security/hakurei
6
3
Fork 1
Code Issues 11 Pull Requests 1 Actions 2 Packages Projects Releases 14 Wiki Activity
Files
16d0cf04c1b9a5bab1bf872425cf7589e5436dfc
hakurei/ldd/exec.go
Ophestra 4b0cce4db5
All checks were successful
Test / Create distribution (push) Successful in 56s
Details
Test / Sandbox (push) Successful in 2m35s
Details
Test / Hakurei (push) Successful in 3m46s
Details
Test / ShareFS (push) Successful in 3m51s
Details
Test / Hpkg (push) Successful in 4m21s
Details
Test / Sandbox (race detector) (push) Successful in 4m54s
Details
Test / Hakurei (race detector) (push) Successful in 5m53s
Details
Test / Flake checks (push) Successful in 1m46s
Details
ldd: treat nil pathname as self 
This is a helpful shortcut for examining a test program's ldd output.

Signed-off-by: Ophestra <cat@gensokyo.uk>
2026-02-28 20:37:01 +09:00

119 lines
3.2 KiB
Go
Raw Blame History

package ldd
import (
"bytes"
"context"
"errors"
"io"
"os"
"os/exec"
"time"
"hakurei.app/container"
"hakurei.app/container/check"
"hakurei.app/container/fhs"
"hakurei.app/container/seccomp"
"hakurei.app/container/std"
"hakurei.app/message"
)
const (
// msgStaticSuffix is the suffix of message printed to stderr by musl on a statically linked program.
msgStaticSuffix = ": Not a valid dynamic program"
// msgStaticGlibc is a substring of the message printed to stderr by glibc on a statically linked program.
msgStaticGlibc = "not a dynamic executable"
// lddName is the file name of ldd(1) passed to exec.LookPath.
lddName = "ldd"
// lddTimeout is the maximum duration ldd(1) is allowed to ran for before it is terminated.
lddTimeout = 4 * time.Second
)
// Resolve runs ldd(1) in a strict sandbox and connects its stdout to a [Decoder].
//
// The returned error has concrete type
// [exec.Error] or [check.AbsoluteError] for fault during lookup of ldd(1),
// [os.SyscallError] for fault creating the stdout pipe,
// [container.StartError] for fault during either stage of container setup.
// Otherwise, it passes through the return values of [Decoder.Decode].
func Resolve(
ctx context.Context,
msg message.Msg,
pathname *check.Absolute,
) ([]*Entry, error) {
if pathname == nil {
if p, err := os.Executable(); err != nil {
return nil, err
} else if pathname, err = check.NewAbs(p); err != nil {
return nil, err
}
}
c, cancel := context.WithTimeout(ctx, lddTimeout)
defer cancel()
var toolPath *check.Absolute
if s, err := exec.LookPath(lddName); err != nil {
return nil, err
} else if toolPath, err = check.NewAbs(s); err != nil {
return nil, err
}
z := container.NewCommand(c, msg, toolPath, lddName, pathname.String())
z.Hostname = "hakurei-" + lddName
z.SeccompFlags |= seccomp.AllowMultiarch
z.SeccompPresets |= std.PresetStrict
stderr := new(bytes.Buffer)
z.Stderr = stderr
z.
Bind(fhs.AbsRoot, fhs.AbsRoot, 0).
Proc(fhs.AbsProc).
Dev(fhs.AbsDev, false)
var d *Decoder
if r, err := z.StdoutPipe(); err != nil {
return nil, err
} else {
d = NewDecoder(r)
}
if err := z.Start(); err != nil {
return nil, err
}
defer func() { _, _ = io.Copy(os.Stderr, stderr) }()
if err := z.Serve(); err != nil {
return nil, err
}
entries, decodeErr := d.Decode()
if decodeErr != nil {
// do not cancel on successful decode to avoid racing with ldd(1) termination
cancel()
}
if err := z.Wait(); err != nil {
m := stderr.Bytes()
if bytes.Contains(m, []byte(msgStaticSuffix)) || bytes.Contains(m, []byte(msgStaticGlibc)) {
return nil, nil
}
if decodeErr != nil {
return nil, errors.Join(decodeErr, err)
}
return nil, err
}
return entries, decodeErr
}
// Exec runs ldd(1) in a restrictive [container] and connects it to a [Decoder], returning resulting entries.
//
// Deprecated: this function takes an unchecked pathname string.
// Relative pathnames do not work in the container as working directory information is not sent.
func Exec(ctx context.Context, msg message.Msg, pathname string) ([]*Entry, error) {
if a, err := check.NewAbs(pathname); err != nil {
return nil, err
} else {
return Resolve(ctx, msg, a)
}
}
Reference in New Issue View Git Blame Copy Permalink