From: Michael Tremer Date: Sat, 12 Oct 2013 14:20:20 +0000 (+0200) Subject: misc-progs: Fix invalid command line argument parsing. X-Git-Tag: v2.15-beta1~198 X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=ab89cb2253f0a46cc05e239afbb62155dfd47fd1 misc-progs: Fix invalid command line argument parsing. Fixes #10431. --- diff --git a/src/misc-progs/backupctrl.c b/src/misc-progs/backupctrl.c index 2941117b03..00c8d5b86e 100644 --- a/src/misc-progs/backupctrl.c +++ b/src/misc-progs/backupctrl.c @@ -15,31 +15,30 @@ int main(int argc, char *argv[]) { int i; - char command[1024]; - char add[STRING_SIZE]; - + char command[STRING_SIZE] = "/var/ipfire/backup/bin/backup.pl"; + char temp[STRING_SIZE]; + if (!(initsetuid())) exit(1); - snprintf(command, STRING_SIZE, "/var/ipfire/backup/bin/backup.pl"); - for (i = 1; i < argc; i++) { - if (strstr(argv[i], "&&")){ - fprintf (stderr, "Bad Argument!\n"); - exit (1); - } - else if (strstr(argv[i], "|")){ - fprintf (stderr, "Bad Argument!\n"); - exit (1); - } - else if (argc > 3){ - fprintf (stderr, "Too Many Arguments!\n"); - exit (1); + if (strstr(argv[i], "&&")){ + fprintf (stderr, "Bad Argument!\n"); + exit (1); + + } else if (strstr(argv[i], "|")) { + fprintf (stderr, "Bad Argument!\n"); + exit (1); + + } else if (argc > 3) { + fprintf (stderr, "Too Many Arguments!\n"); + exit (1); + + } else { + snprintf(temp, STRING_SIZE, "%s %s", command, argv[i]); + snprintf(command, STRING_SIZE, "%s", temp); } - else{ - sprintf(add, " %s", argv[i]); - strcat(command, add); - } } + return safe_system(command); } diff --git a/src/misc-progs/pakfire.c b/src/misc-progs/pakfire.c index 113216faa7..fe6edfc329 100644 --- a/src/misc-progs/pakfire.c +++ b/src/misc-progs/pakfire.c @@ -15,18 +15,16 @@ int main(int argc, char *argv[]) { int i; - char command[1024]; - char add[STRING_SIZE]; - + char command[STRING_SIZE] = "/opt/pakfire/pakfire"; + char temp[STRING_SIZE]; + if (!(initsetuid())) exit(1); - snprintf(command, STRING_SIZE, "/opt/pakfire/pakfire"); - for (i = 1; i < argc; i++) { - sprintf(add, " %s", argv[i]); - strcat(command, add); + snprintf(temp, STRING_SIZE, "%s %s", command, argv[i]); + snprintf(command, STRING_SIZE, "%s", temp); } - + return safe_system(command); } diff --git a/src/misc-progs/smartctrl.c b/src/misc-progs/smartctrl.c index d9dd8463fb..c6451acba3 100644 --- a/src/misc-progs/smartctrl.c +++ b/src/misc-progs/smartctrl.c @@ -13,31 +13,28 @@ #include #include "setuid.h" -#define BUFFER_SIZE 1024 - -char command[BUFFER_SIZE]; - int main(int argc, char *argv[]) { - if (!(initsetuid())) - exit(1); + exit(1); - if (argc < 2) { - fprintf(stderr, "\nNo argument given.\n\nsmartctrl \n\n"); - exit(1); - } + if (argc < 2) { + fprintf(stderr, "\nNo argument given.\n\nsmartctrl \n\n"); + exit(1); + } + char command[STRING_SIZE]; + snprintf(command, STRING_SIZE, "/var/run/hddshutdown-%s", argv[1]); - sprintf(command, "/var/run/hddshutdown-%s", argv[1]); - FILE *fp = fopen(command,"r"); - if( fp ) { + FILE *fp = fopen(command, "r"); + if (fp != NULL) { fclose(fp); + printf("\nDisk %s is in Standby. Do nothing because we won't wakeup\n",argv[1]); - exit(1); + exit(1); } - sprintf(command, "smartctl -iHA /dev/%s", argv[1]); - safe_system(command); + snprintf(command, STRING_SIZE, "smartctl -iHA /dev/%s", argv[1]); + safe_system(command); return 0; }