pkg_install-20080916:

Quote arguments of @exec and @unexec correctly.
author: joerg <joerg> 2008-09-16 19:03:54 +0000
committer: joerg <joerg> 2008-09-16 19:03:54 +0000
commit: 0540f2eb9278b131339022525384840aebe9f41f (patch)
tree: b0c1116b339a9047feda2a5a3aa9de27575031f4
parent: fcb1e80bbcae054ee4023194c20f9665c6c8ffef (diff)
download: pkgsrc-0540f2eb9278b131339022525384840aebe9f41f.tar.gz
2 files changed, 72 insertions, 49 deletions
diff --git a/pkgtools/pkg_install/files/lib/file.c b/pkgtools/pkg_install/files/lib/file.c
index 2eff592be45..1109cb182ba 100644
--- a/pkgtools/pkg_install/files/lib/file.c
+++ b/pkgtools/pkg_install/files/lib/file.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: file.c,v 1.23.8.2 2008/08/21 16:04:39 joerg Exp $	*/
+/*	$NetBSD: file.c,v 1.23.8.3 2008/09/16 19:03:54 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -17,7 +17,7 @@
 #if 0
 static const char *rcsid = "from FreeBSD Id: file.c,v 1.29 1997/10/08 07:47:54 charnier Exp";
 #else
-__RCSID("$NetBSD: file.c,v 1.23.8.2 2008/08/21 16:04:39 joerg Exp $");
+__RCSID("$NetBSD: file.c,v 1.23.8.3 2008/09/16 19:03:54 joerg Exp $");
 #endif
 #endif
 
@@ -300,57 +300,80 @@ remove_files(const char *path, const char *pattern)
 int
 format_cmd(char *buf, size_t size, const char *fmt, const char *dir, const char *name)
 {
-	char    scratch[MaxPathSize * 2];
-	char   *bufp;
+	size_t  remaining, quoted;
+	char   *bufp, *tmp;
 	char   *cp;
 
-	for (bufp = buf; (int) (bufp - buf) < size && *fmt;) {
-		if (*fmt == '%') {
-			if (*++fmt != 'D' && name == NULL) {
-				warnx("no last file available for '%s' command", buf);
+	for (bufp = buf, remaining = size; remaining > 1 && *fmt;) {
+		if (*fmt != '%') {
+			*bufp++ = *fmt++;
+			--remaining;
+			continue;
+		}
+
+		if (*++fmt != 'D' && name == NULL) {
+			warnx("no last file available for '%s' command", buf);
+			return -1;
+		}
+		switch (*fmt) {
+		case 'F':
+			quoted = shquote(name, bufp, remaining);
+			if (quoted >= remaining) {
+				warnx("overflow during quoting");
 				return -1;
 			}
-			switch (*fmt) {
-			case 'F':
-				strlcpy(bufp, name, size - (int) (bufp - buf));
-				bufp += strlen(bufp);
-				break;
-
-			case 'D':
-				strlcpy(bufp, dir, size - (int) (bufp - buf));
-				bufp += strlen(bufp);
-				break;
-
-			case 'B':
-				(void) snprintf(scratch, sizeof(scratch), "%s/%s", dir, name);
-				if ((cp = strrchr(scratch, '/')) == (char *) NULL) {
-					cp = scratch;
-				}
-				*cp = '\0';
-				strlcpy(bufp, scratch, size - (int) (bufp - buf));
-				bufp += strlen(bufp);
-				break;
-
-			case 'f':
-				(void) snprintf(scratch, sizeof(scratch), "%s/%s", dir, name);
-				if ((cp = strrchr(scratch, '/')) == (char *) NULL) {
-					cp = scratch;
-				} else {
-					cp++;
-				}
-				strlcpy(bufp, cp, size - (int) (bufp - buf));
-				bufp += strlen(bufp);
-				break;
-
-			default:
-				*bufp++ = '%';
-				*bufp++ = *fmt;
-				break;
+			bufp += quoted;
+			remaining -= quoted;
+			break;
+
+		case 'D':
+			quoted = shquote(dir, bufp, remaining);
+			if (quoted >= remaining) {
+				warnx("overflow during quoting");
+				return -1;
 			}
-			++fmt;
-		} else {
-			*bufp++ = *fmt++;
+			bufp += quoted;
+			remaining -= quoted;
+			break;
+
+		case 'B':
+			tmp = xasprintf("%s/%s", dir, name);
+			cp = strrchr(tmp, '/');
+			*cp = '\0';
+			quoted = shquote(tmp, bufp, remaining);
+			free(tmp);
+			if (quoted >= remaining) {
+				warnx("overflow during quoting");
+				return -1;
+			}
+			bufp += quoted;
+			remaining -= quoted;
+			break;
+
+		case 'f':
+			tmp = xasprintf("%s/%s", dir, name);
+			cp = strrchr(tmp, '/') + 1;
+			quoted = shquote(cp, bufp, remaining);
+			free(tmp);
+			if (quoted >= remaining) {
+				warnx("overflow during quoting");
+				return -1;
+			}
+			bufp += quoted;
+			remaining -= quoted;
+			break;
+
+		default:
+			if (remaining == 1) {
+				warnx("overflow during quoting");
+				return -1;
+			}
+			*bufp++ = '%';
+			*bufp++ = *fmt;
+			remaining -= 2;
+			break;
 		}
+		++fmt;
 	}
 	*bufp = '\0';
 	return 0;
diff --git a/pkgtools/pkg_install/files/lib/version.h b/pkgtools/pkg_install/files/lib/version.h
index f802e5bb207..ace5e5d64c8 100644
--- a/pkgtools/pkg_install/files/lib/version.h
+++ b/pkgtools/pkg_install/files/lib/version.h
@@ -1,4 +1,4 @@
-/*	$NetBSD: version.h,v 1.102.2.15 2008/08/25 19:15:11 joerg Exp $	*/
+/*	$NetBSD: version.h,v 1.102.2.16 2008/09/16 19:03:54 joerg Exp $	*/
 
 /*
  * Copyright (c) 2001 Thomas Klausner.  All rights reserved.
@@ -27,6 +27,6 @@
 #ifndef _INST_LIB_VERSION_H_
 #define _INST_LIB_VERSION_H_
 
-#define PKGTOOLS_VERSION "20080825"
+#define PKGTOOLS_VERSION "20080916"
 
 #endif /* _INST_LIB_VERSION_H_ */
author	joerg <joerg>	2008-09-16 19:03:54 +0000
committer	joerg <joerg>	2008-09-16 19:03:54 +0000
commit	0540f2eb9278b131339022525384840aebe9f41f (patch)
tree	b0c1116b339a9047feda2a5a3aa9de27575031f4
parent	fcb1e80bbcae054ee4023194c20f9665c6c8ffef (diff)
download	pkgsrc-0540f2eb9278b131339022525384840aebe9f41f.tar.gz