1 /* gspawn-win32-helper.c - Helper program for process launching on Win32.
2 *
3 * Copyright 2000 Red Hat, Inc.
4 * Copyright 2000 Tor Lillqvist
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "config.h"
21
22 #include <fcntl.h>
23
24 /* For _CrtSetReportMode, we don't want Windows CRT (2005 and later)
25 * to terminate the process if a bad file descriptor is passed into
26 * _get_osfhandle(). This is necessary because we use _get_osfhandle()
27 * to check the validity of the fd before we try to call close() on
28 * it as attempting to close an invalid fd will cause the Windows CRT
29 * to abort() this program internally.
30 *
31 * Please see http://msdn.microsoft.com/zh-tw/library/ks2530z6%28v=vs.80%29.aspx
32 * for an explanation on this.
33 */
34 #if (defined (_MSC_VER) && _MSC_VER >= 1400)
35 #include <crtdbg.h>
36 #endif
37
38 #undef G_LOG_DOMAIN
39 #include "glib.h"
40 #define GSPAWN_HELPER
41 #include "gspawn-win32.c" /* For shared definitions */
42
43
44 static void
write_err_and_exit(gint fd,gintptr msg)45 write_err_and_exit (gint fd,
46 gintptr msg)
47 {
48 gintptr en = errno;
49
50 write (fd, &msg, sizeof(gintptr));
51 write (fd, &en, sizeof(gintptr));
52
53 _exit (1);
54 }
55
56 #ifdef __GNUC__
57 # ifndef _stdcall
58 # define _stdcall __attribute__((stdcall))
59 # endif
60 #endif
61
62 /* We build gspawn-win32-helper.exe as a Windows GUI application
63 * to avoid any temporarily flashing console windows in case
64 * the gspawn function is invoked by a GUI program. Thus, no main()
65 * but a WinMain().
66 */
67
68 /* Copy of protect_argv that handles wchar_t strings */
69
70 static gint
protect_wargv(gint argc,wchar_t ** wargv,wchar_t *** new_wargv)71 protect_wargv (gint argc,
72 wchar_t **wargv,
73 wchar_t ***new_wargv)
74 {
75 gint i;
76
77 *new_wargv = g_new (wchar_t *, argc+1);
78
79 /* Quote each argv element if necessary, so that it will get
80 * reconstructed correctly in the C runtime startup code. Note that
81 * the unquoting algorithm in the C runtime is really weird, and
82 * rather different than what Unix shells do. See stdargv.c in the C
83 * runtime sources (in the Platform SDK, in src/crt).
84 *
85 * Note that a new_wargv[0] constructed by this function should
86 * *not* be passed as the filename argument to a _wspawn* or _wexec*
87 * family function. That argument should be the real file name
88 * without any quoting.
89 */
90 for (i = 0; i < argc; i++)
91 {
92 wchar_t *p = wargv[i];
93 wchar_t *q;
94 gint len = 0;
95 gint pre_bslash = 0;
96 gboolean need_dblquotes = FALSE;
97 while (*p)
98 {
99 if (*p == ' ' || *p == '\t')
100 need_dblquotes = TRUE;
101 /* estimate max len, assuming that all escapable characters will be escaped */
102 if (*p == '"' || *p == '\\')
103 len += 2;
104 else
105 len += 1;
106 p++;
107 }
108
109 q = (*new_wargv)[i] = g_new (wchar_t, len + need_dblquotes*2 + 1);
110 p = wargv[i];
111
112 if (need_dblquotes)
113 *q++ = '"';
114
115 /* Only quotes and backslashes preceding quotes are escaped:
116 * see "Parsing C Command-Line Arguments" at
117 * https://docs.microsoft.com/en-us/cpp/c-language/parsing-c-command-line-arguments
118 */
119 while (*p)
120 {
121 if (*p == '"')
122 {
123 /* Add backslash for escaping quote itself */
124 *q++ = '\\';
125 /* Add backslash for every preceding backslash for escaping it */
126 for (;pre_bslash > 0; --pre_bslash)
127 *q++ = '\\';
128 }
129
130 /* Count length of continuous sequence of preceding backslashes. */
131 if (*p == '\\')
132 ++pre_bslash;
133 else
134 pre_bslash = 0;
135
136 *q++ = *p;
137 p++;
138 }
139
140 if (need_dblquotes)
141 {
142 /* Add backslash for every preceding backslash for escaping it,
143 * do NOT escape quote itself.
144 */
145 for (;pre_bslash > 0; --pre_bslash)
146 *q++ = '\\';
147 *q++ = '"';
148 }
149 *q++ = '\0';
150 }
151 (*new_wargv)[argc] = NULL;
152
153 return argc;
154 }
155
156 #if (defined (_MSC_VER) && _MSC_VER >= 1400)
157 /*
158 * This is the (empty) invalid parameter handler
159 * that is used for Visual C++ 2005 (and later) builds
160 * so that we can use this instead of the system automatically
161 * aborting the process.
162 *
163 * This is necessary as we use _get_oshandle() to check the validity
164 * of the file descriptors as we close them, so when an invalid file
165 * descriptor is passed into that function as we check on it, we get
166 * -1 as the result, instead of the gspawn helper program aborting.
167 *
168 * Please see http://msdn.microsoft.com/zh-tw/library/ks2530z6%28v=vs.80%29.aspx
169 * for an explanation on this.
170 */
171 extern void
172 myInvalidParameterHandler(const wchar_t *expression,
173 const wchar_t *function,
174 const wchar_t *file,
175 unsigned int line,
176 uintptr_t pReserved);
177 #endif
178
179
180 #ifndef HELPER_CONSOLE
181 int _stdcall
WinMain(struct HINSTANCE__ * hInstance,struct HINSTANCE__ * hPrevInstance,char * lpszCmdLine,int nCmdShow)182 WinMain (struct HINSTANCE__ *hInstance,
183 struct HINSTANCE__ *hPrevInstance,
184 char *lpszCmdLine,
185 int nCmdShow)
186 #else
187 int
188 main (int ignored_argc, char **ignored_argv)
189 #endif
190 {
191 int child_err_report_fd = -1;
192 int helper_sync_fd = -1;
193 int saved_stderr_fd = -1;
194 int i;
195 int fd;
196 int mode;
197 gintptr handle;
198 int saved_errno;
199 gintptr no_error = CHILD_NO_ERROR;
200 gint argv_zero_offset = ARG_PROGRAM;
201 wchar_t **new_wargv;
202 int argc;
203 char **argv;
204 wchar_t **wargv;
205 char c;
206
207 #if (defined (_MSC_VER) && _MSC_VER >= 1400)
208 /* set up our empty invalid parameter handler */
209 _invalid_parameter_handler oldHandler, newHandler;
210 newHandler = myInvalidParameterHandler;
211 oldHandler = _set_invalid_parameter_handler(newHandler);
212
213 /* Disable the message box for assertions. */
214 _CrtSetReportMode(_CRT_ASSERT, 0);
215 #endif
216
217 /* Fetch the wide-char argument vector */
218 wargv = CommandLineToArgvW (GetCommandLineW(), &argc);
219
220 g_assert (argc >= ARG_COUNT);
221
222 /* Convert unicode wargs to utf8 */
223 argv = g_new(char *, argc + 1);
224 for (i = 0; i < argc; i++)
225 argv[i] = g_utf16_to_utf8(wargv[i], -1, NULL, NULL, NULL);
226 argv[i] = NULL;
227
228 /* argv[ARG_CHILD_ERR_REPORT] is the file descriptor number onto
229 * which write error messages.
230 */
231 child_err_report_fd = atoi (argv[ARG_CHILD_ERR_REPORT]);
232
233 /* Hack to implement G_SPAWN_FILE_AND_ARGV_ZERO. If
234 * argv[ARG_CHILD_ERR_REPORT] is suffixed with a '#' it means we get
235 * the program to run and its argv[0] separately.
236 */
237 if (argv[ARG_CHILD_ERR_REPORT][strlen (argv[ARG_CHILD_ERR_REPORT]) - 1] == '#')
238 argv_zero_offset++;
239
240 /* argv[ARG_HELPER_SYNC] is the file descriptor number we read a
241 * byte that tells us it is OK to exit. We have to wait until the
242 * parent allows us to exit, so that the parent has had time to
243 * duplicate the process handle we sent it. Duplicating a handle
244 * from another process works only if that other process exists.
245 */
246 helper_sync_fd = atoi (argv[ARG_HELPER_SYNC]);
247
248 /* argv[ARG_STDIN..ARG_STDERR] are the file descriptor numbers that
249 * should be dup2'd to 0, 1 and 2. '-' if the corresponding fd
250 * should be left alone, and 'z' if it should be connected to the
251 * bit bucket NUL:.
252 */
253 if (argv[ARG_STDIN][0] == '-')
254 ; /* Nothing */
255 else if (argv[ARG_STDIN][0] == 'z')
256 {
257 fd = open ("NUL:", O_RDONLY);
258 if (fd != 0)
259 {
260 dup2 (fd, 0);
261 close (fd);
262 }
263 }
264 else
265 {
266 fd = atoi (argv[ARG_STDIN]);
267 if (fd != 0)
268 {
269 dup2 (fd, 0);
270 close (fd);
271 }
272 }
273
274 if (argv[ARG_STDOUT][0] == '-')
275 ; /* Nothing */
276 else if (argv[ARG_STDOUT][0] == 'z')
277 {
278 fd = open ("NUL:", O_WRONLY);
279 if (fd != 1)
280 {
281 dup2 (fd, 1);
282 close (fd);
283 }
284 }
285 else
286 {
287 fd = atoi (argv[ARG_STDOUT]);
288 if (fd != 1)
289 {
290 dup2 (fd, 1);
291 close (fd);
292 }
293 }
294
295 saved_stderr_fd = reopen_noninherited (dup (2), _O_WRONLY);
296 if (argv[ARG_STDERR][0] == '-')
297 ; /* Nothing */
298 else if (argv[ARG_STDERR][0] == 'z')
299 {
300 fd = open ("NUL:", O_WRONLY);
301 if (fd != 2)
302 {
303 dup2 (fd, 2);
304 close (fd);
305 }
306 }
307 else
308 {
309 fd = atoi (argv[ARG_STDERR]);
310 if (fd != 2)
311 {
312 dup2 (fd, 2);
313 close (fd);
314 }
315 }
316
317 /* argv[ARG_WORKING_DIRECTORY] is the directory in which to run the
318 * process. If "-", don't change directory.
319 */
320 if (argv[ARG_WORKING_DIRECTORY][0] == '-' &&
321 argv[ARG_WORKING_DIRECTORY][1] == 0)
322 ; /* Nothing */
323 else if (_wchdir (wargv[ARG_WORKING_DIRECTORY]) < 0)
324 write_err_and_exit (child_err_report_fd, CHILD_CHDIR_FAILED);
325
326 /* argv[ARG_CLOSE_DESCRIPTORS] is "y" if file descriptors from 3
327 * upwards should be closed
328 */
329 if (argv[ARG_CLOSE_DESCRIPTORS][0] == 'y')
330 for (i = 3; i < 1000; i++) /* FIXME real limit? */
331 if (i != child_err_report_fd && i != helper_sync_fd && i != saved_stderr_fd)
332 if (_get_osfhandle (i) != -1)
333 close (i);
334
335 /* We don't want our child to inherit the error report and
336 * helper sync fds.
337 */
338 child_err_report_fd = reopen_noninherited (child_err_report_fd, _O_WRONLY);
339 helper_sync_fd = reopen_noninherited (helper_sync_fd, _O_RDONLY);
340
341 /* argv[ARG_WAIT] is "w" to wait for the program to exit */
342 if (argv[ARG_WAIT][0] == 'w')
343 mode = P_WAIT;
344 else
345 mode = P_NOWAIT;
346
347 /* argv[ARG_USE_PATH] is "y" to use PATH, otherwise not */
348
349 /* argv[ARG_PROGRAM] is executable file to run,
350 * argv[argv_zero_offset]... is its argv. argv_zero_offset equals
351 * ARG_PROGRAM unless G_SPAWN_FILE_AND_ARGV_ZERO was used, in which
352 * case we have a separate executable name and argv[0].
353 */
354
355 /* For the program name passed to spawnv(), don't use the quoted
356 * version.
357 */
358 protect_wargv (argc - argv_zero_offset, wargv + argv_zero_offset, &new_wargv);
359
360 if (argv[ARG_USE_PATH][0] == 'y')
361 handle = _wspawnvp (mode, wargv[ARG_PROGRAM], (const wchar_t **) new_wargv);
362 else
363 handle = _wspawnv (mode, wargv[ARG_PROGRAM], (const wchar_t **) new_wargv);
364
365 saved_errno = errno;
366
367 /* Some coverage warnings may be printed on stderr during this process exit.
368 * Remove redirection so that they would go to original stderr
369 * instead of being treated as part of stderr of child process.
370 */
371 dup2 (saved_stderr_fd, 2);
372 if (handle == -1 && saved_errno != 0)
373 {
374 int ec = (saved_errno == ENOENT)
375 ? CHILD_SPAWN_NOENT
376 : CHILD_SPAWN_FAILED;
377 write_err_and_exit (child_err_report_fd, ec);
378 }
379
380 write (child_err_report_fd, &no_error, sizeof (no_error));
381 write (child_err_report_fd, &handle, sizeof (handle));
382
383 read (helper_sync_fd, &c, 1);
384
385 LocalFree (wargv);
386 g_strfreev (argv);
387
388 return 0;
389 }
390