minishell | 42 - Rewrite a simple shell | Command Line Interface library

Thanks for the insightful comments.

If I add close(pipefd[0]) and close(pipefd[1]) immediately after dup2()s, the issue gets solved.

I thought that it was enough to close the pipe only from the main, shell process, but it turned out that all occurrences of fds have to be closed, including the ones inside children who inherit a copy.

The reason I got confused is the fact that the first piece of code worked. Now I realize that there, I was waiting for the first (ls) process to exit, so when it exits, its copy of the write-end gets destroyed, and I close the last copy of it in the main process. Then wc doesn't inherit any.

So now in my shell, during execution inside a child, after dup2()ing the descriptors, I close each and every descriptor created by pipe(), and it works.

Wouldn't this work?

The line of Valgrind output that should concern you is this specific one:

As stated in the comments, the line is malware. It's possible there are other files on your server affected as well, so I would scan the date modified on them to see if any have been changed around the same time that file was created. This becomes much easier if you have SSH access and are able to use find.

Identifying the source of the attack is trickier. I would start by looking at the file you pointed out - which user created it? The server itself or an FTP user? Then I would talk to the web host about it.

Finally, I would change all admin WordPress passwords to be on the safe side. Might want to change your cpanel user's password as well.

There are three issues in your code:

1. execve() doesn't search for the command in $PATH so generally it won't find neither env nor grep. Use execvp() instead.
2. You should call pipe() before the first fork() to prevent another pipe to be created and used by the child process
3. as @KamilCuk has pointed out: in the first child process, you should dup2() stdout instead of stdin

Fixing these bugs lead to this working code

Fundamentally, fork() creates a separate process (child). Most of the actions taken in the child process are not reflected in the parent. exit() is one such action. After calling exit(), the child is terminated, and the parent remains unaffected (well, SIGCHLD is passed to the parent who is mostly ignored).

So to notify the parent of the exit() event (main_func() returning -1), you need to adopt some extra mechanism. One way to do this is, signaling the parent. But to signal the parent, parent PID is required. Unlike in the case of the parent, fork() won't return the parent PID in the child. You need to call getppid() for obtaining the parent PID. Following code does the same: