File: bash.preinst.c

package info (click to toggle)
bash 4.4-5
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 36,372 kB
  • sloc: ansic: 103,485; sh: 7,655; yacc: 5,214; makefile: 4,357; perl: 4,227; asm: 48; awk: 23; sed: 16
file content (170 lines) | stat: -rw-r--r-- 4,514 bytes parent folder | download | duplicates (5)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
/*
 * This file is in the public domain.
 * You may freely use, modify, distribute, and relicense it.
 */

#include "bash.preinst.h"
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include <fcntl.h>

static void backup(const char *file, const char *dest)
{
	const char * const cmd[] = {"cp", "-dp", file, dest, NULL};
	if (exists(file))
		run(cmd);
}

static void force_symlink(const char *target, const char *link,
						const char *temp)
{
	/*
	 * Forcibly create a symlink to "target" from "link".
	 * This is performed in two stages with an
	 * intermediate temporary file because symlink(2) cannot
	 * atomically replace an existing file.
	 */
	if ((unlink(temp) && errno != ENOENT) ||
	    symlink(target, temp) ||
	    rename(temp, link))
		die_errno("cannot create symlink %s -> %s", link, target);
}

static void reset_diversion(const char *package, const char *file,
						const char *distrib)
{
	const char * const remove_old_diversion[] =
		{"dpkg-divert", "--package", "bash", "--remove", file, NULL};
	const char * const new_diversion[] =
		{"dpkg-divert", "--package", package,
		"--divert", distrib, "--add", file, NULL};
	run(remove_old_diversion);
	run(new_diversion);
}

static int has_binsh_line(FILE *file)
{
	char item[sizeof("/bin/sh\n")];

	while (fgets(item, sizeof(item), file)) {
		int ch;

		if (!memcmp(item, "/bin/sh\n", strlen("/bin/sh\n") + 1))
			return 1;
		if (strchr(item, '\n'))
			continue;

		/* Finish the line. */
		for (ch = 0; ch != '\n' && ch != EOF; ch = fgetc(file))
			; /* just reading */
		if (ch == EOF)
			break;
	}
	if (ferror(file))
		die_errno("cannot read pipe");
	return 0;
}

static int binsh_in_filelist(const char *package)
{
	const char * const cmd[] = {"dpkg-query", "-L", package, NULL};
	pid_t child;
	int sink;
	FILE *in;
	int found;

	/*
	 * dpkg -L $package 2>/dev/null | ...
	 *
	 * Redirection of stderr is for quieter output
	 * when $package is not installed.  If opening /dev/null
	 * fails, no problem; leave stderr alone in that case.
	 */
	sink = open("/dev/null", O_WRONLY);
	if (sink >= 0)
		set_cloexec(sink);
	in = spawn_pipe(&child, cmd, sink);

	/* ... | grep "^/bin/sh\$" */
	found = has_binsh_line(in);
	if (fclose(in))
		die_errno("cannot close read end of pipe");

	/*
	 * dpkg -L will error out if $package is not already installed.
	 *
	 * We stopped reading early if we found a match, so
	 * tolerate SIGPIPE in that case.
	 */
	wait_or_die(child, "dpkg-query -L", ERROR_OK |
						(found ? SIGPIPE_OK : 0));
	return found;
}

static int undiverted(const char *path)
{
	const char * const cmd[] =
		{"dpkg-divert", "--listpackage", path, NULL};
	pid_t child;
	char packagename[sizeof("bash\n")];
	size_t len;
	FILE *in = spawn_pipe(&child, cmd, -1);
	int diverted = 1;

	/* Is $path diverted by someone other than bash? */

	len = fread(packagename, 1, sizeof(packagename), in);
	if (ferror(in))
		die_errno("cannot read from dpkg-divert");
	if (len == 0)
		diverted = 0;	/* No diversion. */
	if (len == strlen("bash\n") && !memcmp(packagename, "bash\n", len))
		diverted = 0;	/* Diverted by bash. */

	if (fclose(in))
		die_errno("cannot close read end of pipe");
	wait_or_die(child, "dpkg-divert", ERROR_OK | SIGPIPE_OK);
	return !diverted;
}

int main(int argc, char *argv[])
{
	/* /bin/sh needs to point to a valid target. */

	if (access("/bin/sh", X_OK)) {
		backup("/bin/sh", "/bin/sh.distrib");
		backup("/usr/share/man/man1/sh.1.gz",
			"/usr/share/man/man1/sh.distrib.1.gz");

		force_symlink("bash", "/bin/sh", "/bin/sh.temp");
		force_symlink("bash.1.gz", "/usr/share/man/man1/sh.1.gz",
			"/usr/share/man/man1/sh.1.gz.temp");
	}
	if (!binsh_in_filelist("bash"))
		/* Ready. */
		return 0;

	/*
	 * In bash (<= 4.1-3), the bash package included symlinks for
	 * /bin/sh and the sh(1) manpage in its data.tar.
	 *
	 * Unless we are careful, unpacking the new version of bash
	 * will remove them.  So we tell dpkg that the files from bash
	 * to be removed are elsewhere, using a diversion on behalf of
	 * another package.
	 *
	 * Based on an idea by Michael Stone.
	 * “You're one sick individual.” -- Anthony Towns
	 * http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=85;bug=34717
	 */
	if (undiverted("/bin/sh"))
		reset_diversion("dash", "/bin/sh", "/bin/sh.distrib");
	if (undiverted("/usr/share/man/man1/sh.1.gz"))
		reset_diversion("dash", "/usr/share/man/man1/sh.1.gz",
				"/usr/share/man/man1/sh.distrib.1.gz");
	return 0;
}