sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code

lib: util: Finally remove possibilities of using sys_popen() unsafely.

Browse Source 
All code now uses sys_popenv() which is much
harder to use incorrectly.

Remove the extract_args() function that was the
cause of possible issues.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13964

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Jeremy Allison 2019-05-18 11:40:26 -07:00
parent dbfa3cd186
commit 9fa95d5b45
2 changed files with 0 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
lib/util/sys_popen.c
View File

@ -24,77 +24,6 @@
#include "lib/util/sys_popen.h"
#include "lib/util/debug.h"
/**************************************************************************
Extract a command into an arg list.
****************************************************************************/
static char **extract_args(TALLOC_CTX *mem_ctx, const char *command)
{
char *trunc_cmd;
char *saveptr;
char *ptr;
int argcl;
char **argl = NULL;
int i;
if (!(trunc_cmd = talloc_strdup(mem_ctx, command))) {
DEBUG(0, ("talloc failed\n"));
goto nomem;
}
if(!(ptr = strtok_r(trunc_cmd, " \t", &saveptr))) {
TALLOC_FREE(trunc_cmd);
errno = EINVAL;
return NULL;
}
/*
* Count the args.
*/
for( argcl = 1; ptr; ptr = strtok_r(NULL, " \t", &saveptr))
argcl++;
TALLOC_FREE(trunc_cmd);
if (!(argl = talloc_array(mem_ctx, char *, argcl + 1))) {
goto nomem;
}
/*
* Now do the extraction.
*/
if (!(trunc_cmd = talloc_strdup(mem_ctx, command))) {
goto nomem;
}
ptr = strtok_r(trunc_cmd, " \t", &saveptr);
i = 0;
if (!(argl[i++] = talloc_strdup(argl, ptr))) {
goto nomem;
}
while((ptr = strtok_r(NULL, " \t", &saveptr)) != NULL) {
if (!(argl[i++] = talloc_strdup(argl, ptr))) {
goto nomem;
}
}
argl[i++] = NULL;
TALLOC_FREE(trunc_cmd);
return argl;
nomem:
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(trunc_cmd);
TALLOC_FREE(argl);
errno = ENOMEM;
return NULL;
}
/**************************************************************************
Wrapper for popen. Safer as it doesn't search a path.
Modified from the glibc sources.
@ -204,30 +133,6 @@ err_exit:
return -1;
}
int sys_popen(const char *command)
{
char **argl = NULL;
int ret;
if (!*command) {
errno = EINVAL;
return -1;
}
/*
* Extract the command and args into a NULL terminated array.
*/
argl = extract_args(NULL, command);
if (argl == NULL) {
DBG_ERR("extract_args() failed: %s\n", strerror(errno));
return -1;
}
ret = sys_popenv(argl);
TALLOC_FREE(argl);
return ret;
}
/**************************************************************************
Wrapper for pclose. Modified from the glibc sources.
****************************************************************************/

1
lib/util/sys_popen.h
View File

@ -20,7 +20,6 @@
#ifndef __LIB_SYS_POPEN_H__
#define __LIB_SYS_POPEN_H__
int sys_popen(const char *command);
int sys_popenv(char * const argl[]);
int sys_pclose(int fd);