2 * Copyright (c) 1996, 1998-2005, 2010-2013
3 * Todd C. Miller <Todd.Miller@courtesan.com>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * Sponsored in part by the Defense Advanced Research Projects
18 * Agency (DARPA) and Air Force Research Laboratory, Air Force
19 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
24 #include <sys/types.h>
34 #endif /* STDC_HEADERS */
37 #endif /* HAVE_STRING_H */
40 #endif /* HAVE_STRINGS_H */
43 #endif /* HAVE_UNISTD_H */
49 * This function finds the full pathname for a command and
50 * stores it in a statically allocated array, filling in a pointer
51 * to the array. Returns FOUND if the command was found, NOT_FOUND
52 * if it was not found, or NOT_FOUND_DOT if it would have been found
53 * but it is in '.' and IGNORE_DOT is set.
56 find_path(char *infile, char **outfile, struct stat *sbp, char *path,
59 static char command[PATH_MAX]; /* qualified filename */
60 char *n; /* for traversing path */
61 char *origpath; /* so we can free path later */
62 bool found = false; /* did we find the command? */
63 bool checkdot = false; /* check current dir? */
64 int len; /* length parameter */
65 debug_decl(find_path, SUDO_DEBUG_UTIL)
67 if (strlen(infile) >= PATH_MAX) {
73 * If we were given a fully qualified or relative path
74 * there is no need to look at $PATH.
76 if (strchr(infile, '/')) {
77 strlcpy(command, infile, sizeof(command)); /* paranoia */
78 if (sudo_goodpath(command, sbp)) {
80 debug_return_int(FOUND);
82 debug_return_int(NOT_FOUND);
86 debug_return_int(NOT_FOUND);
91 if ((n = strchr(path, ':')))
95 * Search current dir last if it is in PATH This will miss sneaky
96 * things like using './' or './/'
98 if (*path == '\0' || (*path == '.' && *(path + 1) == '\0')) {
105 * Resolve the path and exit the loop if found.
107 len = snprintf(command, sizeof(command), "%s/%s", path, infile);
108 if (len <= 0 || len >= sizeof(command)) {
109 errno = ENAMETOOLONG;
112 if ((found = sudo_goodpath(command, sbp)))
121 * Check current dir if dot was in the PATH
123 if (!found && checkdot) {
124 len = snprintf(command, sizeof(command), "./%s", infile);
125 if (len <= 0 || len >= sizeof(command)) {
126 errno = ENAMETOOLONG;
129 found = sudo_goodpath(command, sbp);
130 if (found && ignore_dot)
131 debug_return_int(NOT_FOUND_DOT);
136 debug_return_int(FOUND);
138 debug_return_int(NOT_FOUND);