From 1fecc24f2a10a52697ff08e9984bc234bc0f8be4 Mon Sep 17 00:00:00 2001 From: Thomas Schmitt Date: Tue, 20 May 2008 07:51:37 +0000 Subject: [PATCH] Making Xorriso_prescan_args() safe against misunderstandings --- libisoburn/trunk/xorriso/xorriso.c | 187 +++++++++++++++---- libisoburn/trunk/xorriso/xorriso_timestamp.h | 2 +- 2 files changed, 151 insertions(+), 38 deletions(-) diff --git a/libisoburn/trunk/xorriso/xorriso.c b/libisoburn/trunk/xorriso/xorriso.c index 2d0fcf02..886a8e10 100644 --- a/libisoburn/trunk/xorriso/xorriso.c +++ b/libisoburn/trunk/xorriso/xorriso.c @@ -7674,13 +7674,13 @@ int Xorriso_option_as(struct XorrisO *xorriso, int argc, char **argv, end_idx= Xorriso_end_idx(xorriso, argc, argv, *idx, 1); idx_count= end_idx-(*idx); - if(end_idx<=0) { + if(end_idx<=0 || (*idx)>=argc) { if(idx_count<1) sprintf(xorriso->info_text, - "-as : Not enough arguments given. Needed: whom do_what"); + "-as : Not enough arguments given. Needed: whom do_what --"); else sprintf(xorriso->info_text, - "-as %s : Not enough arguments given. Needed: do_what", + "-as %s : Not enough arguments given. Needed: do_what --", argv[*idx]); Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0); ret= 0; goto ex; @@ -8217,6 +8217,11 @@ int Xorriso_option_compare(struct XorrisO *xorriso, char *disk_path, ipth= iso_path; if(ipth[0]==0) ipth= disk_path; + if(disk_path[0]==0) { + sprintf(xorriso->info_text, "-compare: Empty disk_path given"); + Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "SORRY", 1); + return(0); + } ret= Xorriso_normalize_img_path(xorriso, xorriso->wdx, disk_path, eff_origin, 2|4|8); if(ret<=0) @@ -9715,17 +9720,24 @@ int Xorriso_option_map(struct XorrisO *xorriso, char *disk_path, char *iso_path, int flag) { int ret; - char eff_origin[SfileadrL], eff_dest[SfileadrL]; + char eff_origin[SfileadrL], eff_dest[SfileadrL], *ipth; if(!(flag&2)) Xorriso_pacifier_reset(xorriso, 0); + ipth= iso_path; + if(ipth[0]==0) + ipth= disk_path; + if(disk_path[0]==0) { + sprintf(xorriso->info_text, "-map: Empty disk_path given"); + Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "SORRY", 1); + return(0); + } ret= Xorriso_normalize_img_path(xorriso, xorriso->wdx, disk_path, eff_origin, 2|4); if(ret<=0) return(ret); - ret= Xorriso_normalize_img_path(xorriso, xorriso->wdi, iso_path, eff_dest, - 2); + ret= Xorriso_normalize_img_path(xorriso, xorriso->wdi, ipth, eff_dest, 2); if(ret<=0) return(ret); ret= Xorriso_graft_in(xorriso, NULL, eff_origin, eff_dest, @@ -9857,8 +9869,10 @@ int Xorriso_option_not_leaf(struct XorrisO *xorriso, char *pattern, int flag) { regex_t re; char regexpr[2*SfileadrL+2], sfe[5*SfileadrL]; - int ret; + int ret= 0; + if(pattern[0]==0) + {ret= 0; goto cannot_add;} Xorriso__bourne_to_reg(pattern, regexpr, 0); if(regcomp(&re, regexpr, 0)!=0) {ret= 0; goto cannot_add;} @@ -9884,7 +9898,7 @@ int Xorriso_option_not_list(struct XorrisO *xorriso, char *adr, int flag) Xorriso_pacifier_reset(xorriso, 0); if(adr[0]==0) { sprintf(xorriso->info_text,"Empty file name given with -not_list"); - Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "WARNING", 0); + Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0); return(0); } fp= Afile_fopen(adr,"rb",((!!xorriso->packet_output)<<6)); @@ -10796,6 +10810,12 @@ int Xorriso_option_update(struct XorrisO *xorriso, char *disk_path, ipth= iso_path; if(ipth[0]==0) ipth= disk_path; + if(disk_path[0]==0) { + sprintf(xorriso->info_text, "-update: Empty disk_path given"); + Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "SORRY", 1); + return(0); + } + ret= Xorriso_normalize_img_path(xorriso, xorriso->wdx, disk_path, eff_origin, 2|4|8); if(ret<=0) @@ -11024,7 +11044,96 @@ int Xorriso_normalize_command(struct XorrisO *xorriso, char *original_cmd, for(dash_pt= *cmd; *dash_pt!=0; dash_pt++) if(*dash_pt=='-') *dash_pt= '_'; - return(1); + return(was_dashed); +} + + +/* @param flag bit0= do not warn of unknown option + @return <=0 error, + 1=count is valid, 2=dashed unknown, 3=undashed unknown +*/ +int Xorriso_count_args(struct XorrisO *xorriso, int argc, char **argv, + int *count, int flag) +{ + int ret, was_dashed= 0, i; + char *cmd, cmd_data[2*SfileadrL]; + static char arg0_commands[][40]= { + "ban_stdio_write","commit","commit_eject","devices","end","help", + "list_formats","no_rc","print_size","pwd","pwdi","pwdx", + "rollback","rollback_end","tell_media_space","toc","version","--","" + }; + static char arg1_commands[][40]= { + "abort_on","add_plainly","blank","cd","cdi","cdx","close","dev", + "dummy","dialog","disk_pattern","eject","iso_rr_pattern","follow", + "format","fs","gid","history","indev","joliet","mark","not_leaf", + "not_list","not_mgt","options_from_file","overwrite","outdev", + "padding","path_list","pathspecs","pkt_output","print","prompt", + "prog","publisher","reassure","report_about","rom_toc_scan", + "session_log","speed","split_size","status","status_history_max", + "temp_mem_limit","uid","volid","use_readline","" + }; + static char arg2_commands[][40]= { + "alter_date","alter_date_r","boot_image","compare","compare_r", + "errfile_log","error_behavior","load","logfile", + "map","map_single","page","return_with","update","update_r", + "" + }; + static char arg4_commands[][40]= { + "cut_out","" + }; + static char argn_commands[][40]= { + "add","as","chgrp","chgrpi","chgrp_r","chgrp_ri","chmod","chmodi", + "chmod_r","chmod_ri","chown","chowni","chown_r","chown_ri", + "cpr","cpri","du","dui","dus","dusi","dux","dusx","find","findi","findx", + "ls","lsi","lsl","lsli","lsd","lsdi","lsdl","lsdli", + "lsx","lslx","lsdx","lsdlx","mv","mvi","mkdir","mkdiri", + "not_paths","rm","rmi","rm_r","rm_ri","rmdir","rmdiri", + "" + }; + + *count= 0; + if(argc<=0) + return(-1); + ret= Xorriso_normalize_command(xorriso, argv[0], -1, + cmd_data, sizeof(cmd_data), &cmd, 0); + if(ret<0) + return(ret); + was_dashed= (ret>0); + if(cmd[0]=='#' || cmd[0]==0) { + /* ignore comment line and empty option */; + return(1); + } + for(i=0; arg0_commands[i][0]!=0; i++) + if(strcmp(arg0_commands[i], cmd)==0) + return(1); + *count= 1; + for(i=0; arg1_commands[i][0]!=0; i++) + if(strcmp(arg1_commands[i], cmd)==0) + return(1); + *count= 2; + for(i=0; arg2_commands[i][0]!=0; i++) + if(strcmp(arg2_commands[i], cmd)==0) + return(1); + *count= 4; + for(i=0; arg4_commands[i][0]!=0; i++) + if(strcmp(arg4_commands[i], cmd)==0) + return(1); + *count= 0; + for(i=0; argn_commands[i][0]!=0; i++) + if(strcmp(argn_commands[i], cmd)==0) { + ret= Xorriso_end_idx(xorriso, argc, argv, 1, 1); + if(ret<1) + return(ret); + *count= ret-1; + return(1); + } + + if(!(flag&1)) { + sprintf(xorriso->info_text, "Unknown option : '%s'", argv[0]); + Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "WARNING", 0); + } + + return(2+!was_dashed); } @@ -11038,8 +11147,10 @@ return: bit0= recursion */ { - int ret, was_dashed, end_ret; - int num1, num2; + int ret, was_dashed, end_ret, num1, num2; +#ifdef NIX + int arg_count; +#endif char *cmd, *original_cmd, cmd_data[2*SfileadrL], *arg1, *arg2; if(xorriso==NULL) @@ -11064,22 +11175,31 @@ next_command:; } was_dashed= 0; -#ifdef NIX - - if(cmd[0]=='-' && cmd[1]!='-' && cmd[1]!=0) { - was_dashed= 1; - cmd++; - } - -#else /* NIX */ - ret= Xorriso_normalize_command(xorriso, original_cmd, -1, cmd_data, sizeof(cmd_data), &cmd, 0); if(ret<0) goto eval_any_problems; was_dashed= ret; -#endif /* ! NIX */ +#ifdef NIX + ret= Xorriso_count_args(xorriso, argc-(*idx), argv+(*idx), &arg_count, 0); + if(ret==1) { + sprintf(xorriso->info_text, "Option '%s' : %d :", original_cmd, arg_count); + if(arg_count>0 && (*idx)+arg_count < argc) + sprintf(xorriso->info_text+strlen(xorriso->info_text), " '%s'", + argv[(*idx)+1]); + if(arg_count>1 && (*idx)+arg_count < argc) + sprintf(xorriso->info_text+strlen(xorriso->info_text), " '%s'", + argv[(*idx)+2]); + if(arg_count>2 && (*idx)+arg_count < argc) + sprintf(xorriso->info_text+strlen(xorriso->info_text), " ... '%s'", + argv[(*idx)+arg_count]); + else if(arg_count>3 && (*idx)+arg_count-1 < argc) + sprintf(xorriso->info_text+strlen(xorriso->info_text), " ... '%s'", + argv[(*idx)+arg_count-1]); + Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "DEBUG", 0); + } +#endif /* NIX */ (*idx)++; @@ -11492,10 +11612,6 @@ next_command:; (*idx)+= 2; ret= Xorriso_option_update(xorriso, arg1, arg2, 1|8); - } else if(strcmp(cmd,"volid")==0) { - (*idx)++; - ret= Xorriso_option_volid(xorriso,arg1,0); - } else if(strcmp(cmd,"use_readline")==0) { (*idx)++; ret= Xorriso_option_use_readline(xorriso, arg1, 0); @@ -11503,6 +11619,10 @@ next_command:; } else if(strcmp(cmd,"version")==0){ ret= Xorriso_option_version(xorriso, 0); + } else if(strcmp(cmd,"volid")==0) { + (*idx)++; + ret= Xorriso_option_volid(xorriso,arg1,0); + } else if(strcmp(cmd,"--")==0){ /* tis ok */; @@ -11663,7 +11783,7 @@ int Xorriso_prescan_args(struct XorrisO *xorriso, int argc, char **argv, 1 ok, go on */ { - int i, ret, was_dashed, num2; + int i, ret, was_dashed, num2, arg_count; int was_report_about= 0, was_abort_on= 0, was_return_with= 0; char *cmd, *original_cmd, cmd_data[5*SfileadrL], *arg1, *arg2; @@ -11671,22 +11791,11 @@ int Xorriso_prescan_args(struct XorrisO *xorriso, int argc, char **argv, original_cmd= cmd= argv[i]; was_dashed= 0; -#ifdef NIX - - if(cmd[0]=='-' && cmd[1]!='-' && cmd[1]!=0) { - was_dashed= 1; - cmd++; - } - -#else /* NIX */ - was_dashed= Xorriso_normalize_command(xorriso, original_cmd, i, cmd_data, sizeof(cmd_data), &cmd, 0); if(was_dashed<0) return(-1); -#endif /* ! NIX */ - arg1= ""; if(i+1