Some safety precautions against malicious input, enabled -cdx, -cdi for -add

This commit is contained in:
Thomas Schmitt 2007-10-15 20:36:33 +00:00
parent 50d49aa76c
commit 7a768d6f5a
2 changed files with 114 additions and 32 deletions

View File

@ -210,6 +210,28 @@ int Sfile_add_to_path(char path[SfileadrL], char *addon, int flag)
}
int Sfile_prepend_path(char *prefix, char path[SfileadrL], int flag)
{
int l, i;
l= strlen(path)+strlen(prefix)+1;
if(l>=SfileadrL) {
/* >>> */
fprintf(stderr,
"--- Combination of wd and relative address too long (%d > %d)\n",
l,SfileadrL-1);
return(-1);
}
l-= strlen(path);
for(i= strlen(path)+1; i>=0; i--)
path[i+l]= path[i];
strcpy(path,prefix);
path[l-1]= '/';
return(1);
}
int Sfile_being_group_member(struct stat *stbuf, int flag)
{
int i, suppl_groups;
@ -621,6 +643,27 @@ int Sfile_make_argv(char *progname, char *line, int *argc, char ***argv,
}
/* @param flag bit0= append */
int Sfile_str(char target[SfileadrL], char *source, int flag)
{
int l;
l= strlen(source);
if(flag&1)
l+= strlen(target);
if(l>=SfileadrL) {
fprintf(stderr, "--- Path string overflow (%d > %d). Malicious input ?\n",
l,SfileadrL-1);
return(0);
}
if(flag&1)
strcat(target, source);
else
strcpy(target, source);
return(1);
}
/** Combine environment variable HOME with given filename
@param filename Address relative to $HOME
@param fileadr Resulting combined address
@ -1580,8 +1623,10 @@ return:
Sort_argv(o->buffer_fill,o->buffer,0);
}
if(o->buffer_rpt<o->buffer_fill && !(flag&4)) {
strcpy(reply,o->buffer[o->buffer_rpt]);
ret= Sfile_str(reply,o->buffer[o->buffer_rpt],0);
Sregex_string(&(o->buffer[o->buffer_rpt]),NULL,0);
if(ret<=0)
return(-1);
(o->buffer_rpt)++;
if(!(flag&2))
o->count++;
@ -1603,7 +1648,8 @@ return:
break;
/* skip "." and ".." */
} while(name[0]=='.' && ((name[1]=='.' && name[2]==0) || name[1]==0));
strcpy(reply,name);
if(Sfile_str(reply,name,0)<=0)
return(-1);
if(!(flag&2))
o->count++;
return(1);
@ -1670,7 +1716,9 @@ int Xorriso_new(struct XorrisO ** xorriso,char *progname, int flag)
*xorriso= m= TSOB_FELD(struct XorrisO,1);
if(m==NULL)
return(-1);
strcpy(m->progname,progname);
strncpy(m->progname,progname,sizeof(m->progname)-1);
m->progname[sizeof(m->progname)-1]= 0;
if(getcwd(m->initial_wdx,sizeof(m->initial_wdx)-1)==NULL)
m->initial_wdx[0]= 0;
m->no_rc= 0;
@ -1680,7 +1728,7 @@ int Xorriso_new(struct XorrisO ** xorriso,char *progname, int flag)
m->rc_filenames[m->rc_filename_count-1][0]= 0;
m->wdi[0]= 0;
m->wdx[0]= 0;
strcpy(m->wdx, m->initial_wdx);
m->did_something_useful= 0;
m->do_joliet= 0;
m->do_follow_links= 0;
@ -1882,7 +1930,8 @@ int Xorriso_request_confirmation(struct XorrisO *xorriso, int flag)
*/
{
int ret;
char line[SfileadrL],*cpt,previous_line[SfileadrL],*abort_req_text,*abort_really_text;
char line[SfileadrL],*cpt,previous_line[SfileadrL];
char *abort_req_text,*abort_really_text;
if(flag&8) {
abort_req_text= "request to end";
@ -2146,7 +2195,8 @@ int Xorriso_restxt(struct XorrisO *xorriso, char *text)
{
int ret;
strcpy(xorriso->result_line,text);
strncpy(xorriso->result_line,text,sizeof(xorriso->result_line)-1);
xorriso->result_line[sizeof(xorriso->result_line)-1]= 0;
ret= Xorriso_result(xorriso,0);
return(ret);
}
@ -2314,8 +2364,12 @@ no_regex_available:;
for(i= 0;i<count;i++) {
npt= strchr(cpt,'/');
if(npt==NULL) {
if(strlen(cpt)>=sizeof(adr_part))
return(-1);
strcpy(adr_part,cpt);
} else {
if(npt-cpt>=sizeof(adr_part))
return(-1);
strncpy(adr_part,cpt,npt-cpt);
adr_part[npt-cpt]= 0;
}
@ -2392,8 +2446,11 @@ next_adr_part:;
} else if(xorriso->search_mode==3 || xorriso->search_mode==4) {
ret= Xorriso__bourne_to_reg(adr,xorriso->reg_expr,0);
is_constant= (ret==2);
} else
} else {
if(strlen(adr)>=sizeof(xorriso->reg_expr))
return(-1);
strcpy(xorriso->reg_expr,adr);
}
xorriso->re_count= 0; /* tells matcher that this is not structured */
xorriso->re_constants= TSOB_FELD(char *,1);
if(xorriso->re_constants==NULL)
@ -2879,7 +2936,8 @@ int Xorriso_option_abort_on(struct XorrisO *xorriso, char *severity, int flag)
return(0);
}
strcpy(xorriso->abort_on_severity,severity);
if(Sfile_str(xorriso->abort_on_severity,severity,0)<=0)
return(-1);
return(1);
}
@ -2889,29 +2947,44 @@ int Xorriso_option_add(struct XorrisO *xorriso, int argc, char **argv,
int *idx, int flag)
{
int i, end_idx, ret;
char *target, *source, *ept, *path= NULL;
char target[SfileadrL], source[SfileadrL], *ept;
end_idx= Xorriso__end_idx(argc, argv, *idx, 0);
for(i= *idx; i<end_idx; i++) {
target= source= argv[i];
if(xorriso->allow_graft_points) {
if(Sregex_string(&path,argv[i],0)<=0) {
/* >>> out of memory */;
if(Sfile_str(target,argv[i],0)<=0)
{ret= -1; goto ex;}
}
ret= Fileliste__target_source_limit(path, '=', &ept, 0);
strcpy(source, argv[i]);
if(xorriso->allow_graft_points) {
ret= Fileliste__target_source_limit(target, '=', &ept, 0);
if(ret>0) {
*ept= 0;
source= ept+1;
strcpy(source, ept+1);
}
}
if(target[0]!='/') {
ret= Sfile_prepend_path(xorriso->wdi, target, 0);
if(ret<=0)
goto ex;
}
#ifdef No_morE
/* now done in Xorriso_graft_in */
l= strlen(target);
while(l>1) /* >>> ??? >0 ? */
if(target[l-1]=='/')
target[--l]= 0;
else
break;
#endif /* <<< */
if(source[0]!='/') {
ret= Sfile_prepend_path(xorriso->wdx, source, 0);
if(ret<=0)
goto ex;
}
ret= Xorriso_graft_in(xorriso, source, target, 0);
if(path!=NULL)
Sregex_string(&path,NULL,0);
path= NULL;
if(ret<=0)
goto ex;
}
@ -2991,7 +3064,8 @@ int Xorriso_option_cdi(struct XorrisO *xorriso, char *iso_rr_path, int flag)
Xorriso_info(xorriso,0);
return(0);
}
strcpy(xorriso->wdi,iso_rr_path);
if(Sfile_str(xorriso->wdi,iso_rr_path,0)<=0)
return(-1);
l= strlen(xorriso->wdi);
while(l>0)
if(xorriso->wdi[l-1]=='/')
@ -3037,7 +3111,8 @@ int Xorriso_option_cdx(struct XorrisO *xorriso, char *disk_path, int flag)
Xorriso_info(xorriso,0);
return(0);
}
strcpy(xorriso->wdx,disk_path);
if(Sfile_str(xorriso->wdx,disk_path,0)<=0)
return(-1);
l= strlen(xorriso->wdx);
while(l>0)
if(xorriso->wdx[l-1]=='/')
@ -3196,8 +3271,10 @@ int Xorriso_option_dev(struct XorrisO *xorriso, char *adr, int flag)
ret= Xorriso_aquire_drive(xorriso, adr, flag&3);
if(ret<=0)
return(ret);
strcpy(xorriso->indev, adr);
strcpy(xorriso->outdev, adr);
if(Sfile_str(xorriso->indev, adr, 0)<=0)
return(-1);
if(Sfile_str(xorriso->outdev, adr, 0)<=0)
return(-1);
return(1);
}
@ -3265,7 +3342,9 @@ int Xorriso_option_end(struct XorrisO *xorriso, int flag)
if(ret<=0)
return(ret);
}
Xorriso_give_up_drive(xorriso, 3);
ret= Xorriso_give_up_drive(xorriso, 3);
if(ret<=0)
return(ret);
return(1);
}
@ -3685,7 +3764,8 @@ logfile_wrong_form:;
fileadr,(errno>0?strerror(errno):"-unknown error-"));
Xorriso_info(xorriso,0);
} else if(!(hflag&(1<<15)))
strcpy(xorriso->logfile[channel_no], fileadr);
if(Sfile_str(xorriso->logfile[channel_no], fileadr, 0)<=0)
return(-1);
return(ret>0);
}
@ -3896,7 +3976,8 @@ int Xorriso_option_prog(struct XorrisO *xorriso, char *name, int flag)
Xorriso_info(xorriso,1);
return(0);
}
strcpy(xorriso->progname,name);
if(Sfile_str(xorriso->progname,name,0)<=0)
return(-1);
return(1);
}
@ -3920,7 +4001,8 @@ int Xorriso_option_prompt(struct XorrisO *xorriso, char *text, int flag)
int ret;
char line[80];
strcpy(xorriso->result_line,text);
strncpy(xorriso->result_line,text,sizeof(xorriso->result_line)-1);
xorriso->result_line[sizeof(xorriso->result_line)-1]= 0;
Xorriso_result(xorriso,0);
ret= Xorriso_dialog_input(xorriso, line, sizeof(line),1);
return(ret);

View File

@ -1 +1 @@
#define Xorriso_timestamP "2007.10.15.160303"
#define Xorriso_timestamP "2007.10.15.203554"