[Pinfo-devel] r53 - pinfo/branches/cxx/src

[Nathanael Nerode]

Author: neroden-guest
Date: 2005-08-28 20:57:22 +0000 (Sun, 28 Aug 2005)
New Revision: 53

Modified:
   pinfo/branches/cxx/src/pinfo.cxx
   pinfo/branches/cxx/src/utils.cxx
   pinfo/branches/cxx/src/utils.h
Log:
Convert checkfilename, interface, and callers, plus low-hanging-fruit in
pinfo.cxx.



Modified: pinfo/branches/cxx/src/pinfo.cxx
===================================================================
--- pinfo/branches/cxx/src/pinfo.cxx	2005-08-28 20:44:07 UTC (rev 52)
+++ pinfo/branches/cxx/src/pinfo.cxx	2005-08-28 20:57:22 UTC (rev 53)
@@ -153,11 +153,12 @@
 					char filename[256];
 					char *tmp;
 					strncpy(filename, argv[argc - 1], 200);
-					/* security check */
-					checkfilename(filename);
+					/* Check for unsafe filenames */
+					string filename_string = filename;
+					checkfilename(filename_string);
 					/* add the raw path to searchpath */
-					string filename_string = filename;
 					addrawpath(filename_string);
+
 					tmp = filename + strlen(filename) - 1;
 					/* later, openinfo automaticaly adds them */
 					strip_compression_suffix(filename);
@@ -299,15 +300,16 @@
 			}
 		}
 
+		string filename_string = filename;
 		/* security check */
-		checkfilename(filename);
+		checkfilename(filename_string);
 
 		/* autodetect raw filenames */
-		if ((strncmp(filename,"../",3)==0)||
-				(strncmp(filename,"./",2)==0)||
-				(filename[0]=='/'))
+		if (    (filename_string.length() >= 1 && filename_string.substr(0, 1) == "/")
+		     || (filename_string.length() >= 2 && filename_string.substr(0, 2) == "./")
+		     || (filename_string.length() >= 3 && filename_string.substr(0, 3) == "../")
+		   )
 		{
-			string filename_string = filename;
 			addrawpath(filename_string);
 		}
 

Modified: pinfo/branches/cxx/src/utils.cxx
===================================================================
--- pinfo/branches/cxx/src/utils.cxx	2005-08-28 20:44:07 UTC (rev 52)
+++ pinfo/branches/cxx/src/utils.cxx	2005-08-28 20:57:22 UTC (rev 53)
@@ -20,6 +20,8 @@
  ***************************************************************************/
 
 #include "common_includes.h"
+#include <string>
+using std::string;
 
 RCSID("$Id$")
 
@@ -209,9 +211,14 @@
 		mvaddch(y, x + i, ch);
 }
 
+/*
+ * Check filename for dangerous characters and bail out if
+ * we find any.
+ */
 void
-checkfilename(char *filename)
+checkfilename(const string filename_string)
 {
+	const char * filename = filename_string.c_str();
 	if ((strchr(filename, '<')) ||
 			(strchr(filename, '>')) ||
 			(strchr(filename, '|')) ||

Modified: pinfo/branches/cxx/src/utils.h
===================================================================
--- pinfo/branches/cxx/src/utils.h	2005-08-28 20:44:07 UTC (rev 52)
+++ pinfo/branches/cxx/src/utils.h	2005-08-28 20:57:22 UTC (rev 53)
@@ -22,6 +22,8 @@
 #ifndef __UTILS_H
 #define __UTILS_H
 
+#include <string>
+
 extern char *safe_user;
 extern char *safe_group;
 
@@ -47,8 +49,8 @@
 void *xrealloc (void *ptr, size_t size);
 /* initializes GNU locales */
 void initlocale ();
-/* checks if file name does not cause secuirity problems */
-void checkfilename (char *filename);
+/* bail out if file name causes security problems */
+void checkfilename (const std::string filename);
 /* closes the program, and removes temporary files */
 void closeprogram ();
 /* initializes curses interface */