Variant HHVM_FUNCTION(proc_open,
const String& cmd,
const Array& descriptorspec,
VRefParam pipesParam,
const String& cwd /* = null_string */,
const Variant& env /* = null_variant */,
const Variant& other_options /* = null_variant */) {
if (RuntimeOption::WhitelistExec && !check_cmd(cmd.data())) {
return false;
}
if (cmd.size() != strlen(cmd.c_str())) {
raise_warning("NULL byte detected. Possible attack");
return false;
}
Variant pipes(pipesParam, Variant::WithRefBind{});
std::vector<DescriptorItem> items;
std::string scwd = "";
if (!cwd.empty()) {
scwd = cwd.c_str();
} else if (!g_context->getCwd().empty()) {
scwd = g_context->getCwd().c_str();
}
Array enva;
if (env.isNull()) {
// Build out an environment that conceptually matches what we'd
// see if we were to iterate the environment and call getenv()
// for each name.
// Env vars defined in the hdf file go in first
for (const auto& envvar : RuntimeOption::EnvVariables) {
enva.set(String(envvar.first), String(envvar.second));
}
// global environment overrides the hdf
for (char **env = environ; env && *env; env++) {
char *p = strchr(*env, '=');
if (p) {
String name(*env, p - *env, CopyString);
String val(p + 1, CopyString);
enva.set(name, val);
}
}
// and then any putenv() changes take precedence
for (ArrayIter iter(g_context->getEnvs()); iter; ++iter) {
enva.set(iter.first(), iter.second());
}
} else {
enva = env.toArray();
}
pid_t child;
if (LightProcess::Available()) {
// light process available
// there is no need to do any locking, because the forking is delegated
// to the light process
if (!pre_proc_open(descriptorspec, items)) return false;
const int item_size = items.size();
std::vector<int> created;
created.reserve(item_size);
std::vector<int> intended;
intended.reserve(item_size);
for (int i = 0; i < item_size; i++) {
const auto& item = items[i];
created.push_back(item.childend);
intended.push_back(item.index);
}
std::vector<std::string> envs;
for (ArrayIter iter(enva); iter; ++iter) {
StringBuffer nvpair;
nvpair.append(iter.first().toString());
nvpair.append('=');
nvpair.append(iter.second().toString());
std::string tmp = nvpair.detach().c_str();
if (tmp.find('\n') == std::string::npos) {
envs.push_back(tmp);
}
}
child = LightProcess::proc_open(cmd.c_str(), created, intended,
scwd.c_str(), envs);
assert(child);
return post_proc_open(cmd, pipes, enva, items, child);
} else {
/* the unix way */
Lock lock(DescriptorItem::s_mutex);
if (!pre_proc_open(descriptorspec, items)) return false;
child = fork();
if (child) {
// the parent process
return post_proc_open(cmd, pipes, enva, items, child);
}
}
assert(child == 0);
/* this is the child process */
/* close those descriptors that we just opened for the parent stuff,
* dup new descriptors into required descriptors and close the original
* cruft */
for (auto& item : items) {
item.dupChild();
}
if (scwd.length() > 0 && chdir(scwd.c_str())) {
// chdir failed, the working directory remains unchanged
}
std::vector<String> senvs; // holding those char *
char **envp = build_envp(enva, senvs);
execle("/bin/sh", "sh", "-c", cmd.data(), NULL, envp);
free(envp);
_exit(127);
}
Variant HHVM_FUNCTION(proc_open,
const String& cmd,
const Array& descriptorspec,
VRefParam pipesParam,
const Variant& cwd /* = uninit_variant */,
const Variant& env /* = uninit_variant */,
const Variant& other_options /* = uninit_variant */) {
if (RuntimeOption::WhitelistExec && !check_cmd(cmd.data())) {
return false;
}
if (cmd.size() != strlen(cmd.c_str())) {
raise_warning("NULL byte detected. Possible attack");
return false;
}
Variant pipes(pipesParam, Variant::WithRefBind{});
std::vector<DescriptorItem> items;
std::string scwd = "";
if (!cwd.isNull() && cwd.isString() && !cwd.asCStrRef().empty()) {
scwd = cwd.asCStrRef().c_str();
} else if (!g_context->getCwd().empty()) {
scwd = g_context->getCwd().c_str();
}
Array enva;
if (env.isNull()) {
if (is_cli_mode()) {
enva = cli_env();
} else {
// Build out an environment that conceptually matches what we'd
// see if we were to iterate the environment and call getenv()
// for each name.
// Env vars defined in the hdf file go in first
for (const auto& envvar : RuntimeOption::EnvVariables) {
enva.set(String(envvar.first), String(envvar.second));
}
// global environment overrides the hdf
for (char **env = environ; env && *env; env++) {
char *p = strchr(*env, '=');
if (p) {
String name(*env, p - *env, CopyString);
String val(p + 1, CopyString);
enva.set(name, val);
}
}
}
// and then any putenv() changes take precedence
for (ArrayIter iter(g_context->getEnvs()); iter; ++iter) {
enva.set(iter.first(), iter.second());
}
} else {
enva = env.toArray();
}
#ifdef _WIN32
PROCESS_INFORMATION pi;
HANDLE childHandle;
STARTUPINFO si;
BOOL newprocok;
SECURITY_ATTRIBUTES security;
DWORD dwCreateFlags = 0;
char *command_with_cmd;
UINT old_error_mode;
char cur_cwd[MAXPATHLEN];
bool suppress_errors = false;
bool bypass_shell = false;
if (!other_options.isNull() && other_options.isArray()) {
auto arr = other_options.asCArrRef();
if (arr.exists(String("suppress_errors", CopyString), true)) {
auto v = arr[String("suppress_errors", CopyString)];
if ((v.isBoolean() && v.asBooleanVal()) ||
(v.isInteger() && v.asInt64Val())) {
suppress_errors = true;
}
}
if (arr.exists(String("bypass_shell", CopyString), true)) {
auto v = arr[String("bypass_shell", CopyString)];
if ((v.isBoolean() && v.asBooleanVal()) ||
(v.isInteger() && v.asInt64Val())) {
bypass_shell = true;
}
}
}
/* we use this to allow the child to inherit handles */
memset(&security, 0, sizeof(security));
security.nLength = sizeof(security);
security.bInheritHandle = true;
security.lpSecurityDescriptor = nullptr;
memset(&si, 0, sizeof(si));
si.cb = sizeof(si);
si.dwFlags = STARTF_USESTDHANDLES;
si.hStdInput = GetStdHandle(STD_INPUT_HANDLE);
si.hStdOutput = GetStdHandle(STD_OUTPUT_HANDLE);
si.hStdError = GetStdHandle(STD_ERROR_HANDLE);
if (!pre_proc_open(descriptorspec, items)) return false;
/* redirect stdin/stdout/stderr if requested */
for (size_t i = 0; i < items.size(); i++) {
switch (items[i].index) {
case 0:
si.hStdInput = items[i].childend;
break;
case 1:
si.hStdOutput = items[i].childend;
break;
case 2:
si.hStdError = items[i].childend;
break;
}
}
memset(&pi, 0, sizeof(pi));
if (suppress_errors) {
old_error_mode = SetErrorMode(
SEM_FAILCRITICALERRORS | SEM_NOGPFAULTERRORBOX);
}
dwCreateFlags = NORMAL_PRIORITY_CLASS;
if (!RuntimeOption::ServerExecutionMode()) {
dwCreateFlags |= CREATE_NO_WINDOW;
}
char *envp = build_envp(enva);
if (bypass_shell) {
newprocok = CreateProcess(
nullptr,
strdup(cmd.c_str()),
&security,
&security,
TRUE,
dwCreateFlags,
envp,
scwd.c_str(),
&si,
&pi);
} else {
std::string command_with = "cmd.exe /c ";
command_with += cmd.toCppString();
newprocok = CreateProcess(
nullptr,
strdup(command_with.c_str()),
&security,
&security,
TRUE,
dwCreateFlags,
envp,
scwd.c_str(),
&si,
&pi);
}
free(envp);
if (suppress_errors) {
SetErrorMode(old_error_mode);
}
if (newprocok == FALSE) {
DWORD dw = GetLastError();
char* msg;
FormatMessageA(
FORMAT_MESSAGE_ALLOCATE_BUFFER
| FORMAT_MESSAGE_FROM_SYSTEM
| FORMAT_MESSAGE_IGNORE_INSERTS,
nullptr,
dw,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPSTR)&msg,
0,
nullptr);
/* clean up all the descriptors */
for (size_t i = 0; i < items.size(); i++) {
CloseHandle(items[i].childend);
if (items[i].parentend) {
CloseHandle(items[i].parentend);
}
}
raise_warning("CreateProcess failed, error code - %u: %s", dw, msg);
LocalFree(msg);
return false;
}
childHandle = pi.hProcess;
DWORD child = pi.dwProcessId;
CloseHandle(pi.hThread);
return post_proc_open(cmd, pipes, enva, items, (pid_t)child, childHandle);
#else
pid_t child;
if (LightProcess::Available()) {
// light process available
// there is no need to do any locking, because the forking is delegated
// to the light process
if (!pre_proc_open(descriptorspec, items)) return false;
const int item_size = items.size();
std::vector<int> created;
created.reserve(item_size);
std::vector<int> intended;
intended.reserve(item_size);
for (int i = 0; i < item_size; i++) {
const auto& item = items[i];
created.push_back(item.childend);
intended.push_back(item.index);
}
std::vector<std::string> envs;
for (ArrayIter iter(enva); iter; ++iter) {
StringBuffer nvpair;
nvpair.append(iter.first().toString());
nvpair.append('=');
nvpair.append(iter.second().toString());
std::string tmp = nvpair.detach().c_str();
if (tmp.find('\n') == std::string::npos) {
envs.push_back(tmp);
}
}
child = LightProcess::proc_open(cmd.c_str(), created, intended,
scwd.c_str(), envs);
assert(child);
return post_proc_open(cmd, pipes, enva, items, child);
} else {
/* the unix way */
Lock lock(DescriptorItem::s_mutex);
if (!pre_proc_open(descriptorspec, items)) return false;
child = fork();
if (child) {
// the parent process
return post_proc_open(cmd, pipes, enva, items, child);
}
}
assert(child == 0);
/* this is the child process */
/* close those descriptors that we just opened for the parent stuff,
* dup new descriptors into required descriptors and close the original
* cruft */
for (auto& item : items) {
item.dupChild();
}
if (scwd.length() > 0 && chdir(scwd.c_str())) {
// chdir failed, the working directory remains unchanged
}
std::vector<String> senvs; // holding those char *
char **envp = build_envp(enva, senvs);
execle("/bin/sh", "sh", "-c", cmd.data(), nullptr, envp);
free(envp);
_exit(127);
#endif
}
