diff options
| author | Simon McVittie <smcv@debian.org> | 2016-05-11 09:18:14 +0100 |
|---|---|---|
| committer | Simon McVittie <smcv@debian.org> | 2016-05-11 09:18:14 +0100 |
| commit | 5f6f9a1beab327be2728d44c1996408176f6800e (patch) | |
| tree | 2c9cda07a8776dea92bc12a4b80648132d4b0ae2 /IkiWiki | |
| parent | 062dbf1373dcf1646ef58400f011dc3b148aa862 (diff) | |
| download | ikiwiki-5f6f9a1beab327be2728d44c1996408176f6800e.tar ikiwiki-5f6f9a1beab327be2728d44c1996408176f6800e.tar.gz | |
Wrapper: allocate new environment dynamically
Otherwise, if third-party plugins extend newenviron by more than
3 entries, we could overflow the array. It seems unlikely that any
third-party plugin manipulates newenviron in practice, so this
is mostly theoretical. Just in case, I have deliberately avoided
using "i" as the variable name, so that any third-party plugin
that was manipulating newenviron directly will now result in the
wrapper failing to compile.
I have not assumed that realloc(NULL, ...) works as an equivalent of
malloc(...), in case there are still operating systems where that
doesn't work.
Diffstat (limited to 'IkiWiki')
| -rw-r--r-- | IkiWiki/Receive.pm | 4 | ||||
| -rw-r--r-- | IkiWiki/Wrapper.pm | 37 |
2 files changed, 27 insertions, 14 deletions
diff --git a/IkiWiki/Receive.pm b/IkiWiki/Receive.pm index 5908e09f9..332ba7c2c 100644 --- a/IkiWiki/Receive.pm +++ b/IkiWiki/Receive.pm @@ -46,8 +46,8 @@ EOF while (read(0, &buf, 256) != 0) {} exit(0); } - asprintf(&s, "CALLER_UID=%i", u); - newenviron[i++]=s; + asprintf(&s, "%i", u); + addenv("CALLER_UID", s); } EOF return $ret; diff --git a/IkiWiki/Wrapper.pm b/IkiWiki/Wrapper.pm index 69500029c..a8de39eea 100644 --- a/IkiWiki/Wrapper.pm +++ b/IkiWiki/Wrapper.pm @@ -52,7 +52,6 @@ sub gen_wrapper () { HTTP_COOKIE REMOTE_USER HTTPS REDIRECT_STATUS HTTP_HOST SERVER_PORT HTTPS HTTP_ACCEPT REDIRECT_URL} if $config{cgi}; - my $envsize=$#envsave; my $envsave=""; foreach my $var (@envsave) { $envsave.=<<"EOF"; @@ -65,7 +64,6 @@ EOF my $val=$config{ENV}{$key}; utf8::encode($val) if utf8::is_utf8($val); $val =~ s/([^A-Za-z0-9])/sprintf '""\\x%02x""', ord($1)/ge; - $envsize += 1; $envsave.=<<"EOF"; addenv("$key", "$val"); EOF @@ -184,18 +182,33 @@ EOF #include <sys/file.h> extern char **environ; -char *newenviron[$envsize+7]; -int i=0; +int newenvironlen=0; +/* Array of length newenvironlen+1 (+1 for NULL) */ +char **newenviron=NULL; void addenv(char *var, char *val) { - char *s=malloc(strlen(var)+1+strlen(val)+1); + char *s; + + if (newenviron) { + newenviron=realloc(newenviron, (newenvironlen+2) * sizeof(char *)); + } + else { + newenviron=calloc(newenvironlen+2, sizeof(char *)); + } + + if (!newenviron) { + perror("realloc"); + exit(1); + } + + s=malloc(strlen(var)+1+strlen(val)+1); if (!s) { perror("malloc"); exit(1); } else { sprintf(s, "%s=%s", var, val); - newenviron[i++]=s; + newenviron[newenvironlen++]=s; } } @@ -215,9 +228,9 @@ int main (int argc, char **argv) { $check_commit_hook @wrapper_hooks $envsave - newenviron[i++]="HOME=$ENV{HOME}"; - newenviron[i++]="PATH=$ENV{PATH}"; - newenviron[i++]="WRAPPED_OPTIONS=$configstring"; + addenv("HOME", "$ENV{HOME}"); + addenv("PATH", "$ENV{PATH}"); + addenv("WRAPPED_OPTIONS", "$configstring"); #ifdef __TINYC__ /* old tcc versions do not support modifying environ directly */ @@ -225,10 +238,10 @@ $envsave perror("clearenv"); exit(1); } - for (; i>0; i--) - putenv(newenviron[i-1]); + for (; newenvironlen>0; newenvironlen--) + putenv(newenviron[newenvironlen-1]); #else - newenviron[i]=NULL; + newenviron[newenvironlen]=NULL; environ=newenviron; #endif |