From: W.C.A. Wijngaards Date: Mon, 11 Nov 2019 11:02:51 +0000 (+0100) Subject: - Fix #109: check number of arguments for stdin-pipes in X-Git-Tag: release-1.9.6rc1~80 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=29b90c6e58e953bd014fe5fb7c211b6a06a6c4b4;p=thirdparty%2Funbound.git - Fix #109: check number of arguments for stdin-pipes in unbound-control and fail if too many arguments. --- diff --git a/doc/Changelog b/doc/Changelog index 3a00c686e..a1981c931 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +11 November 2019: Wouter + - Fix #109: check number of arguments for stdin-pipes in + unbound-control and fail if too many arguments. + 24 October 2019: Wouter - Fix #99: Memory leak in ub_ctx (event_base will never be freed). diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c index 01e2385fa..ebaa70559 100644 --- a/smallapp/unbound-control.c +++ b/smallapp/unbound-control.c @@ -690,6 +690,27 @@ remote_write(SSL* ssl, int fd, const char* buf, size_t len) } } +/** check args, to see if too many args. Because when a file is sent it + * would wait for the terminal, and we can check for too many arguments, + * eg. user put arguments on the commandline. */ +static void +check_args_for_listcmd(int argc, char* argv[]) +{ + if(argc >= 1 && (strcmp(argv[0], "local_zones") == 0 || + strcmp(argv[0], "local_zones_remove") == 0 || + strcmp(argv[0], "local_datas") == 0 || + strcmp(argv[0], "local_datas_remove") == 0) && + argc >= 2) { + fatal_exit("too many arguments for command '%s', " + "content is piped in from stdin", argv[0]); + } + if(argc >= 1 && strcmp(argv[0], "view_local_datas") == 0 && + argc >= 3) { + fatal_exit("too many arguments for command '%s', " + "content is piped in from stdin", argv[0]); + } +} + /** send stdin to server */ static void send_file(SSL* ssl, int fd, FILE* in, char* buf, size_t sz) @@ -853,6 +874,7 @@ int main(int argc, char* argv[]) print_stats_shm(cfgfile); return 0; } + check_args_for_listcmd(argc, argv); #ifdef USE_WINSOCK if((r = WSAStartup(MAKEWORD(2,2), &wsa_data)) != 0)