chiark
/
gitweb
/
~ian
/
userv.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Internal review up to end of p11.
[userv.git]
/
client.c
diff --git
a/client.c
b/client.c
index 9d12491be10c38eefc8bff5f22cd72fc3f90e833..bee10a1a3a5857d95b5a2491b46bf1c31939fab5 100644
(file)
--- a/
client.c
+++ b/
client.c
@@
-264,6
+264,7
@@
static void xfwrite(const void *p, size_t sz, FILE *file) {
static void xfwritestring(const char *s, FILE *file) {
int l;
l= strlen(s);
static void xfwritestring(const char *s, FILE *file) {
int l;
l= strlen(s);
+ assert(l<=MAX_GENERAL_STRING);
xfwrite(&l,sizeof(l),file);
xfwrite(s,sizeof(*s)*l,file);
}
xfwrite(&l,sizeof(l),file);
xfwrite(s,sizeof(*s)*l,file);
}
@@
-419,7
+420,12
@@
static void of_fdwait(const struct optioninfo *oip, const char *value, char *key
static void of_defvar(const struct optioninfo *oip, const char *value, char *key) {
int i;
static void of_defvar(const struct optioninfo *oip, const char *value, char *key) {
int i;
+ if (strlen(key)>MAX_GENERAL_STRING)
+ usageerror("variable name `%s' is far too long",key);
+ if (strlen(value)>MAX_GENERAL_STRING)
+ usageerror("variable `%s' has value `%s' which is far too long",key,value);
for (i=0; i<defvarsused && strcmp(defvarsarray[i][0],key); i++);
for (i=0; i<defvarsused && strcmp(defvarsarray[i][0],key); i++);
+ if (defvarsused >= MAX_ARGSDEFVARS) usageerror("far too many --defvar or -D options");
if (i>=defvarsavail) {
defvarsavail+=10; defvarsavail<<=1;
defvarsarray= xrealloc(defvarsarray,sizeof(const char*)*2*defvarsavail);
if (i>=defvarsavail) {
defvarsavail+=10; defvarsavail<<=1;
defvarsarray= xrealloc(defvarsarray,sizeof(const char*)*2*defvarsavail);
@@
-761,7
+767,9
@@
int main(int argc, char *const *argv) {
argc-= (argpp-argv);
argv= argpp;
argc-= (argpp-argv);
argv= argpp;
-
+ if (argc > MAX_ARGSDEFVARS) usageerror("far too many arguments");
+ if (ngids > MAX_GIDS) miscerror("caller is in far too many gids");
+
pw= getpwnam(serviceuser);
if (!pw) miscerror("requested service user `%s' is not a user",serviceuser);
serviceuid= pw->pw_uid;
pw= getpwnam(serviceuser);
if (!pw) miscerror("requested service user `%s' is not a user",serviceuser);
serviceuid= pw->pw_uid;
@@
-972,6
+980,7
@@
int main(int argc, char *const *argv) {
if (fdsetup[fd].catpid==-1) syscallerror("fork for cat for fd %d",fd);
if (!fdsetup[fd].catpid) {
snprintf(catnamebuf,sizeof(catnamebuf),"cat fd%d",fd);
if (fdsetup[fd].catpid==-1) syscallerror("fork for cat for fd %d",fd);
if (!fdsetup[fd].catpid) {
snprintf(catnamebuf,sizeof(catnamebuf),"cat fd%d",fd);
+ catnamebuf[sizeof(catnamebuf)-1]= 0;
sig.sa_handler= SIG_DFL;
sigemptyset(&sig.sa_mask);
sig.sa_flags= 0;
sig.sa_handler= SIG_DFL;
sigemptyset(&sig.sa_mask);
sig.sa_flags= 0;
@@
-980,11
+989,10
@@
int main(int argc, char *const *argv) {
catnamebuf,strerror(errno));
exit(-1);
}
catnamebuf,strerror(errno));
exit(-1);
}
- catnamebuf[sizeof(catnamebuf)-1]= 0;
reading= fdsetup[fd].mods & fdm_read;
catdup(catnamebuf, fdsetup[fd].copyfd, reading ? 0 : 1);
catdup(catnamebuf, fdsetup[fd].pipefd, reading ? 1 : 0);
reading= fdsetup[fd].mods & fdm_read;
catdup(catnamebuf, fdsetup[fd].copyfd, reading ? 0 : 1);
catdup(catnamebuf, fdsetup[fd].pipefd, reading ? 1 : 0);
- execl
p("
cat",catnamebuf,(char*)0);
+ execl
("/bin/
cat",catnamebuf,(char*)0);
fprintf(stderr,"userv: %s: cannot exec `cat': %s\n",catnamebuf,strerror(errno));
exit(-1);
}
fprintf(stderr,"userv: %s: cannot exec `cat': %s\n",catnamebuf,strerror(errno));
exit(-1);
}