--- parser3/src/main/pa_exec.C 2002/03/25 11:36:24 1.31 +++ parser3/src/main/pa_exec.C 2002/04/16 09:38:49 1.35 @@ -4,7 +4,7 @@ Copyright(c) 2000,2001, 2002 ArtLebedev Group(http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) - $Id: pa_exec.C,v 1.31 2002/03/25 11:36:24 paf Exp $ + $Id: pa_exec.C,v 1.35 2002/04/16 09:38:49 paf Exp $ @todo setrlimit @@ -73,6 +73,7 @@ static BOOL WINAPI CreateHiddenConsolePr // calculating script's directory char dir[MAX_STRING]; strncpy(dir, szCmdLine, MAX_STRING-1); dir[MAX_STRING-1]=0; + lsplit(dir,' '); // trim arguments rsplit(dir,'/'); rsplit(dir,'\\'); // trim filename chdir(dir); @@ -105,13 +106,14 @@ error: return FALSE; } -static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec){ +static void read_pipe(String& result, HANDLE hOutRead, const char *file_spec, + String::Untaint_lang lang){ while(true) { char *buf=(char *)result.pool().malloc(MAX_STRING); unsigned long size; if(!ReadFile(hOutRead, buf, MAX_STRING, &size, NULL) || !size) break; - result.APPEND_AS_IS(buf, size, file_spec, 0); + result.APPEND(buf, size, lang, file_spec, 0); } } @@ -273,13 +275,13 @@ static int get_exit_status(int pid) { WEXITSTATUS(status) : -2; } -static void read_pipe(String& result, int file, const char *file_spec){ +static void read_pipe(String& result, int file, const char *file_spec, String::Untaint_lang lang){ while(true) { char *buf=(char *)result.pool().malloc(MAX_STRING); size_t size=read(file, buf, MAX_STRING); if(!size) break; - result.APPEND_AS_IS(buf, size, file_spec, 0); + result.APPEND(buf, size, lang, file_spec, 0); } } @@ -301,19 +303,20 @@ static void append_env_pair(const Hash:: #endif } -int pa_exec(const String& file_spec, +int pa_exec( + bool forced_allow, + const String& file_spec, const Hash *env, const Array *argv, const String& in, String& out, String& err) { Pool& pool=file_spec.pool(); #ifdef NO_PA_EXECS - - throw Exception(0, 0, - &file_spec, - "parser execs are disabled [recompile parser without --disable-execs configure option]"); - -#else + if(!forced_allow) + throw Exception("parser.runtime", + &file_spec, + "parser execs are disabled [recompile parser without --disable-execs configure option]"); +#endif #ifdef WIN32 @@ -336,9 +339,9 @@ int pa_exec(const String& file_spec, // without this char WriteFile(hInWrite, "\x1A", 1, &written_size, NULL); CloseHandle(hInWrite); - read_pipe(out, hOutRead, file_spec_cstr); + read_pipe(out, hOutRead, file_spec_cstr, String::UL_AS_IS); CloseHandle(hOutRead); - read_pipe(err, hErrRead, file_spec_cstr); + read_pipe(err, hErrRead, file_spec_cstr, String::UL_TAINTED); CloseHandle(hErrRead); /* from http://www.apache.org/websrc/cvsweb.cgi/apache-1.3/src/main/util_script.c?rev=1.151&content-type=text/vnd.viewcvs-markup @@ -358,7 +361,7 @@ from http://www.apache.org/websrc/cvsweb if(error_size>3) // ".\r\n" szErrorDesc[error_size-3]=0; - throw Exception(0, 0, + throw Exception(0, &file_spec, "(real command line=\"%s\") exec failed - %s (%ld)", cmd, @@ -371,19 +374,20 @@ from http://www.apache.org/websrc/cvsweb char *file_spec_cstr=file_spec.cstr(String::UL_FILE_SPEC); #ifdef NO_FOREIGN_GROUP_FILES - struct stat finfo; - if(stat(file_spec_cstr, &finfo)!=0) - throw Exception(0, 0, - &file_spec, - "stat failed: %s (%d), actual filename '%s'", - strerror(errno), errno, file_spec_cstr); - - if(finfo.st_gid/*foreign?*/!=getegid()) - throw Exception(0, 0, - &file_spec, - "parser executing files of foreign group is disabled [recompile parser without --disable-foreign-group-files configure option], actual filename '%s'", - file_spec_cstr); + if(!forced_allow) { + struct stat finfo; + if(stat(file_spec_cstr, &finfo)!=0) + throw Exception("file.missing", + &file_spec, + "stat failed: %s (%d), actual filename '%s'", + strerror(errno), errno, file_spec_cstr); + if(finfo.st_gid/*foreign?*/!=getegid()) + throw Exception("parser.runtime", + &file_spec, + "parser executing files of foreign group is disabled [recompile parser without --disable-foreign-group-files configure option], actual filename '%s'", + file_spec_cstr); + } #endif char *argv_cstrs[1+10+1]={file_spec_cstr, 0}; @@ -391,7 +395,7 @@ from http://www.apache.org/websrc/cvsweb const int argv_size=argv->size(); const int argv_max=sizeof(argv_cstrs)/sizeof(argv_cstrs[0])-1-1; if(argv_size>argv_max) - throw Exception(0, 0, + throw Exception("parser.runtime", &file_spec, "too many arguments (%d > max %d)", argv_size, argv_max); for(int i=0; i