// SPDX-License-Identifier: GPL-2.0-only

  /*
   *  linux/fs/binfmt_script.c
   *

   *  Copyright (C) 1996  Martin von Löwis

   *  original #!-checking implemented by tytso.
   */
  
  #include <linux/module.h>
  #include <linux/string.h>
  #include <linux/stat.h>

  #include <linux/binfmts.h>
  #include <linux/init.h>
  #include <linux/file.h>

  #include <linux/err.h>
  #include <linux/fs.h>

  static inline bool spacetab(char c) { return c == ' ' || c == '\t'; }
  static inline char *next_non_spacetab(char *first, const char *last)
  {
  	for (; first <= last; first++)
  		if (!spacetab(*first))
  			return first;
  	return NULL;
  }
  static inline char *next_terminator(char *first, const char *last)
  {
  	for (; first <= last; first++)
  		if (spacetab(*first) || !*first)
  			return first;
  	return NULL;
  }

  static int load_script(struct linux_binprm *bprm)

  {

  	const char *i_arg, *i_name;

  	char *cp, *buf_end;

  	struct file *file;

  	int retval;

  	/* Not ours to exec if we don't start with "#!". */

  	if ((bprm->buf[0] != '#') || (bprm->buf[1] != '!'))

  		return -ENOEXEC;

  
  	/*
  	 * If the script filename will be inaccessible after exec, typically
  	 * because it is a "/dev/fd/<fd>/.." path against an O_CLOEXEC fd, give
  	 * up now (on the assumption that the interpreter will want to load
  	 * this file).
  	 */
  	if (bprm->interp_flags & BINPRM_FLAGS_PATH_INACCESSIBLE)
  		return -ENOENT;

  	/* Release since we are not mapping a binary into memory. */

  	allow_write_access(bprm->file);
  	fput(bprm->file);
  	bprm->file = NULL;

  	/*
  	 * This section handles parsing the #! line into separate
  	 * interpreter path and argument strings. We must be careful
  	 * because bprm->buf is not yet guaranteed to be NUL-terminated
  	 * (though the buffer will have trailing NUL padding when the
  	 * file size was smaller than the buffer size).
  	 *
  	 * We do not want to exec a truncated interpreter path, so either
  	 * we find a newline (which indicates nothing is truncated), or
  	 * we find a space/tab/NUL after the interpreter path (which
  	 * itself may be preceded by spaces/tabs). Truncating the
  	 * arguments is fine: the interpreter can re-read the script to
  	 * parse them on its own.
  	 */
  	buf_end = bprm->buf + sizeof(bprm->buf) - 1;
  	cp = strnchr(bprm->buf, sizeof(bprm->buf), '
  ');
  	if (!cp) {
  		cp = next_non_spacetab(bprm->buf + 2, buf_end);
  		if (!cp)
  			return -ENOEXEC; /* Entire buf is spaces/tabs */
  		/*
  		 * If there is no later space/tab/NUL we must assume the
  		 * interpreter path is truncated.
  		 */
  		if (!next_terminator(cp, buf_end))
  			return -ENOEXEC;
  		cp = buf_end;
  	}
  	/* NUL-terminate the buffer and any trailing spaces/tabs. */

  	*cp = '\0';
  	while (cp > bprm->buf) {
  		cp--;
  		if ((*cp == ' ') || (*cp == '\t'))
  			*cp = '\0';
  		else
  			break;
  	}
  	for (cp = bprm->buf+2; (*cp == ' ') || (*cp == '\t'); cp++);

  	if (*cp == '\0')

  		return -ENOEXEC; /* No interpreter name found */
  	i_name = cp;
  	i_arg = NULL;
  	for ( ; *cp && (*cp != ' ') && (*cp != '\t'); cp++)
  		/* nothing */ ;
  	while ((*cp == ' ') || (*cp == '\t'))
  		*cp++ = '\0';
  	if (*cp)
  		i_arg = cp;

  	/*
  	 * OK, we've parsed out the interpreter name and
  	 * (optional) argument.
  	 * Splice in (1) the interpreter's name for argv[0]
  	 *           (2) (optional) argument to interpreter
  	 *           (3) filename of shell script (replace argv[0])
  	 *
  	 * This is done in reverse order, because of how the
  	 * user environment and arguments are stored.
  	 */

  	retval = remove_arg_zero(bprm);
  	if (retval)
  		return retval;

  	retval = copy_strings_kernel(1, &bprm->interp, bprm);

  	if (retval < 0)
  		return retval;

  	bprm->argc++;
  	if (i_arg) {
  		retval = copy_strings_kernel(1, &i_arg, bprm);

  		if (retval < 0)
  			return retval;

  		bprm->argc++;
  	}
  	retval = copy_strings_kernel(1, &i_name, bprm);

  	if (retval)
  		return retval;

  	bprm->argc++;

  	retval = bprm_change_interp(i_name, bprm);

  	if (retval < 0)
  		return retval;

  
  	/*
  	 * OK, now restart the process with the interpreter's dentry.
  	 */

  	file = open_exec(i_name);

  	if (IS_ERR(file))
  		return PTR_ERR(file);
  
  	bprm->file = file;
  	retval = prepare_binprm(bprm);
  	if (retval < 0)
  		return retval;

  	return search_binary_handler(bprm);

  }
  
  static struct linux_binfmt script_format = {
  	.module		= THIS_MODULE,
  	.load_binary	= load_script,
  };
  
  static int __init init_script_binfmt(void)
  {

  	register_binfmt(&script_format);
  	return 0;

  }
  
  static void __exit exit_script_binfmt(void)
  {
  	unregister_binfmt(&script_format);
  }
  
  core_initcall(init_script_binfmt);
  module_exit(exit_script_binfmt);
  MODULE_LICENSE("GPL");