folkslinux
/
rpm
mirror of https://github.com/rpm-software-management/rpm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed buffer problems in doShellEscape 

When the output from a command is empty, nothing stops doShellEscape from
chopping newlines past the beginning of the buffer.  This problem was first
identified by Dmitry V. Levin in July 2009.

Also, there is an off-by-one error in replacing trailing '\n' with '\0'.
This problem, however, escaped the attention of Dmitry V. Levin in July 2009.

Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
This commit is contained in:
Alexey Tourbin 2013-02-07 03:44:41 +00:00 committed by Panu Matilainen
parent cca91666d0
commit 2d647098c8
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
rpmio/macro.c
View File

@ -480,14 +480,16 @@ doShellEscape(MacroBuf mb, const char * cmd, size_t clen)
rc = 1;
goto exit;
}
size_t tpos = mb->tpos;
while((c = fgetc(shf)) != EOF) {
mbAppend(mb, c);
}
(void) pclose(shf);
/* XXX delete trailing \r \n */
while (iseol(mb->buf[mb->tpos-1])) {
mb->buf[mb->tpos--] = '\0';
/* Delete trailing \r \n */
while (mb->tpos > tpos && iseol(mb->buf[mb->tpos-1])) {
mb->buf[--mb->tpos] = '\0';
mb->nb++;
}