2 * Copyright (c) 1996, 1998-2005 Todd C. Miller <Todd.Miller@courtesan.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 * Sponsored in part by the Defense Advanced Research Projects
17 * Agency (DARPA) and Air Force Research Laboratory, Air Force
18 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
23 #include <sys/types.h>
24 #include <sys/param.h>
34 #endif /* STDC_HEADERS */
38 # ifdef HAVE_STRINGS_H
41 #endif /* HAVE_STRING_H */
44 #endif /* HAVE_UNISTD_H */
49 __unused static const char rcsid[] = "$Sudo: find_path.c,v 1.115 2005/03/29 14:29:46 millert Exp $";
53 * This function finds the full pathname for a command and
54 * stores it in a statically allocated array, filling in a pointer
55 * to the array. Returns FOUND if the command was found, NOT_FOUND
56 * if it was not found, or NOT_FOUND_DOT if it would have been found
57 * but it is in '.' and IGNORE_DOT is set.
60 find_path(infile, outfile, sbp, path)
61 char *infile; /* file to find */
62 char **outfile; /* result parameter */
63 struct stat *sbp; /* stat result parameter */
64 char *path; /* path to search */
66 static char command[PATH_MAX]; /* qualified filename */
67 char *n; /* for traversing path */
68 char *origpath; /* so we can free path later */
69 char *result = NULL; /* result of path/file lookup */
70 int checkdot = 0; /* check current dir? */
71 int len; /* length parameter */
73 if (strlen(infile) >= PATH_MAX)
74 errorx(1, "%s: File name too long", infile);
77 * If we were given a fully qualified or relative path
78 * there is no need to look at $PATH.
80 if (strchr(infile, '/')) {
81 strlcpy(command, infile, sizeof(command)); /* paranoia */
82 if (sudo_goodpath(command, sbp)) {
89 /* Use PATH passed in unless SECURE_PATH is in effect. */
90 if (def_secure_path && !user_is_exempt())
91 path = def_secure_path;
92 else if (path == NULL)
98 if ((n = strchr(path, ':')))
102 * Search current dir last if it is in PATH This will miss sneaky
103 * things like using './' or './/'
105 if (*path == '\0' || (*path == '.' && *(path + 1) == '\0')) {
112 * Resolve the path and exit the loop if found.
114 len = snprintf(command, sizeof(command), "%s/%s", path, infile);
115 if (len <= 0 || len >= sizeof(command))
116 errorx(1, "%s: File name too long", infile);
117 if ((result = sudo_goodpath(command, sbp)))
126 * Check current dir if dot was in the PATH
128 if (!result && checkdot) {
129 result = sudo_goodpath(infile, sbp);
130 if (result && def_ignore_dot)
131 return(NOT_FOUND_DOT);