]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3d8a3ff)
browser-wpadebug: Use more robust mechanism for starting browser
authorJouni Malinen <jouni@qca.qualcomm.com>
Mon, 6 Oct 2014 15:51:22 +0000 (18:51 +0300)
committerJouni Malinen <j@w1.fi>
Thu, 9 Oct 2014 14:38:25 +0000 (17:38 +0300)
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
src/utils/browser-wpadebug.c patch | blob | blame | history

diff --git a/src/utils/browser-wpadebug.c b/src/utils/browser-wpadebug.c
index eeb8f650dc398d0053eec602ca00c473128f2e61..ce3054bb231022a8d50c34e34b7c56c40d055ab8 100644 (file)
--- a/src/utils/browser-wpadebug.c
+++ b/src/utils/browser-wpadebug.c
@@ -76,7 +76,7 @@ int hs20_web_browser(const char *url)
        os_memset(&data, 0, sizeof(data));
 
        ret = os_snprintf(cmd, sizeof(cmd),
-                         "am start -a android.action.MAIN "
+                         "start -a android.action.MAIN "
                          "-c android.intent.category.LAUNCHER "
                          "-n w1.fi.wpadebug/.WpaWebViewActivity "
                          "-e w1.fi.wpadebug.URL '%s'", url);
@@ -97,7 +97,7 @@ int hs20_web_browser(const char *url)
                return -1;
        }
 
-       if (system(cmd) != 0) {
+       if (os_exec("/system/bin/am", cmd, 1) != 0) {
                wpa_printf(MSG_INFO, "Failed to launch wpadebug browser");
                eloop_cancel_timeout(browser_timeout, NULL, NULL);
                http_server_deinit(http);
@@ -112,10 +112,11 @@ int hs20_web_browser(const char *url)
        eloop_destroy();
 
        wpa_printf(MSG_INFO, "Closing Android browser");
-       if (system("am start -a android.action.MAIN "
-                  "-c android.intent.category.LAUNCHER "
-                  "-n w1.fi.wpadebug/.WpaWebViewActivity "
-                  "-e w1.fi.wpadebug.URL FINISH") != 0) {
+       if (os_exec("/system/bin/am",
+                   "start -a android.action.MAIN "
+                   "-c android.intent.category.LAUNCHER "
+                   "-n w1.fi.wpadebug/.WpaWebViewActivity "
+                   "-e w1.fi.wpadebug.URL FINISH", 1) != 0) {
                wpa_printf(MSG_INFO, "Failed to close wpadebug browser");
        }
 
Unnamed repository; edit this file 'description' to name the repository.