empire/empserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reject unexpected redirections:

Browse source 
(redir_authorized): New parameter expected, reject when zero.
(doredir): Pass !redir_fp, do not close it.  Before, an unexpected
redirection silently replaced the existing one.
(dopipe): Pass !redir_fp.  Before, an unexpected redirection silently
replaced the existing one, leaking its FILE.
(doexecute): Pass 1.
This commit is contained in:
Markus Armbruster 2007-11-29 06:04:30 +00:00
parent a29a8f43ab
commit c09d449204
1 changed files with 10 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/client/servcmd.c
View file

@ -158,7 +158,7 @@ fname(char *s)
}
static int
redir_authorized(char *arg, char *attempt)
redir_authorized(char *arg, char *attempt, int expected)
{
size_t seen = seen_input(arg);
@ -167,6 +167,12 @@ redir_authorized(char *arg, char *attempt)
return 0;
}
if (!expected) {
fprintf(stderr, "WARNING! Server attempted to %s unexpectedly\n",
attempt);
return 0;
}
if (!seen || (input_to_forget && input_to_forget != seen)) {
fprintf(stderr, "WARNING! Server attempted to %s %s\n",
attempt, arg);
@ -182,12 +188,7 @@ doredir(char *p)
int mode;
int fd;
if (redir_fp) {
(void)fclose(redir_fp);
redir_fp = NULL;
}
if (!redir_authorized(p, "redirect to file"))
if (!redir_authorized(p, "redirect to file", !redir_fp))
return;
if (*p++ != '>') {
fprintf(stderr, "WARNING! Weird redirection %s", p);
@ -222,7 +223,7 @@ doredir(char *p)
static void
dopipe(char *p)
{
if (!redir_authorized(p, "pipe to shell command"))
if (!redir_authorized(p, "pipe to shell command", !redir_fp))
return;
if (*p++ != '|') {
fprintf(stderr, "WARNING! Weird pipe %s", p);
@ -247,7 +248,7 @@ doexecute(char *p)
{
int fd;
if (!redir_authorized(p, "execute script file"))
if (!redir_authorized(p, "execute script file", 1))
return -1;
p = fname(p);