| static gint |
| protect_wargv (gint argc, |
| wchar_t **wargv, |
| wchar_t ***new_wargv) |
| { |
| gint i; |
| |
| *new_wargv = g_new (wchar_t *, argc+1); |
| |
| /* Quote each argv element if necessary, so that it will get |
| * reconstructed correctly in the C runtime startup code. Note that |
| * the unquoting algorithm in the C runtime is really weird, and |
| * rather different than what Unix shells do. See stdargv.c in the C |
| * runtime sources (in the Platform SDK, in src/crt). |
| * |
| * Note that a new_wargv[0] constructed by this function should |
| * *not* be passed as the filename argument to a _wspawn* or _wexec* |
| * family function. That argument should be the real file name |
| * without any quoting. |
| */ |
| for (i = 0; i < argc; i++) |
| { |
| wchar_t *p = wargv[i]; |
| wchar_t *q; |
| gint len = 0; |
| gint pre_bslash = 0; |
| gboolean need_dblquotes = FALSE; |
| while (*p) |
| { |
| if (*p == ' ' || *p == '\t') |
| need_dblquotes = TRUE; |
| /* estimate max len, assuming that all escapable characters will be escaped */ |
| if (*p == '"' || *p == '\\') |
| len += 2; |
| else |
| len += 1; |
| p++; |
| } |
| |
| q = (*new_wargv)[i] = g_new (wchar_t, len + need_dblquotes*2 + 1); |
| p = wargv[i]; |
| |
| if (need_dblquotes) |
| *q++ = '"'; |
| |
| /* Only quotes and backslashes preceding quotes are escaped: |
| * see "Parsing C Command-Line Arguments" at |
| * https://docs.microsoft.com/en-us/cpp/c-language/parsing-c-command-line-arguments |
| */ |
| while (*p) |
| { |
| if (*p == '"') |
| { |
| /* Add backslash for escaping quote itself */ |
| *q++ = '\\'; |
| /* Add backslash for every preceding backslash for escaping it */ |
| for (;pre_bslash > 0; --pre_bslash) |
| *q++ = '\\'; |
| } |
| |
| /* Count length of continuous sequence of preceding backslashes. */ |
| if (*p == '\\') |
| ++pre_bslash; |
| else |
| pre_bslash = 0; |
| |
| *q++ = *p; |
| p++; |
| } |
| |
| if (need_dblquotes) |
| { |
| /* Add backslash for every preceding backslash for escaping it, |
| * do NOT escape quote itself. |
| */ |
| for (;pre_bslash > 0; --pre_bslash) |
| *q++ = '\\'; |
| *q++ = '"'; |
| } |
| *q++ = '\0'; |
| } |
| (*new_wargv)[argc] = NULL; |
| |
| return argc; |
| } |
| |
| static int |
| checked_dup2 (int oldfd, int newfd, int report_fd) |
| { |
| if (oldfd == newfd) |
| return newfd; |
| |
| if (dup2 (oldfd, newfd) == -1) |
| write_err_and_exit (report_fd, CHILD_DUP_FAILED); |
| |
| return newfd; |
| } |
| |
| #ifndef HELPER_CONSOLE |
| int _stdcall |
| WinMain (struct HINSTANCE__ *hInstance, |
| struct HINSTANCE__ *hPrevInstance, |
| char *lpszCmdLine, |
| int nCmdShow) |
| #else |
| int |
| main (int ignored_argc, char **ignored_argv) |
| #endif |
| { |
| GHashTable *fds; /* (element-type int int) */ |
| int child_err_report_fd = -1; |
| int helper_sync_fd = -1; |
| int saved_stderr_fd = -1; |
| int i; |
| int fd; |
| int mode; |
| int maxfd = 2; |
| gintptr handle; |
| int saved_errno; |
| gintptr no_error = CHILD_NO_ERROR; |
| gint argv_zero_offset = ARG_PROGRAM; |
| wchar_t **new_wargv; |
| int argc; |
| char **argv; |
| wchar_t **wargv; |
| char c; |
| GWin32InvalidParameterHandler handler; |
| |
| /* Fetch the wide-char argument vector */ |
| wargv = CommandLineToArgvW (GetCommandLineW(), &argc); |
| |
| g_assert (argc >= ARG_COUNT); |
| |
| /* Convert unicode wargs to utf8 */ |
| argv = g_new(char *, argc + 1); |
| for (i = 0; i < argc; i++) |
| argv[i] = g_utf16_to_utf8(wargv[i], -1, NULL, NULL, NULL); |
| argv[i] = NULL; |
| |
| /* argv[ARG_CHILD_ERR_REPORT] is the file descriptor number onto |
| * which write error messages. |
| */ |
| child_err_report_fd = atoi (argv[ARG_CHILD_ERR_REPORT]); |
| maxfd = MAX (child_err_report_fd, maxfd); |
| |
| /* Hack to implement G_SPAWN_FILE_AND_ARGV_ZERO. If |
| * argv[ARG_CHILD_ERR_REPORT] is suffixed with a '#' it means we get |
| * the program to run and its argv[0] separately. |
| */ |
| if (argv[ARG_CHILD_ERR_REPORT][strlen (argv[ARG_CHILD_ERR_REPORT]) - 1] == '#') |
| argv_zero_offset++; |
| |
| /* argv[ARG_HELPER_SYNC] is the file descriptor number we read a |
| * byte that tells us it is OK to exit. We have to wait until the |
| * parent allows us to exit, so that the parent has had time to |
| * duplicate the process handle we sent it. Duplicating a handle |
| * from another process works only if that other process exists. |
| */ |
| helper_sync_fd = atoi (argv[ARG_HELPER_SYNC]); |
| maxfd = MAX (helper_sync_fd, maxfd); |
| |
| /* argv[ARG_STDIN..ARG_STDERR] are the file descriptor numbers that |
| * should be dup2'd to 0, 1 and 2. '-' if the corresponding fd |
| * should be left alone, and 'z' if it should be connected to the |
| * bit bucket NUL:. |
| */ |
| if (argv[ARG_STDIN][0] == '-') |
| ; /* Nothing */ |
| else if (argv[ARG_STDIN][0] == 'z') |
| { |
| fd = open ("NUL:", O_RDONLY); |
| checked_dup2 (fd, 0, child_err_report_fd); |
| } |
| else |
| { |
| fd = atoi (argv[ARG_STDIN]); |
| checked_dup2 (fd, 0, child_err_report_fd); |
| } |
| |
| if (argv[ARG_STDOUT][0] == '-') |
| ; /* Nothing */ |
| else if (argv[ARG_STDOUT][0] == 'z') |
| { |
| fd = open ("NUL:", O_WRONLY); |
| checked_dup2 (fd, 1, child_err_report_fd); |
| } |
| else |
| { |
| fd = atoi (argv[ARG_STDOUT]); |
| checked_dup2 (fd, 1, child_err_report_fd); |
| } |
| |
| /* GUI application do not necessarily have a stderr */ |
| if (_fileno (stderr) == 2) |
| { |
| saved_stderr_fd = GLIB_PRIVATE_CALL (g_win32_reopen_noninherited) ( |
| dup (2), _O_WRONLY, NULL); |
| if (saved_stderr_fd == -1) |
| write_err_and_exit (child_err_report_fd, CHILD_DUP_FAILED); |
| } |
| |
| maxfd = MAX (saved_stderr_fd, maxfd); |
| if (argv[ARG_STDERR][0] == '-') |
| ; /* Nothing */ |
| else if (argv[ARG_STDERR][0] == 'z') |
| { |
| fd = open ("NUL:", O_WRONLY); |
| checked_dup2 (fd, 2, child_err_report_fd); |
| } |
| else |
| { |
| fd = atoi (argv[ARG_STDERR]); |
| checked_dup2 (fd, 2, child_err_report_fd); |
| } |
| |
| /* argv[ARG_WORKING_DIRECTORY] is the directory in which to run the |
| * process. If "-", don't change directory. |
| */ |
| if (argv[ARG_WORKING_DIRECTORY][0] == '-' && |
| argv[ARG_WORKING_DIRECTORY][1] == 0) |
| ; /* Nothing */ |
| else if (_wchdir (wargv[ARG_WORKING_DIRECTORY]) < 0) |
| write_err_and_exit (child_err_report_fd, CHILD_CHDIR_FAILED); |
| |
| fds = g_hash_table_new (NULL, NULL); |
| if (argv[ARG_FDS][0] != '-') |
| { |
| gchar **fdsv = g_strsplit (argv[ARG_FDS], ",", -1); |
| gsize i; |
| |
| for (i = 0; fdsv[i]; i++) |
| { |
| char *endptr = NULL; |
| int sourcefd, targetfd; |
| gint64 val; |
| |
| val = g_ascii_strtoll (fdsv[i], &endptr, 10); |
| g_assert (val <= G_MAXINT32); |
| sourcefd = val; |
| g_assert (endptr != fdsv[i]); |
| g_assert (*endptr == ':'); |
| val = g_ascii_strtoll (endptr + 1, &endptr, 10); |
| targetfd = val; |
| g_assert (val <= G_MAXINT32); |
| g_assert (*endptr == '\0'); |
| |
| maxfd = MAX (maxfd, sourcefd); |
| maxfd = MAX (maxfd, targetfd); |
| |
| g_hash_table_insert (fds, GINT_TO_POINTER (targetfd), GINT_TO_POINTER (sourcefd)); |
| } |
| |
| g_strfreev (fdsv); |
| } |
| |
| maxfd++; |
| child_err_report_fd = checked_dup2 (child_err_report_fd, maxfd, child_err_report_fd); |
| maxfd++; |
| helper_sync_fd = checked_dup2 (helper_sync_fd, maxfd, child_err_report_fd); |
| if (saved_stderr_fd >= 0) |
| { |
| maxfd++; |
| saved_stderr_fd = checked_dup2 (saved_stderr_fd, maxfd, child_err_report_fd); |
| } |
| |
| { |
| GHashTableIter iter; |
| gpointer sourcefd, targetfd; |
| |
| g_hash_table_iter_init (&iter, fds); |
| while (g_hash_table_iter_next (&iter, &targetfd, &sourcefd)) |
| { |
| /* If we're doing remapping fd assignments, we need to handle |
| * the case where the user has specified e.g. 5 -> 4, 4 -> 6. |
| * We do this by duping all source fds, taking care to ensure the new |
| * fds are larger than any target fd to avoid introducing new conflicts. |
| */ |
| maxfd++; |
| checked_dup2 (GPOINTER_TO_INT (sourcefd), maxfd, child_err_report_fd); |
| g_hash_table_iter_replace (&iter, GINT_TO_POINTER (maxfd)); |
| } |
| |
| g_hash_table_iter_init (&iter, fds); |
| while (g_hash_table_iter_next (&iter, &targetfd, &sourcefd)) |
| checked_dup2 (GPOINTER_TO_INT (sourcefd), GPOINTER_TO_INT (targetfd), child_err_report_fd); |
| } |
| |
| g_hash_table_add (fds, GINT_TO_POINTER (child_err_report_fd)); |
| g_hash_table_add (fds, GINT_TO_POINTER (helper_sync_fd)); |
| if (saved_stderr_fd >= 0) |
| g_hash_table_add (fds, GINT_TO_POINTER (saved_stderr_fd)); |
| |
| /* argv[ARG_CLOSE_DESCRIPTORS] is "y" if file descriptors from 3 |
| * upwards should be closed |
| */ |
| GLIB_PRIVATE_CALL (g_win32_push_empty_invalid_parameter_handler) (&handler); |
| if (argv[ARG_CLOSE_DESCRIPTORS][0] == 'y') |
| for (i = 3; i < 1000; i++) /* FIXME real limit? */ |
| if (!g_hash_table_contains (fds, GINT_TO_POINTER (i))) |
| if (_get_osfhandle (i) != -1) |
| close (i); |
| GLIB_PRIVATE_CALL (g_win32_pop_invalid_parameter_handler) (&handler); |
| |
| /* We don't want our child to inherit the error report and |
| * helper sync fds. |
| */ |
| child_err_report_fd = GLIB_PRIVATE_CALL (g_win32_reopen_noninherited) ( |
| child_err_report_fd, _O_WRONLY, NULL); |
| helper_sync_fd = GLIB_PRIVATE_CALL (g_win32_reopen_noninherited) ( |
| helper_sync_fd, _O_RDONLY, NULL); |
| if (helper_sync_fd == -1) |
| write_err_and_exit (child_err_report_fd, CHILD_DUP_FAILED); |
| |
| /* argv[ARG_WAIT] is "w" to wait for the program to exit */ |
| if (argv[ARG_WAIT][0] == 'w') |
| mode = P_WAIT; |
| else |
| mode = P_NOWAIT; |
| |
| /* argv[ARG_USE_PATH] is "y" to use PATH, otherwise not */ |
| |
| /* argv[ARG_PROGRAM] is executable file to run, |
| * argv[argv_zero_offset]... is its argv. argv_zero_offset equals |
| * ARG_PROGRAM unless G_SPAWN_FILE_AND_ARGV_ZERO was used, in which |
| * case we have a separate executable name and argv[0]. |
| */ |
| |
| /* For the program name passed to spawnv(), don't use the quoted |
| * version. |
| */ |
| protect_wargv (argc - argv_zero_offset, wargv + argv_zero_offset, &new_wargv); |
| |
| if (argv[ARG_USE_PATH][0] == 'y') |
| handle = _wspawnvp (mode, wargv[ARG_PROGRAM], (const wchar_t **) new_wargv); |
| else |
| handle = _wspawnv (mode, wargv[ARG_PROGRAM], (const wchar_t **) new_wargv); |
| |
| saved_errno = errno; |
| |
| /* Some coverage warnings may be printed on stderr during this process exit. |
| * Remove redirection so that they would go to original stderr |
| * instead of being treated as part of stderr of child process. |
| */ |
| if (saved_stderr_fd >= 0) |
| dup2 (saved_stderr_fd, 2); |
| |
| if (handle == -1 && saved_errno != 0) |
| { |
| int ec = (saved_errno == ENOENT) |
| ? CHILD_SPAWN_NOENT |
| : CHILD_SPAWN_FAILED; |
| write_err_and_exit (child_err_report_fd, ec); |
| } |
| |
| write (child_err_report_fd, &no_error, sizeof (no_error)); |
| write (child_err_report_fd, &handle, sizeof (handle)); |
| |
| read (helper_sync_fd, &c, 1); |
| |
| LocalFree (wargv); |
| g_strfreev (argv); |
| g_hash_table_unref (fds); |
| |
| return 0; |
| } |