diff options
Diffstat (limited to 'recipes-core/swupd-server/swupd-server-2.53/0002-Add-system_argv-helper-for-safer-calls-to-system-uti.patch')
-rw-r--r-- | recipes-core/swupd-server/swupd-server-2.53/0002-Add-system_argv-helper-for-safer-calls-to-system-uti.patch | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/recipes-core/swupd-server/swupd-server-2.53/0002-Add-system_argv-helper-for-safer-calls-to-system-uti.patch b/recipes-core/swupd-server/swupd-server-2.53/0002-Add-system_argv-helper-for-safer-calls-to-system-uti.patch new file mode 100644 index 0000000..037ea6b --- /dev/null +++ b/recipes-core/swupd-server/swupd-server-2.53/0002-Add-system_argv-helper-for-safer-calls-to-system-uti.patch @@ -0,0 +1,132 @@ +From a32179878e8e439948a4a6385515a0aea7a61592 Mon Sep 17 00:00:00 2001 +From: Dmitry Rozhkov <dmitry.rozhkov@intel.com> +Date: Fri, 29 Jan 2016 17:48:46 +0200 +Subject: [PATCH] Add system_argv() helper for safer calls to system utilities + +Often file names contain special characters like hashes or +whitespaces and that makes escaping a difficult task when using +system(). Thus add a new helper system_argv() that is based +on execvp() syscall and doesn't require escaping. + +Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@intel.com> + +Upstream-Status: Backport (v2.54+) + +--- + include/swupd.h | 1 + + src/fullfiles.c | 6 ++---- + src/helpers.c | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 66 insertions(+), 4 deletions(-) + +diff --git a/include/swupd.h b/include/swupd.h +index 522ac2e..ad4b967 100644 +--- a/include/swupd.h ++++ b/include/swupd.h +@@ -228,6 +228,7 @@ extern FILE * fopen_exclusive(const char *filename); /* no mode, opens for write + extern void dump_file_info(struct file *file); + extern void string_or_die(char **strp, const char *fmt, ...); + extern void print_elapsed_time(struct timeval *previous_time, struct timeval *current_time); ++extern int system_argv(char *const argv[]); + + extern bool signature_initialize(void); + extern void signature_terminate(void); +diff --git a/src/fullfiles.c b/src/fullfiles.c +index 1bb581e..fa78293 100644 +--- a/src/fullfiles.c ++++ b/src/fullfiles.c +@@ -138,12 +138,10 @@ static void create_fullfile(struct file *file) + string_or_die(&tempfile, "%s/%s", empty, file->hash); + if (link(origin, tempfile) < 0) { + LOG(NULL, "hardlink failed", "%s due to %s (%s -> %s)", file->filename, strerror(errno), origin, tempfile); +- string_or_die(&tarcommand, "cp -a %s %s", origin, tempfile); +- if (system(tarcommand) != 0) { +- LOG(NULL, "Failed to run command:", "%s", tarcommand); ++ char *const argv[] = {"cp", "-a", origin, tempfile, NULL}; ++ if (system_argv(argv) != 0) { + assert(0); + } +- free(tarcommand); + } + + /* step 2a: tar it with each compression type */ +diff --git a/src/helpers.c b/src/helpers.c +index 65acffd..5884b51 100644 +--- a/src/helpers.c ++++ b/src/helpers.c +@@ -29,6 +29,7 @@ + #include <sys/types.h> + #include <sys/stat.h> + #include <sys/time.h> ++#include <sys/wait.h> + #include <fcntl.h> + #include <errno.h> + +@@ -124,3 +125,65 @@ void print_elapsed_time(struct timeval *previous_time, struct timeval *current_t + + free(elapsed); + } ++ ++void concat_str_array(char **output, char *const argv[]) ++{ ++ int size = 0; ++ ++ for (int i = 0; argv[i]; i++) { ++ size += strlen(argv[i]) + 1; ++ } ++ ++ *output = malloc(size + 1); ++ if (!*output) { ++ LOG(NULL, "Failed to allocate", "%i bytes", size); ++ assert(0); ++ } ++ strcpy(*output, ""); ++ for (int i = 0; argv[i]; i++) { ++ strcat(*output, argv[i]); ++ strcat(*output, " "); ++ } ++} ++ ++int system_argv(char *const argv[]) ++{ ++ int child_exit_status; ++ pid_t pid; ++ int status; ++ ++ pid = fork(); ++ ++ if (pid == 0) { /* child */ ++ execvp(*argv, argv); ++ LOG(NULL, "This line must not be reached", ""); ++ assert(0); ++ } else if (pid < 0) { ++ LOG(NULL, "Failed to fork a child process", ""); ++ assert(0); ++ } else { ++ pid_t ws = waitpid(pid, &child_exit_status, 0); ++ ++ if (ws == -1) { ++ LOG(NULL, "Failed to wait for child process", ""); ++ assert(0); ++ } ++ ++ if (WIFEXITED(child_exit_status)) { ++ status = WEXITSTATUS(child_exit_status); ++ } else { ++ LOG(NULL, "Child process didn't exit", ""); ++ assert(0); ++ } ++ ++ if (status != 0) { ++ char* cmdline = NULL; ++ ++ concat_str_array(&cmdline, argv); ++ LOG(NULL, "Failed to run command:", "%s", cmdline); ++ free(cmdline); ++ } ++ ++ return status; ++ } ++} +-- +2.5.0 + |