emo/xbps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xbps-rindex: fix CID 62741 correctly (untrusted value as argument)

Browse Source
This commit is contained in:
Juan RP 2014-10-07 10:11:14 +02:00
parent 3a71db1d0b
commit d4374fb9af
3 changed files with 11 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bin/xbps-rindex/defs.h
View File

@ -67,7 +67,7 @@
#define _XBPS_RINDEX "xbps-rindex" #define _XBPS_RINDEX "xbps-rindex"
/* From index-add.c */ /* From index-add.c */
int index_add(struct xbps_handle *, int, char **, bool); int index_add(struct xbps_handle *, int, int, char **, bool);
/* From index-clean.c */ /* From index-clean.c */
int index_clean(struct xbps_handle *, const char *); int index_clean(struct xbps_handle *, const char *);

19
bin/xbps-rindex/index-add.c
View File

@ -38,7 +38,7 @@
#include "defs.h" #include "defs.h"
int int
index_add(struct xbps_handle *xhp, int argc, char **argv, bool force) index_add(struct xbps_handle *xhp, int args, int argmax, char **argv, bool force)
{ {
xbps_array_t array, pkg_files, pkg_links, pkg_cffiles; xbps_array_t array, pkg_files, pkg_links, pkg_cffiles;
xbps_dictionary_t idx, idxmeta, idxfiles, binpkgd, pkg_filesd, curpkgd; xbps_dictionary_t idx, idxmeta, idxfiles, binpkgd, pkg_filesd, curpkgd;
@ -77,19 +77,18 @@ index_add(struct xbps_handle *xhp, int argc, char **argv, bool force)
/* /*
* Process all packages specified in argv. * Process all packages specified in argv.
*/ */
for (int i = 0; i < argc; i++) { for (int i = args; i < argmax; i++) {
const char *arch = NULL; const char *arch = NULL, *pkg = argv[i];
char *sha256 = NULL, *pkgver = NULL, *pkgname = NULL; char *sha256 = NULL, *pkgver = NULL, *pkgname = NULL;
assert(argv[i]); assert(pkg);
/* /*
* Read metadata props plist dictionary from binary package. * Read metadata props plist dictionary from binary package.
*/ */
binpkgd = xbps_get_pkg_plist_from_binpkg(argv[i], binpkgd = xbps_get_pkg_plist_from_binpkg(pkg, "./props.plist");
"./props.plist");
if (binpkgd == NULL) { if (binpkgd == NULL) {
fprintf(stderr, "index: failed to read %s metadata for " fprintf(stderr, "index: failed to read %s metadata for "
"`%s', skipping!\n", XBPS_PKGPROPS, argv[i]); "`%s', skipping!\n", XBPS_PKGPROPS, pkg);
continue; continue;
} }
xbps_dictionary_get_cstring_nocopy(binpkgd, "architecture", &arch); xbps_dictionary_get_cstring_nocopy(binpkgd, "architecture", &arch);
@ -163,7 +162,7 @@ index_add(struct xbps_handle *xhp, int argc, char **argv, bool force)
* - filename-size * - filename-size
* - filename-sha256 * - filename-sha256
*/ */
if ((sha256 = xbps_file_hash(argv[i])) == NULL) { if ((sha256 = xbps_file_hash(pkg)) == NULL) {
free(pkgver); free(pkgver);
free(pkgname); free(pkgname);
rv = EINVAL; rv = EINVAL;
@ -177,7 +176,7 @@ index_add(struct xbps_handle *xhp, int argc, char **argv, bool force)
goto out; goto out;
} }
free(sha256); free(sha256);
if (stat(argv[i], &st) == -1) { if (stat(pkg, &st) == -1) {
free(pkgver); free(pkgver);
free(pkgname); free(pkgname);
rv = EINVAL; rv = EINVAL;
@ -210,7 +209,7 @@ index_add(struct xbps_handle *xhp, int argc, char **argv, bool force)
* Add new pkg dictionary into the index-files. * Add new pkg dictionary into the index-files.
*/ */
found = false; found = false;
pkg_filesd = xbps_get_pkg_plist_from_binpkg(argv[i], "./files.plist"); pkg_filesd = xbps_get_pkg_plist_from_binpkg(pkg, "./files.plist");
if (pkg_filesd == NULL) { if (pkg_filesd == NULL) {
free(pkgver); free(pkgver);
rv = EINVAL; rv = EINVAL;

2
bin/xbps-rindex/main.c
View File

@ -130,7 +130,7 @@ main(int argc, char **argv)
} }
if (add_mode) if (add_mode)
rv = index_add(&xh, argc - optind, argv + optind, force); rv = index_add(&xh, optind, argc, argv, force);
else if (clean_mode) else if (clean_mode)
rv = index_clean(&xh, argv[optind]); rv = index_clean(&xh, argv[optind]);
else if (rm_mode) else if (rm_mode)