[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: KDE
From: Oswald Buddenhagen <ossi () kde ! org>
Date: 2010-11-13 20:42:56
Message-ID: 20101113204256.36303AC89E () svn ! kde ! org
[Download RAW message or body]
SVN commit 1196658 by ossi:
support control chars in commands executed via kdesu
FEATURE: 198967
FIXED-IN: 4.6
M +14 -3 kdebase/runtime/kdesu/kdesud/lexer.cpp
M +16 -5 kdelibs/kdesu/client.cpp
M +21 -1 kdelibs/kdesu/kdesu_stub.c
M +21 -2 kdelibs/kdesu/stub.cpp
M +1 -0 kdelibs/kdesu/stub.h
--- trunk/KDE/kdebase/runtime/kdesu/kdesud/lexer.cpp #1196657:1196658
@@ -73,10 +73,21 @@
c = m_Input[in++];
while ((c != '"') && !iscntrl(c)) {
// handle escaped characters
- if (c == '\\')
- m_Output += m_Input[in++];
- else
+ if (c == '\\') {
+ c = m_Input[in++];
+ if ((c == '"') || iscntrl(c))
+ return Tok_none;
+ if (c == '^') {
+ c = m_Input[in++];
+ if ((c == '"') || iscntrl(c))
+ return Tok_none;
+ m_Output += c - '@';
+ } else {
m_Output += c;
+ }
+ } else {
+ m_Output += c;
+ }
c = m_Input[in++];
}
if (c == '"')
--- trunk/KDE/kdelibs/kdesu/client.cpp #1196657:1196658
@@ -173,11 +173,22 @@
QByteArray KDEsuClient::escape(const QByteArray &str)
{
- QByteArray copy = str;
- copy.replace('\\', "\\\\");
- copy.replace('\"', "\\\"");
- copy.prepend("\"");
- copy.append("\"");
+ QByteArray copy;
+ copy.reserve(str.size() + 4);
+ copy.append('"');
+ for (int i = 0; i < str.size(); i++) {
+ uchar c = str.at(i);
+ if (c < 32) {
+ copy.append('\\');
+ copy.append('^');
+ copy.append(c + '@');
+ } else {
+ if (c == '\\' || c == '"')
+ copy.append('\\');
+ copy.append(c);
+ }
+ }
+ copy.append('"');
return copy;
}
--- trunk/KDE/kdelibs/kdesu/kdesu_stub.c #1196657:1196658
@@ -172,6 +172,24 @@
#define BUFSIZE 8192
+static void dequote(char *buf)
+{
+ char *in, *out;
+ for (in = buf, out = buf; *in; in++, out++) {
+ char c = *in;
+ if (c == '\\') {
+ c = *++in;
+ if (c == '/')
+ *out = '\\';
+ else
+ *out = c - '@';
+ } else {
+ *out = c;
+ }
+ }
+ *out = 0;
+}
+
/**
* The main program
*/
@@ -219,10 +237,11 @@
perror("kdesu_stub: fgets()");
exit(1);
}
+ dequote(buf);
tmp = xstrdup( buf );
if( tmp[ 0 ] == '\0' ) /* terminator */
break;
- putenv( xstrdup( buf ));
+ putenv(tmp);
}
printf("end\n");
@@ -384,6 +403,7 @@
setsid();
/* Child: exec command. */
sprintf(buf, "%s", params[P_COMMAND].value);
+ dequote(buf);
execl("/bin/sh", "sh", "-c", buf, (void *)0);
perror("kdesu_stub: exec()");
_exit(1);
--- trunk/KDE/kdelibs/kdesu/stub.cpp #1196657:1196658
@@ -89,6 +89,25 @@
return str;
}
+void StubProcess::writeString(const QByteArray &str)
+{
+ QByteArray out;
+ out.reserve(str.size() + 8);
+ for (int i = 0; i < str.size(); i++) {
+ uchar c = str.at(i);
+ if (c < 32) {
+ out.append('\\');
+ out.append(c + '@');
+ } else if (c == '\\') {
+ out.append('\\');
+ out.append('/');
+ } else {
+ out.append(c);
+ }
+ }
+ writeLine(out);
+}
+
/*
* Map pid_t to a signed integer type that makes sense for QByteArray;
* only the most common sizes 16 bit and 32 bit are special-cased.
@@ -138,7 +157,7 @@
writeLine("");
#endif
} else if (line == "command") {
- writeLine(m_Command);
+ writeString(m_Command);
} else if (line == "path") {
QByteArray path = qgetenv("PATH");
if (!path.isEmpty() && path[0] == ':')
@@ -182,7 +201,7 @@
} else if (line == "environment") { // additional env vars
QList<QByteArray> env = environment();
for (int i = 0; i < env.count(); ++i)
- writeLine(env.at(i));
+ writeString(env.at(i));
writeLine( "" );
} else if (line == "end") {
return 0;
--- trunk/KDE/kdelibs/kdesu/stub.h #1196657:1196658
@@ -95,6 +95,7 @@
private:
QByteArray commaSeparatedList(const QList<QByteArray> &);
+ void writeString(const QByteArray &str);
protected:
virtual void virtual_hook( int id, void* data );
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic