2016-11-03 00:27:15 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License along
|
|
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
*
|
|
|
|
|
* @file
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
namespace MediaWiki\Shell;
|
|
|
|
|
|
|
|
|
|
use Exception;
|
|
|
|
|
use MediaWiki\ProcOpenError;
|
|
|
|
|
use MediaWiki\ShellDisabledError;
|
|
|
|
|
use Profiler;
|
2017-09-09 06:10:09 +00:00
|
|
|
use Psr\Log\LoggerAwareTrait;
|
|
|
|
|
use Psr\Log\NullLogger;
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Class used for executing shell commands
|
|
|
|
|
*
|
|
|
|
|
* @since 1.30
|
|
|
|
|
*/
|
|
|
|
|
class Command {
|
2017-09-09 06:10:09 +00:00
|
|
|
use LoggerAwareTrait;
|
|
|
|
|
|
2016-11-03 00:27:15 +00:00
|
|
|
/** @var string */
|
2017-12-09 10:11:02 +00:00
|
|
|
protected $command = '';
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
/** @var array */
|
2017-09-09 06:10:09 +00:00
|
|
|
private $limits = [
|
|
|
|
|
// seconds
|
|
|
|
|
'time' => 180,
|
|
|
|
|
// seconds
|
|
|
|
|
'walltime' => 180,
|
|
|
|
|
// KB
|
|
|
|
|
'memory' => 307200,
|
|
|
|
|
// KB
|
|
|
|
|
'filesize' => 102400,
|
|
|
|
|
];
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
/** @var string[] */
|
|
|
|
|
private $env = [];
|
|
|
|
|
|
|
|
|
|
/** @var string */
|
|
|
|
|
private $method;
|
|
|
|
|
|
2017-12-22 02:07:36 +00:00
|
|
|
/** @var string|null */
|
|
|
|
|
private $inputString;
|
|
|
|
|
|
2016-11-03 00:27:15 +00:00
|
|
|
/** @var bool */
|
2017-10-23 08:29:20 +00:00
|
|
|
private $doIncludeStderr = false;
|
|
|
|
|
|
|
|
|
|
/** @var bool */
|
|
|
|
|
private $doLogStderr = false;
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
/** @var bool */
|
|
|
|
|
private $everExecuted = false;
|
|
|
|
|
|
2017-09-09 06:10:09 +00:00
|
|
|
/** @var string|false */
|
2017-10-07 02:26:52 +00:00
|
|
|
private $cgroup = false;
|
2017-09-09 06:10:09 +00:00
|
|
|
|
2017-10-18 06:54:19 +00:00
|
|
|
/**
|
|
|
|
|
* bitfield with restrictions
|
|
|
|
|
*
|
|
|
|
|
* @var int
|
|
|
|
|
*/
|
|
|
|
|
protected $restrictions = 0;
|
|
|
|
|
|
2016-11-03 00:27:15 +00:00
|
|
|
/**
|
|
|
|
|
* Constructor. Don't call directly, instead use Shell::command()
|
2017-09-09 06:10:09 +00:00
|
|
|
*
|
|
|
|
|
* @throws ShellDisabledError
|
2016-11-03 00:27:15 +00:00
|
|
|
*/
|
|
|
|
|
public function __construct() {
|
|
|
|
|
if ( Shell::isDisabled() ) {
|
|
|
|
|
throw new ShellDisabledError();
|
|
|
|
|
}
|
2017-09-09 06:10:09 +00:00
|
|
|
|
|
|
|
|
$this->setLogger( new NullLogger() );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Destructor. Makes sure programmer didn't forget to execute the command after all
|
|
|
|
|
*/
|
|
|
|
|
public function __destruct() {
|
|
|
|
|
if ( !$this->everExecuted ) {
|
2017-10-18 01:54:17 +00:00
|
|
|
$context = [ 'command' => $this->command ];
|
2016-11-03 00:27:15 +00:00
|
|
|
$message = __CLASS__ . " was instantiated, but execute() was never called.";
|
|
|
|
|
if ( $this->method ) {
|
2017-10-18 01:54:17 +00:00
|
|
|
$message .= ' Calling method: {method}.';
|
|
|
|
|
$context['method'] = $this->method;
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
2017-10-18 01:54:17 +00:00
|
|
|
$message .= ' Command: {command}';
|
|
|
|
|
$this->logger->warning( $message, $context );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Adds parameters to the command. All parameters are sanitized via Shell::escape().
|
2017-11-29 02:51:25 +00:00
|
|
|
* Null values are ignored.
|
2016-11-03 00:27:15 +00:00
|
|
|
*
|
Get rid of unnecessary func_get_args() and friends
HHVM does not support variadic arguments with type hints. This is
mostly not a big problem, because we can just drop the type hint, but
for some reason PHPUnit adds a type hint of "array" when it creates
mocks, so a class with a variadic method can't be mocked (at least in
some cases). As such, I left alone all the classes that seem like
someone might like to mock them, like Title and User. If anyone wants
to mock them in the future, they'll have to switch back to
func_get_args(). Some of the changes are definitely safe, like
functions and test classes.
In most cases, func_get_args() (and/or func_get_arg(), func_num_args() )
were only present because the code was written before we required PHP
5.6, and writing them as variadic functions is strictly superior. In
some cases I left them alone, aside from HHVM compatibility:
* Forwarding all arguments to another function. It's useful to keep
func_get_args() here where we want to keep the list of expected
arguments and their meanings in the function signature line for
documentation purposes, but don't want to copy-paste a long line of
argument names.
* Handling deprecated calling conventions.
* One or two miscellaneous cases where we're basically using the
arguments individually but want to use them as an array as well for
some reason.
Change-Id: I066ec95a7beb7c0665146195a08e7cce1222c788
2018-10-08 14:10:45 +00:00
|
|
|
* @param string|string[] ...$args
|
2016-11-03 00:27:15 +00:00
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function params( ...$args ): Command {
|
2016-11-03 00:27:15 +00:00
|
|
|
if ( count( $args ) === 1 && is_array( reset( $args ) ) ) {
|
|
|
|
|
// If only one argument has been passed, and that argument is an array,
|
|
|
|
|
// treat it as a list of arguments
|
|
|
|
|
$args = reset( $args );
|
|
|
|
|
}
|
2017-11-29 02:51:25 +00:00
|
|
|
$this->command = trim( $this->command . ' ' . Shell::escape( $args ) );
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Adds unsafe parameters to the command. These parameters are NOT sanitized in any way.
|
2017-11-29 02:51:25 +00:00
|
|
|
* Null values are ignored.
|
2016-11-03 00:27:15 +00:00
|
|
|
*
|
Get rid of unnecessary func_get_args() and friends
HHVM does not support variadic arguments with type hints. This is
mostly not a big problem, because we can just drop the type hint, but
for some reason PHPUnit adds a type hint of "array" when it creates
mocks, so a class with a variadic method can't be mocked (at least in
some cases). As such, I left alone all the classes that seem like
someone might like to mock them, like Title and User. If anyone wants
to mock them in the future, they'll have to switch back to
func_get_args(). Some of the changes are definitely safe, like
functions and test classes.
In most cases, func_get_args() (and/or func_get_arg(), func_num_args() )
were only present because the code was written before we required PHP
5.6, and writing them as variadic functions is strictly superior. In
some cases I left them alone, aside from HHVM compatibility:
* Forwarding all arguments to another function. It's useful to keep
func_get_args() here where we want to keep the list of expected
arguments and their meanings in the function signature line for
documentation purposes, but don't want to copy-paste a long line of
argument names.
* Handling deprecated calling conventions.
* One or two miscellaneous cases where we're basically using the
arguments individually but want to use them as an array as well for
some reason.
Change-Id: I066ec95a7beb7c0665146195a08e7cce1222c788
2018-10-08 14:10:45 +00:00
|
|
|
* @param string|string[] ...$args
|
2016-11-03 00:27:15 +00:00
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function unsafeParams( ...$args ): Command {
|
2016-11-03 00:27:15 +00:00
|
|
|
if ( count( $args ) === 1 && is_array( reset( $args ) ) ) {
|
|
|
|
|
// If only one argument has been passed, and that argument is an array,
|
|
|
|
|
// treat it as a list of arguments
|
|
|
|
|
$args = reset( $args );
|
|
|
|
|
}
|
2017-11-29 02:51:25 +00:00
|
|
|
$args = array_filter( $args,
|
|
|
|
|
function ( $value ) {
|
|
|
|
|
return $value !== null;
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
$this->command = trim( $this->command . ' ' . implode( ' ', $args ) );
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Sets execution limits
|
|
|
|
|
*
|
2017-10-07 02:26:52 +00:00
|
|
|
* @param array $limits Associative array of limits. Keys (all optional):
|
|
|
|
|
* filesize (for ulimit -f), memory, time, walltime.
|
2016-11-03 00:27:15 +00:00
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function limits( array $limits ): Command {
|
2017-10-16 22:30:49 +00:00
|
|
|
if ( !isset( $limits['walltime'] ) && isset( $limits['time'] ) ) {
|
|
|
|
|
// Emulate the behavior of old wfShellExec() where walltime fell back on time
|
|
|
|
|
// if the latter was overridden and the former wasn't
|
|
|
|
|
$limits['walltime'] = $limits['time'];
|
|
|
|
|
}
|
2017-09-09 06:10:09 +00:00
|
|
|
$this->limits = $limits + $this->limits;
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Sets environment variables which should be added to the executed command environment
|
|
|
|
|
*
|
|
|
|
|
* @param string[] $env array of variable name => value
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function environment( array $env ): Command {
|
2016-11-03 00:27:15 +00:00
|
|
|
$this->env = $env;
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Sets calling function for profiler. By default, the caller for execute() will be used.
|
|
|
|
|
*
|
|
|
|
|
* @param string $method
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function profileMethod( $method ): Command {
|
2016-11-03 00:27:15 +00:00
|
|
|
$this->method = $method;
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-22 02:07:36 +00:00
|
|
|
/**
|
|
|
|
|
* Sends the provided input to the command.
|
|
|
|
|
* When set to null (default), the command will use the standard input.
|
|
|
|
|
* @param string|null $inputString
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function input( $inputString ): Command {
|
2017-12-22 02:07:36 +00:00
|
|
|
$this->inputString = is_null( $inputString ) ? null : (string)$inputString;
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-03 00:27:15 +00:00
|
|
|
/**
|
|
|
|
|
* Controls whether stderr should be included in stdout, including errors from limit.sh.
|
|
|
|
|
* Default: don't include.
|
|
|
|
|
*
|
|
|
|
|
* @param bool $yesno
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function includeStderr( $yesno = true ): Command {
|
2017-10-23 08:29:20 +00:00
|
|
|
$this->doIncludeStderr = $yesno;
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* When enabled, text sent to stderr will be logged with a level of 'error'.
|
|
|
|
|
*
|
|
|
|
|
* @param bool $yesno
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function logStderr( $yesno = true ): Command {
|
2017-10-23 08:29:20 +00:00
|
|
|
$this->doLogStderr = $yesno;
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-09 06:10:09 +00:00
|
|
|
/**
|
|
|
|
|
* Sets cgroup for this command
|
|
|
|
|
*
|
2017-10-07 02:26:52 +00:00
|
|
|
* @param string|false $cgroup Absolute file path to the cgroup, or false to not use a cgroup
|
2017-09-09 06:10:09 +00:00
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function cgroup( $cgroup ): Command {
|
2017-10-07 02:26:52 +00:00
|
|
|
$this->cgroup = $cgroup;
|
2017-09-09 06:10:09 +00:00
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-18 06:54:19 +00:00
|
|
|
/**
|
|
|
|
|
* Set additional restrictions for this request
|
|
|
|
|
*
|
|
|
|
|
* @since 1.31
|
|
|
|
|
* @param int $restrictions
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function restrict( $restrictions ): Command {
|
2017-10-18 06:54:19 +00:00
|
|
|
$this->restrictions |= $restrictions;
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Bitfield helper on whether a specific restriction is enabled
|
|
|
|
|
*
|
|
|
|
|
* @param int $restriction
|
|
|
|
|
*
|
|
|
|
|
* @return bool
|
|
|
|
|
*/
|
|
|
|
|
protected function hasRestriction( $restriction ) {
|
|
|
|
|
return ( $this->restrictions & $restriction ) === $restriction;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* If called, only the files/directories that are
|
|
|
|
|
* whitelisted will be available to the shell command.
|
|
|
|
|
*
|
|
|
|
|
* limit.sh will always be whitelisted
|
|
|
|
|
*
|
|
|
|
|
* @param string[] $paths
|
|
|
|
|
*
|
|
|
|
|
* @return $this
|
|
|
|
|
*/
|
2019-04-26 20:54:41 +00:00
|
|
|
public function whitelistPaths( array $paths ): Command {
|
2017-10-18 06:54:19 +00:00
|
|
|
// Default implementation is a no-op
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-03 00:27:15 +00:00
|
|
|
/**
|
2017-10-18 04:49:46 +00:00
|
|
|
* String together all the options and build the final command
|
|
|
|
|
* to execute
|
2016-11-03 00:27:15 +00:00
|
|
|
*
|
2017-12-09 10:11:02 +00:00
|
|
|
* @param string $command Already-escaped command to run
|
2017-10-18 04:49:46 +00:00
|
|
|
* @return array [ command, whether to use log pipe ]
|
2016-11-03 00:27:15 +00:00
|
|
|
*/
|
2017-12-09 10:11:02 +00:00
|
|
|
protected function buildFinalCommand( $command ) {
|
2016-11-03 00:27:15 +00:00
|
|
|
$envcmd = '';
|
|
|
|
|
foreach ( $this->env as $k => $v ) {
|
|
|
|
|
if ( wfIsWindows() ) {
|
|
|
|
|
/* Surrounding a set in quotes (method used by wfEscapeShellArg) makes the quotes themselves
|
|
|
|
|
* appear in the environment variable, so we must use carat escaping as documented in
|
|
|
|
|
* https://technet.microsoft.com/en-us/library/cc723564.aspx
|
|
|
|
|
* Note however that the quote isn't listed there, but is needed, and the parentheses
|
|
|
|
|
* are listed there but doesn't appear to need it.
|
|
|
|
|
*/
|
|
|
|
|
$envcmd .= "set $k=" . preg_replace( '/([&|()<>^"])/', '^\\1', $v ) . '&& ';
|
|
|
|
|
} else {
|
|
|
|
|
/* Assume this is a POSIX shell, thus required to accept variable assignments before the command
|
|
|
|
|
* http://www.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html#tag_02_09_01
|
|
|
|
|
*/
|
|
|
|
|
$envcmd .= "$k=" . escapeshellarg( $v ) . ' ';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-18 04:49:46 +00:00
|
|
|
$useLogPipe = false;
|
2017-12-09 10:11:02 +00:00
|
|
|
$cmd = $envcmd . trim( $command );
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
if ( is_executable( '/bin/bash' ) ) {
|
2017-09-09 06:10:09 +00:00
|
|
|
$time = intval( $this->limits['time'] );
|
|
|
|
|
$wallTime = intval( $this->limits['walltime'] );
|
|
|
|
|
$mem = intval( $this->limits['memory'] );
|
|
|
|
|
$filesize = intval( $this->limits['filesize'] );
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
if ( $time > 0 || $mem > 0 || $filesize > 0 || $wallTime > 0 ) {
|
2017-10-07 02:50:45 +00:00
|
|
|
$cmd = '/bin/bash ' . escapeshellarg( __DIR__ . '/limit.sh' ) . ' ' .
|
2017-10-18 04:49:46 +00:00
|
|
|
escapeshellarg( $cmd ) . ' ' .
|
|
|
|
|
escapeshellarg(
|
2017-10-23 08:29:20 +00:00
|
|
|
"MW_INCLUDE_STDERR=" . ( $this->doIncludeStderr ? '1' : '' ) . ';' .
|
2017-10-18 04:49:46 +00:00
|
|
|
"MW_CPU_LIMIT=$time; " .
|
|
|
|
|
'MW_CGROUP=' . escapeshellarg( $this->cgroup ) . '; ' .
|
|
|
|
|
"MW_MEM_LIMIT=$mem; " .
|
|
|
|
|
"MW_FILE_SIZE_LIMIT=$filesize; " .
|
|
|
|
|
"MW_WALL_CLOCK_LIMIT=$wallTime; " .
|
|
|
|
|
"MW_USE_LOG_PIPE=yes"
|
|
|
|
|
);
|
2016-11-03 00:27:15 +00:00
|
|
|
$useLogPipe = true;
|
|
|
|
|
}
|
2017-10-12 10:51:05 +00:00
|
|
|
}
|
2017-10-23 08:29:20 +00:00
|
|
|
if ( !$useLogPipe && $this->doIncludeStderr ) {
|
2016-11-03 00:27:15 +00:00
|
|
|
$cmd .= ' 2>&1';
|
|
|
|
|
}
|
2017-10-18 04:49:46 +00:00
|
|
|
|
|
|
|
|
return [ $cmd, $useLogPipe ];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Executes command. Afterwards, getExitCode() and getOutput() can be used to access execution
|
|
|
|
|
* results.
|
|
|
|
|
*
|
|
|
|
|
* @return Result
|
|
|
|
|
* @throws Exception
|
|
|
|
|
* @throws ProcOpenError
|
|
|
|
|
* @throws ShellDisabledError
|
|
|
|
|
*/
|
|
|
|
|
public function execute() {
|
|
|
|
|
$this->everExecuted = true;
|
|
|
|
|
|
|
|
|
|
$profileMethod = $this->method ?: wfGetCaller();
|
|
|
|
|
|
2017-12-09 10:11:02 +00:00
|
|
|
list( $cmd, $useLogPipe ) = $this->buildFinalCommand( $this->command );
|
2017-10-18 04:49:46 +00:00
|
|
|
|
2017-10-18 01:22:42 +00:00
|
|
|
$this->logger->debug( __METHOD__ . ": $cmd" );
|
2016-11-03 00:27:15 +00:00
|
|
|
|
|
|
|
|
// Don't try to execute commands that exceed Linux's MAX_ARG_STRLEN.
|
|
|
|
|
// Other platforms may be more accomodating, but we don't want to be
|
|
|
|
|
// accomodating, because very long commands probably include user
|
|
|
|
|
// input. See T129506.
|
|
|
|
|
if ( strlen( $cmd ) > SHELL_MAX_ARG_STRLEN ) {
|
|
|
|
|
throw new Exception( __METHOD__ .
|
2017-10-12 10:51:05 +00:00
|
|
|
'(): total length of $cmd must not exceed SHELL_MAX_ARG_STRLEN' );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$desc = [
|
2017-12-22 02:07:36 +00:00
|
|
|
0 => $this->inputString === null ? [ 'file', 'php://stdin', 'r' ] : [ 'pipe', 'r' ],
|
2016-11-03 00:27:15 +00:00
|
|
|
1 => [ 'pipe', 'w' ],
|
2016-12-03 00:12:59 +00:00
|
|
|
2 => [ 'pipe', 'w' ],
|
2016-11-03 00:27:15 +00:00
|
|
|
];
|
|
|
|
|
if ( $useLogPipe ) {
|
|
|
|
|
$desc[3] = [ 'pipe', 'w' ];
|
|
|
|
|
}
|
|
|
|
|
$pipes = null;
|
|
|
|
|
$scoped = Profiler::instance()->scopedProfileIn( __FUNCTION__ . '-' . $profileMethod );
|
|
|
|
|
$proc = proc_open( $cmd, $desc, $pipes );
|
|
|
|
|
if ( !$proc ) {
|
2017-09-09 06:10:09 +00:00
|
|
|
$this->logger->error( "proc_open() failed: {command}", [ 'command' => $cmd ] );
|
2016-11-03 00:27:15 +00:00
|
|
|
throw new ProcOpenError();
|
|
|
|
|
}
|
2017-12-22 02:07:36 +00:00
|
|
|
|
|
|
|
|
$buffers = [
|
|
|
|
|
0 => $this->inputString, // input
|
|
|
|
|
1 => '', // stdout
|
|
|
|
|
2 => null, // stderr
|
|
|
|
|
3 => '', // log
|
|
|
|
|
];
|
2016-11-03 00:27:15 +00:00
|
|
|
$emptyArray = [];
|
|
|
|
|
$status = false;
|
|
|
|
|
$logMsg = false;
|
|
|
|
|
|
|
|
|
|
/* According to the documentation, it is possible for stream_select()
|
|
|
|
|
* to fail due to EINTR. I haven't managed to induce this in testing
|
|
|
|
|
* despite sending various signals. If it did happen, the error
|
|
|
|
|
* message would take the form:
|
|
|
|
|
*
|
|
|
|
|
* stream_select(): unable to select [4]: Interrupted system call (max_fd=5)
|
|
|
|
|
*
|
|
|
|
|
* where [4] is the value of the macro EINTR and "Interrupted system
|
|
|
|
|
* call" is string which according to the Linux manual is "possibly"
|
|
|
|
|
* localised according to LC_MESSAGES.
|
|
|
|
|
*/
|
|
|
|
|
$eintr = defined( 'SOCKET_EINTR' ) ? SOCKET_EINTR : 4;
|
|
|
|
|
$eintrMessage = "stream_select(): unable to select [$eintr]";
|
|
|
|
|
|
2018-02-01 18:45:35 +00:00
|
|
|
/* The select(2) system call only guarantees a "sufficiently small write"
|
|
|
|
|
* can be made without blocking. And on Linux the read might block too
|
|
|
|
|
* in certain cases, although I don't know if any of them can occur here.
|
|
|
|
|
* Regardless, set all the pipes to non-blocking to avoid T184171.
|
|
|
|
|
*/
|
|
|
|
|
foreach ( $pipes as $pipe ) {
|
|
|
|
|
stream_set_blocking( $pipe, false );
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-03 00:27:15 +00:00
|
|
|
$running = true;
|
|
|
|
|
$timeout = null;
|
|
|
|
|
$numReadyPipes = 0;
|
|
|
|
|
|
2018-02-01 18:45:35 +00:00
|
|
|
while ( $pipes && ( $running === true || $numReadyPipes !== 0 ) ) {
|
2016-11-03 00:27:15 +00:00
|
|
|
if ( $running ) {
|
|
|
|
|
$status = proc_get_status( $proc );
|
|
|
|
|
// If the process has terminated, switch to nonblocking selects
|
|
|
|
|
// for getting any data still waiting to be read.
|
|
|
|
|
if ( !$status['running'] ) {
|
|
|
|
|
$running = false;
|
|
|
|
|
$timeout = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-07 00:31:06 +00:00
|
|
|
// clear get_last_error without actually raising an error
|
2019-04-12 04:41:14 +00:00
|
|
|
// from https://www.php.net/manual/en/function.error-get-last.php#113518
|
2017-10-07 00:31:06 +00:00
|
|
|
// TODO replace with clear_last_error when requirements are bumped to PHP7
|
|
|
|
|
set_error_handler( function () {
|
|
|
|
|
}, 0 );
|
2019-02-12 23:48:31 +00:00
|
|
|
\Wikimedia\suppressWarnings();
|
2018-04-02 22:22:42 +00:00
|
|
|
trigger_error( '' );
|
2019-02-12 23:48:31 +00:00
|
|
|
\Wikimedia\restoreWarnings();
|
2017-10-07 00:31:06 +00:00
|
|
|
restore_error_handler();
|
|
|
|
|
|
2018-07-18 08:42:52 +00:00
|
|
|
$readPipes = array_filter( $pipes, function ( $fd ) use ( $desc ) {
|
2017-12-22 02:07:36 +00:00
|
|
|
return $desc[$fd][0] === 'pipe' && $desc[$fd][1] === 'r';
|
2018-07-18 08:42:52 +00:00
|
|
|
}, ARRAY_FILTER_USE_KEY );
|
|
|
|
|
$writePipes = array_filter( $pipes, function ( $fd ) use ( $desc ) {
|
2017-12-22 02:07:36 +00:00
|
|
|
return $desc[$fd][0] === 'pipe' && $desc[$fd][1] === 'w';
|
2018-07-18 08:42:52 +00:00
|
|
|
}, ARRAY_FILTER_USE_KEY );
|
2017-12-22 02:07:36 +00:00
|
|
|
// stream_select parameter names are from the POV of us being able to do the operation;
|
|
|
|
|
// proc_open desriptor types are from the POV of the process doing it.
|
|
|
|
|
// So $writePipes is passed as the $read parameter and $readPipes as $write.
|
2018-01-01 13:10:16 +00:00
|
|
|
// phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged
|
2017-12-22 02:07:36 +00:00
|
|
|
$numReadyPipes = @stream_select( $writePipes, $readPipes, $emptyArray, $timeout );
|
2016-11-03 00:27:15 +00:00
|
|
|
if ( $numReadyPipes === false ) {
|
|
|
|
|
$error = error_get_last();
|
|
|
|
|
if ( strncmp( $error['message'], $eintrMessage, strlen( $eintrMessage ) ) == 0 ) {
|
|
|
|
|
continue;
|
|
|
|
|
} else {
|
|
|
|
|
trigger_error( $error['message'], E_USER_WARNING );
|
|
|
|
|
$logMsg = $error['message'];
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-12-22 02:07:36 +00:00
|
|
|
foreach ( $writePipes + $readPipes as $fd => $pipe ) {
|
|
|
|
|
// True if a pipe is unblocked for us to write into, false if for reading from
|
|
|
|
|
$isWrite = array_key_exists( $fd, $readPipes );
|
|
|
|
|
|
|
|
|
|
if ( $isWrite ) {
|
2018-02-22 22:13:28 +00:00
|
|
|
// Don't bother writing if the buffer is empty
|
|
|
|
|
if ( $buffers[$fd] === '' ) {
|
|
|
|
|
fclose( $pipes[$fd] );
|
|
|
|
|
unset( $pipes[$fd] );
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2017-12-22 02:07:36 +00:00
|
|
|
$res = fwrite( $pipe, $buffers[$fd], 65536 );
|
|
|
|
|
} else {
|
|
|
|
|
$res = fread( $pipe, 65536 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( $res === false ) {
|
|
|
|
|
$logMsg = 'Error ' . ( $isWrite ? 'writing to' : 'reading from' ) . ' pipe';
|
|
|
|
|
break 2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( $res === '' || $res === 0 ) {
|
2018-02-01 18:45:35 +00:00
|
|
|
// End of file?
|
|
|
|
|
if ( feof( $pipe ) ) {
|
|
|
|
|
fclose( $pipes[$fd] );
|
|
|
|
|
unset( $pipes[$fd] );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
2017-12-22 02:07:36 +00:00
|
|
|
} elseif ( $isWrite ) {
|
2018-02-01 18:45:35 +00:00
|
|
|
$buffers[$fd] = (string)substr( $buffers[$fd], $res );
|
|
|
|
|
if ( $buffers[$fd] === '' ) {
|
|
|
|
|
fclose( $pipes[$fd] );
|
|
|
|
|
unset( $pipes[$fd] );
|
|
|
|
|
}
|
2017-12-22 02:07:36 +00:00
|
|
|
} else {
|
|
|
|
|
$buffers[$fd] .= $res;
|
|
|
|
|
if ( $fd === 3 && strpos( $res, "\n" ) !== false ) {
|
|
|
|
|
// For the log FD, every line is a separate log entry.
|
|
|
|
|
$lines = explode( "\n", $buffers[3] );
|
|
|
|
|
$buffers[3] = array_pop( $lines );
|
2016-11-03 00:27:15 +00:00
|
|
|
foreach ( $lines as $line ) {
|
2017-09-09 06:10:09 +00:00
|
|
|
$this->logger->info( $line );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
foreach ( $pipes as $pipe ) {
|
|
|
|
|
fclose( $pipe );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Use the status previously collected if possible, since proc_get_status()
|
|
|
|
|
// just calls waitpid() which will not return anything useful the second time.
|
|
|
|
|
if ( $running ) {
|
|
|
|
|
$status = proc_get_status( $proc );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( $logMsg !== false ) {
|
|
|
|
|
// Read/select error
|
|
|
|
|
$retval = -1;
|
|
|
|
|
proc_close( $proc );
|
|
|
|
|
} elseif ( $status['signaled'] ) {
|
|
|
|
|
$logMsg = "Exited with signal {$status['termsig']}";
|
|
|
|
|
$retval = 128 + $status['termsig'];
|
|
|
|
|
proc_close( $proc );
|
|
|
|
|
} else {
|
|
|
|
|
if ( $status['running'] ) {
|
|
|
|
|
$retval = proc_close( $proc );
|
|
|
|
|
} else {
|
|
|
|
|
$retval = $status['exitcode'];
|
|
|
|
|
proc_close( $proc );
|
|
|
|
|
}
|
|
|
|
|
if ( $retval == 127 ) {
|
|
|
|
|
$logMsg = "Possibly missing executable file";
|
|
|
|
|
} elseif ( $retval >= 129 && $retval <= 192 ) {
|
|
|
|
|
$logMsg = "Probably exited with signal " . ( $retval - 128 );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( $logMsg !== false ) {
|
2017-09-09 06:10:09 +00:00
|
|
|
$this->logger->warning( "$logMsg: {command}", [ 'command' => $cmd ] );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
|
|
|
|
|
2017-12-22 02:07:36 +00:00
|
|
|
if ( $buffers[2] && $this->doLogStderr ) {
|
2017-10-23 08:29:20 +00:00
|
|
|
$this->logger->error( "Error running {command}: {error}", [
|
|
|
|
|
'command' => $cmd,
|
2017-12-22 02:07:36 +00:00
|
|
|
'error' => $buffers[2],
|
2017-10-23 08:29:20 +00:00
|
|
|
'exitcode' => $retval,
|
|
|
|
|
'exception' => new Exception( 'Shell error' ),
|
|
|
|
|
] );
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-22 02:07:36 +00:00
|
|
|
return new Result( $retval, $buffers[1], $buffers[2] );
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
2017-11-14 04:11:53 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Returns the final command line before environment/limiting, etc are applied.
|
|
|
|
|
* Use string conversion only for debugging, don't try to pass this to
|
|
|
|
|
* some other execution medium.
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function __toString() {
|
|
|
|
|
return "#Command: {$this->command}";
|
|
|
|
|
}
|
2016-11-03 00:27:15 +00:00
|
|
|
}
|
