Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/a2ps/patches/CVE-2004-1170.patch
author Vladimir Marek <Vladimir.Marek@oracle.com>
Thu, 18 Aug 2011 12:40:34 -0700
changeset 483 039b6fd5ced3
permissions -rw-r--r--
7008719 Problem with print/a2ps
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
483
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     1
 
--- ap2s/src/select.c.orig	Thu Dec 16 02:04:56 1999
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     2
 
+++ ap2s/src/select.c	Sat Aug 21 12:05:31 2004
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     3
 
@@ -131,6 +131,36 @@
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     4
 
   return 1;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     5
 
 }
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     6
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     7
 
+/* escapes the name of a file so that the shell groks it in 'single' q.marks.
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     8
 
+   The resulting pointer has to be free()ed when not longer used. */
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
     9
 
+char *
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    10
 
+shell_escape(const char *fn)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    11
 
+{
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    12
 
+  size_t len = 0;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    13
 
+  const char *inp;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    14
 
+  char *retval, *outp;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    15
 
+
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    16
 
+  for(inp = fn; *inp; ++inp)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    17
 
+    switch(*inp)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    18
 
+    {
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    19
 
+      case '\'': len += 4; break;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    20
 
+      default:   len += 1; break;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    21
 
+    }
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    22
 
+
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    23
 
+  outp = retval = malloc(len + 1);
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    24
 
+  if(!outp)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    25
 
+    return NULL; /* perhaps one should do better error handling here */
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    26
 
+  for(inp = fn; *inp; ++inp)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    27
 
+    switch(*inp)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    28
 
+    {
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    29
 
+      case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    30
 
+      default:   *outp++ = *inp; break;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    31
 
+    }
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    32
 
+  *outp = 0;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    33
 
+
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    34
 
+  return retval;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    35
 
+}
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    36
 
+
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    37
 
 /* What says file about the type of a file (result is malloc'd).  NULL
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    38
 
   if could not be run.  */
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    39
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    40
 
@@ -144,11 +174,15 @@
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    41
 
   if (IS_EMPTY (job->file_command))
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    42
 
     return NULL;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    43
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    44
 
+  filename = shell_escape(filename);
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    45
 
+  if(filename == NULL)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    46
 
+    return NULL;
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    47
 
   /* Call file(1) with the correct option */
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    48
 
-  command = ALLOCA (char, (2
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    49
 
+  command = ALLOCA (char, (4
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    50
 
 			   + strlen (job->file_command)
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    51
 
 			   + ustrlen (filename)));
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    52
 
-  sprintf (command, "%s %s", job->file_command, (const char *) filename);
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    53
 
+  sprintf (command, "%s '%s'", job->file_command, (const char *) filename);
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    54
 
+  free(filename);
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    55
 
   message (msg_tool, (stderr, "Reading pipe: `%s'\n", command));
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    56
 
   file_out = popen (command, "r");
039b6fd5ced3 7008719 Problem with print/a2ps
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff changeset 
    57
upstream/oracle/userland-gate