diff --git a/backend/sandbox.js b/backend/sandbox.js index 9ba318c..b3f6deb 100644 --- a/backend/sandbox.js +++ b/backend/sandbox.js @@ -51,12 +51,15 @@ async function main() { } }); }); - const args = privilegedPty( - { uuid }, - bash( - `env L='${lang}' LANG_CONFIG=${quote( - JSON.stringify(langConfig) - )} bash --rcfile <(cat <<< ${quote(sandboxScript)})` + const args = [].concat.apply( + ["riju-pty", "-f"], + privilegedPty( + { uuid }, + bash( + `env L='${lang}' LANG_CONFIG=${quote( + JSON.stringify(langConfig) + )} bash --rcfile <(cat <<< ${quote(sandboxScript)})` + ) ) ); const proc = spawn(args[0], args.slice(1), { diff --git a/system/res/sentinel.bash b/system/res/sentinel.bash index c74b844..b92c9f1 100755 --- a/system/res/sentinel.bash +++ b/system/res/sentinel.bash @@ -2,7 +2,20 @@ set -euo pipefail -while read -t2 -a cmd; do +while read -t2 -r cmdline; do + cmd=(${cmdline}) + for (( i=0; i<${#cmd[@]}; i++ )); do + arg="${cmd[$i]}" + + arg="${arg}x" + arg="$(sed 's/+s/ /g' <<< "${arg}")" + arg="$(sed 's/+n/\n/g' <<< "${arg}")" + arg="$(sed 's/+t/\t/g' <<< "${arg}")" + arg="$(sed 's/+p/+/g' <<< "${arg}")" + arg="${arg%x}" + + cmd[$i]="${arg}" + done if (( "${#cmd[@]}" > 0 )); then case "${cmd[0]}" in ping) ;; diff --git a/system/src/riju-system-privileged.c b/system/src/riju-system-privileged.c index 64588d4..543ea46 100644 --- a/system/src/riju-system-privileged.c +++ b/system/src/riju-system-privileged.c @@ -1,4 +1,5 @@ #define _GNU_SOURCE +#include #include #include #include @@ -34,49 +35,37 @@ void die_with_usage() char *quoteArgs(int argc, char **cmdline) { - char **printfArgs = malloc(sizeof(char *) * (argc + 3)); - printfArgs[0] = "printf"; - printfArgs[1] = "%q "; - memcpy(printfArgs + 2, cmdline, sizeof(char *) * argc); - printfArgs[argc + 2] = NULL; - int fd[2]; - if (pipe(fd) < 0) - die("pipe failed"); - pid_t pid = fork(); - if (pid < 0) - die("fork failed"); - else if (pid == 0) { - if (dup2(fd[1], STDOUT_FILENO) < 0) - die("dup2 failed"); - if (close(fd[0]) < 0 || close(fd[1]) < 0) - die("close failed"); - execvp(printfArgs[0], printfArgs); - die("execvp failed"); - } - if (close(fd[1]) < 0) - die("close failed"); - char *buf = malloc(1024); - if (buf == NULL) - die("malloc failed"); - ssize_t len_allocated = 1024; - ssize_t len_total = 0; - ssize_t len_read; - while ((len_read = read(fd[0], buf + len_total, 1024)) > 0) { - len_total += len_read; - if (len_allocated - len_total < 1024) { - char *new_buf = malloc(len_allocated + 1024); - len_allocated += 1024; - if (new_buf == NULL) - die("malloc failed"); - memcpy(new_buf, buf, len_total); - free(buf); - buf = new_buf; + int orig_len = 0; + for (int i = 0; i < argc; ++i) + orig_len += strlen(cmdline[i]); + int quoted_len = orig_len * 2 + argc; + char *quoted = malloc(sizeof(char) * quoted_len); + char *quoted_ptr = quoted; + for (int i = 0; i < argc; ++i) { + for (char *ptr = cmdline[i]; *ptr != '\0'; ++ptr) { + if (*ptr == ' ') { + *(quoted_ptr++) = '+'; + *(quoted_ptr++) = 's'; + } else if (*ptr == '\n') { + *(quoted_ptr++) = '+'; + *(quoted_ptr++) = 'n'; + } else if (*ptr == '\t') { + *(quoted_ptr++) = '+'; + *(quoted_ptr++) = 't'; + } else if (*ptr == '+') { + *(quoted_ptr++) = '+'; + *(quoted_ptr++) = 'p'; + } else if (isprint(*ptr)) { + *(quoted_ptr++) = *ptr; + } else { + die("riju-system-privileged got non-printable char"); + } } + if (i < argc - 1) + *(quoted_ptr++) = ' '; } - if (len_read < 0) - die("read failed"); - buf[len_total] = '\0'; - return buf; + *(quoted_ptr++) = '\0'; + return quoted; } char *getUUID()