summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/loader/interpreter.go
blob: 7249b8f305e6dd2d1fd20cb4ac729e6b605f73a9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
// Copyright 2018 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package loader

import (
	"bytes"
	"io"

	"gvisor.googlesource.com/gvisor/pkg/sentry/context"
	"gvisor.googlesource.com/gvisor/pkg/sentry/fs"
	"gvisor.googlesource.com/gvisor/pkg/sentry/usermem"
	"gvisor.googlesource.com/gvisor/pkg/syserror"
)

const (
	// interpreterScriptMagic identifies an interpreter script.
	interpreterScriptMagic = "#!"

	// interpMaxLineLength is the maximum length for the first line of an
	// interpreter script.
	//
	// From execve(2): "A maximum line length of 127 characters is allowed
	// for the first line in a #! executable shell script."
	interpMaxLineLength = 127
)

// parseInterpreterScript returns the interpreter path and argv.
func parseInterpreterScript(ctx context.Context, filename string, f *fs.File, argv, envv []string) (newpath string, newargv []string, err error) {
	line := make([]byte, interpMaxLineLength)
	n, err := readFull(ctx, f, usermem.BytesIOSequence(line), 0)
	// Short read is OK.
	if err != nil && err != io.ErrUnexpectedEOF {
		if err == io.EOF {
			err = syserror.ENOEXEC
		}
		return "", []string{}, err
	}
	line = line[:n]

	if !bytes.Equal(line[:2], []byte(interpreterScriptMagic)) {
		return "", []string{}, syserror.ENOEXEC
	}
	// Ignore #!.
	line = line[2:]

	// Ignore everything after newline.
	// Linux silently truncates the remainder of the line if it exceeds
	// interpMaxLineLength.
	i := bytes.IndexByte(line, '\n')
	if i > 0 {
		line = line[:i]
	}

	// Skip any whitespace before the interpeter.
	line = bytes.TrimLeft(line, " \t")

	// Linux only looks for a space or tab delimiting the interpreter and
	// arg.
	//
	// execve(2): "On Linux, the entire string following the interpreter
	// name is passed as a single argument to the interpreter, and this
	// string can include white space."
	interp := line
	var arg []byte
	i = bytes.IndexAny(line, " \t")
	if i >= 0 {
		interp = line[:i]
		if i+1 < len(line) {
			arg = line[i+1:]
		}
	}

	if string(interp) == "" {
		ctx.Infof("Interpreter script contains no interpreter: %v", line)
		return "", []string{}, syserror.ENOEXEC
	}

	// Build the new argument list:
	//
	// 1. The interpreter.
	newargv = append(newargv, string(interp))

	// 2. The optional interpreter argument.
	if len(arg) > 0 {
		newargv = append(newargv, string(arg))
	}

	// 3. The original arguments. The original argv[0] is replaced with the
	// full script filename.
	if len(argv) > 0 {
		argv[0] = filename
	} else {
		argv = []string{filename}
	}
	newargv = append(newargv, argv...)

	return string(interp), newargv, nil
}