Browse files

- make example solv program a tiny bit more secure (shouldn't use sys…

…tem() at all)
  • Loading branch information...
1 parent b69427b commit 040f122b7f1deba82ed856a50295569a5aa97f71 @mlschroe mlschroe committed Apr 4, 2012
Showing with 14 additions and 7 deletions.
  1. +11 −4 examples/solv.c
  2. +3 −3 src/pool.c
View
15 examples/solv.c
@@ -3233,21 +3233,28 @@ main(int argc, char **argv)
const char *seqnum;
const char *seq;
const char *dloc;
+ const char *archstr;
FILE *fp;
char cmd[128];
int newfd;
+ archstr = pool_id2str(pool, s->arch);
+ if (strlen(archstr) > 10 || strchr(archstr, '\'') != 0)
+ continue;
+
seqname = pool_lookup_str(pool, SOLVID_POS, DELTA_SEQ_NAME);
seqevr = pool_lookup_str(pool, SOLVID_POS, DELTA_SEQ_EVR);
seqnum = pool_lookup_str(pool, SOLVID_POS, DELTA_SEQ_NUM);
seq = pool_tmpjoin(pool, seqname, "-", seqevr);
seq = pool_tmpappend(pool, seq, "-", seqnum);
+ if (strchr(seq, '\'') != 0)
+ continue;
#ifdef FEDORA
- sprintf(cmd, "/usr/bin/applydeltarpm -a %s -c -s ", pool_id2str(pool, s->arch));
+ sprintf(cmd, "/usr/bin/applydeltarpm -a '%s' -c -s '", archstr);
#else
- sprintf(cmd, "/usr/bin/applydeltarpm -c -s ");
+ sprintf(cmd, "/usr/bin/applydeltarpm -c -s '");
#endif
- if (system(pool_tmpjoin(pool, cmd, seq, 0)) != 0)
+ if (system(pool_tmpjoin(pool, cmd, seq, "'")) != 0)
continue; /* didn't match */
/* looks good, download delta */
chksumtype = 0;
@@ -3263,7 +3270,7 @@ main(int argc, char **argv)
/* got it, now reconstruct */
newfd = opentmpfile();
#ifdef FEDORA
- sprintf(cmd, "applydeltarpm -a %s /dev/fd/%d /dev/fd/%d", pool_id2str(pool, s->arch), fileno(fp), newfd);
+ sprintf(cmd, "applydeltarpm -a '%s' /dev/fd/%d /dev/fd/%d", archstr, fileno(fp), newfd);
#else
sprintf(cmd, "applydeltarpm /dev/fd/%d /dev/fd/%d", fileno(fp), newfd);
#endif
View
6 src/pool.c
@@ -131,11 +131,11 @@ pool_setdisttype(Pool *pool, int disttype)
{
pool->disttype = disttype;
if (disttype == DISTTYPE_RPM)
- pool->noarchid == ARCH_NOARCH;
+ pool->noarchid = ARCH_NOARCH;
if (disttype == DISTTYPE_DEB)
- pool->noarchid == ARCH_ALL;
+ pool->noarchid = ARCH_ALL;
if (disttype == DISTTYPE_ARCH)
- pool->noarchid == ARCH_ANY;
+ pool->noarchid = ARCH_ANY;
pool->solvables[SYSTEMSOLVABLE].arch = pool->noarchid;
}
#endif

0 comments on commit 040f122

Please sign in to comment.