Attachment #22323 for bug #58081

View | Details | Raw Unified | Return to bug 58081
Collapse All | Expand All

Lines 656-663 Link Here

(-)header.c.my-orig (-2 / +4 lines)
656	}	656	}
657		657
658	if (dir_length) {	658	if (dir_length) {
659	strcat(dirname, hdr->name);	659	strncat(dirname, hdr->name, sizeof(dirname)-strlen(dirname));
660	strcpy(hdr->name, dirname);	660	dirname[sizeof(dirname)-1] = 0;
		661	strncpy(hdr->name, dirname, sizeof(hdr->name));
		662	hdr->name[sizeof(hdr->name)-1] = 0;
661	name_length += dir_length;	663	name_length += dir_length;
662	}	664	}
663		665

Lines 10-15 Link Here

(-)lhadd.c.my-orig (-1 / +11 lines)
10	#include "lha.h"	10	#include "lha.h"
11	/* ------------------------------------------------------------------------ */	11	/* ------------------------------------------------------------------------ */
12	static void remove_files();	12	static void remove_files();
		13	int strcmp_filename(char , char );
		14	void build_backup_name(char , char );
13		15
14	static char new_archive_name_buffer[FILENAME_LENGTH];	16	static char new_archive_name_buffer[FILENAME_LENGTH];
15	static char *new_archive_name;	17	static char *new_archive_name;
Lines 21-27 Link Here
21	{	23	{
22	long header_pos, next_pos, org_pos, data_pos;	24	long header_pos, next_pos, org_pos, data_pos;
23	long v_original_size, v_packed_size;	25	long v_original_size, v_packed_size;
24	int mode;
25		26
26	reading_filename = hdr->name;	27	reading_filename = hdr->name;
27	writting_filename = temporary_name;	28	writting_filename = temporary_name;
Lines 35-40 Link Here
35	if ((hdr->unix_mode & UNIX_FILE_SYMLINK) == UNIX_FILE_SYMLINK) {	36	if ((hdr->unix_mode & UNIX_FILE_SYMLINK) == UNIX_FILE_SYMLINK) {
36	char buf[256], b1, b2;	37	char buf[256], b1, b2;
37	if (!quiet) {	38	if (!quiet) {
		39	/* make sure we use a zero-terminated buffer */
		40	hdr->name[255] = 0;
38	strcpy(buf, hdr->name);	41	strcpy(buf, hdr->name);
39	b1 = strtok(buf, "\|");	42	b1 = strtok(buf, "\|");
40	b2 = strtok(NULL, "\|");	43	b2 = strtok(NULL, "\|");
Lines 211-218 Link Here
211	add_sp(&sp, hdr.name, strlen(hdr.name) + 1);	214	add_sp(&sp, hdr.name, strlen(hdr.name) + 1);
212	}	215	}
213	else if ((hdr.unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_DIRECTORY) {	216	else if ((hdr.unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_DIRECTORY) {
		217	/* make sure we use a zero-terminated buffer */
		218	hdr.name[sizeof(hdr.name)-1] = 0;
214	strcpy(name, hdr.name);	219	strcpy(name, hdr.name);
215	len = strlen(name);	220	len = strlen(name);
		221	/* XXX thomas: what about multiple '/' or about ".." */
216	if (len > 0 && name[len - 1] == '/')	222	if (len > 0 && name[len - 1] == '/')
217	name[--len] = '\0'; /* strip tail '/' */	223	name[--len] = '\0'; /* strip tail '/' */
218	if (stat(name, &stbuf) >= 0) /* exist ? */	224	if (stat(name, &stbuf) >= 0) /* exist ? */
Lines 237-252 Link Here
237		243
238	old_header_pos = ftell(oafp);	244	old_header_pos = ftell(oafp);
239	while (get_header(oafp, &ahdr)) {	245	while (get_header(oafp, &ahdr)) {
		246	/* make sure we use a zero-terminated buffer */
		247	ahdr.name[sizeof(ahdr.name)-1] = 0;
240	strcpy(lpath, ahdr.name);	248	strcpy(lpath, ahdr.name);
241	b1 = strtok(lpath, "\|");	249	b1 = strtok(lpath, "\|");
242	b2 = strtok(NULL, "\|");	250	b2 = strtok(NULL, "\|");
243	if (need_file(b1)) { /* skip */	251	if (need_file(b1)) { /* skip */
244	fseek(oafp, ahdr.packed_size, SEEK_CUR);	252	fseek(oafp, ahdr.packed_size, SEEK_CUR);
245	if (noexec \|\| !quiet)	253	if (noexec \|\| !quiet)
		254	{
246	if (b2 != NULL)	255	if (b2 != NULL)
247	printf("delete %s -> %s\n", b1, b2);	256	printf("delete %s -> %s\n", b1, b2);
248	else	257	else
249	printf("delete %s\n", b1);	258	printf("delete %s\n", b1);
		259	}
250	}	260	}
251	else { /* copy */	261	else { /* copy */
252	if (noexec) {	262	if (noexec) {

Lines 11-16 Link Here

(-)lha.h.my-orig (+1 lines)
11	lharc.h interface.h slidehuf.h	11	lharc.h interface.h slidehuf.h
12	*/	12	*/
13	#include <stdio.h>	13	#include <stdio.h>
		14	#include <unistd.h>
14	#include <errno.h>	15	#include <errno.h>
15	#include <ctype.h>	16	#include <ctype.h>
16	#include <sys/types.h>	17	#include <sys/types.h>

Lines 53-59 Link Here

(-)lha_macro.h.my-orig (-1 / +1 lines)
53	#define SEEK_SET 0	53	#define SEEK_SET 0
54	#define SEEK_CUR 1	54	#define SEEK_CUR 1
55	#define SEEK_END 2	55	#define SEEK_END 2
56	#endif /* SEEK_SET	56	#endif /* SEEK_SET */
57		57
58		58
59	/* non-integral functions */	59	/* non-integral functions */

Lines 831-839 Link Here

(-)lharc.c.my-orig (-9 / +29 lines)
831	DIRENTRY *dp;	831	DIRENTRY *dp;
832	struct stat tmp_stbuf, arc_stbuf, fil_stbuf;	832	struct stat tmp_stbuf, arc_stbuf, fil_stbuf;
833		833
834	strcpy(newname, name);	834	strncpy(newname, name, sizeof(newname));
		835	newname[sizeof(newname)-1] = 0;
835	len = strlen(name);	836	len = strlen(name);
836	if (len > 0 && newname[len - 1] != '/')	837	if (len > 0 && newname[len - 1] != '/' && len < (sizeof(newname)-1))
837	newname[len++] = '/';	838	newname[len++] = '/';
838		839
839	dirp = opendir(name);	840	dirp = opendir(name);
Lines 847-852 Link Here
847		848
848	for (dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) {	849	for (dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) {
849	n = NAMLEN(dp);	850	n = NAMLEN(dp);
		851	if( len >= (sizeof(newname)-1) \|\|
		852	(len+n) >= (sizeof(newname)-1) \|\|
		853	n <= 0 \|\|
		854	(len+n) <= 0)
		855	break;
850	strncpy(newname + len, dp->d_name, n);	856	strncpy(newname + len, dp->d_name, n);
851	newname[len + n] = '\0';	857	newname[len + n] = '\0';
852	if (GETSTAT(newname, &fil_stbuf) < 0)	858	if (GETSTAT(newname, &fil_stbuf) < 0)
Lines 904-910 Link Here
904	strcpy(temporary_name, TMP_FILENAME_TEMPLATE);	910	strcpy(temporary_name, TMP_FILENAME_TEMPLATE);
905	}	911	}
906	else {	912	else {
907	sprintf(temporary_name, "%s/lhXXXXXX", extract_directory);	913	snprintf(temporary_name, sizeof(temporary_name), "%s/lhXXXXXX", extract_directory);
908	}	914	}
909	#ifdef MKSTEMP	915	#ifdef MKSTEMP
910	mkstemp(temporary_name);	916	mkstemp(temporary_name);
Lines 914-923 Link Here
914	#else	920	#else
915	char p, s;	921	char p, s;
916		922
917	strcpy(temporary_name, archive_name);	923	strncpy(temporary_name, archive_name, sizeof(temporary_name));
		924	temporary_name[sizeof(temporary_name)-1] = 0;
918	for (p = temporary_name, s = (char ) 0; p; p++)	925	for (p = temporary_name, s = (char ) 0; p; p++)
919	if (*p == '/')	926	if (*p == '/')
920	s = p;	927	s = p;
		928
		929	if( sizeof(temporary_name) - ((size_t) (s-temporary_name)) - 1
		930	<= strlen("lhXXXXXX"))
		931	exit(-1);
		932
921	strcpy((s ? s + 1 : temporary_name), "lhXXXXXX");	933	strcpy((s ? s + 1 : temporary_name), "lhXXXXXX");
922	#ifdef MKSTEMP	934	#ifdef MKSTEMP
923	mkstemp(temporary_name);	935	mkstemp(temporary_name);
Lines 935-940 Link Here
935	{	947	{
936	register char p, dot;	948	register char p, dot;
937		949
		950	/* XXX thomas: this can loop "forever", classical semi-decidable problem ;) */
938	for (p = buffer, dot = (char ) 0; p; p++) {	951	for (p = buffer, dot = (char ) 0; p; p++) {
939	if (*p == '.')	952	if (*p == '.')
940	dot = p;	953	dot = p;
Lines 945-950 Link Here
945	if (dot)	958	if (dot)
946	p = dot;	959	p = dot;
947		960
		961	/* XXX thomas: this may overflow */
948	strcpy(p, ext);	962	strcpy(p, ext);
949	}	963	}
950		964
Lines 955-960 Link Here
955	char *buffer;	969	char *buffer;
956	char *original;	970	char *original;
957	{	971	{
		972	/* XXX thomas: this may overflow */
958	strcpy(buffer, original);	973	strcpy(buffer, original);
959	modify_filename_extention(buffer, BACKUPNAME_EXTENTION); /* ".bak" */	974	modify_filename_extention(buffer, BACKUPNAME_EXTENTION); /* ".bak" */
960	}	975	}
Lines 965-970 Link Here
965	char *buffer;	980	char *buffer;
966	char *orginal;	981	char *orginal;
967	{	982	{
		983	/* XXX thomas: this may overflow */
968	strcpy(buffer, orginal);	984	strcpy(buffer, orginal);
969	modify_filename_extention(buffer, ARCHIVENAME_EXTENTION); /* ".lzh" */	985	modify_filename_extention(buffer, ARCHIVENAME_EXTENTION); /* ".lzh" */
970	}	986	}
Lines 993-999 Link Here
993	xfopen(name, mode)	1009	xfopen(name, mode)
994	char name, mode;	1010	char name, mode;
995	{	1011	{
996	FILE *fp;	1012	FILE *fp = NULL;
997		1013
998	if (mode[0] == '!') {	1014	if (mode[0] == '!') {
999	int fd;	1015	int fd;
Lines 1047-1053 Link Here
1047	else	1063	else
1048	return NULL;	1064	return NULL;
1049	}	1065	}
1050	if (p = (char *) rindex(archive_name, '.')) {	1066	if ( (p = (char *) rindex(archive_name, '.')) ) {
1051	if (strucmp(".LZH", p) == 0	1067	if (strucmp(".LZH", p) == 0
1052	\|\| strucmp(".LHA", p) == 0 /* Amiga */	1068	\|\| strucmp(".LHA", p) == 0 /* Amiga */
1053	\|\| strucmp(".LZS", p) == 0	1069	\|\| strucmp(".LZS", p) == 0
Lines 1062-1073 Link Here
1062		1078
1063	if (open_old_archive_1(archive_name, &fp))	1079	if (open_old_archive_1(archive_name, &fp))
1064	return fp;	1080	return fp;
1065	sprintf(expanded_archive_name, "%s." ARCHIVEEXT_OLD, archive_name);	1081	snprintf(expanded_archive_name, sizeof(expanded_archive_name),
		1082	"%s." ARCHIVEEXT_OLD, archive_name);
1066	if (open_old_archive_1(expanded_archive_name, &fp)) {	1083	if (open_old_archive_1(expanded_archive_name, &fp)) {
1067	archive_name = expanded_archive_name;	1084	archive_name = expanded_archive_name;
1068	return fp;	1085	return fp;
1069	}	1086	}
1070	sprintf(expanded_archive_name, "%s.lzh", archive_name);	1087	snprintf(expanded_archive_name, sizeof(expanded_archive_name),
		1088	"%s.lzh", archive_name);
1071	if (open_old_archive_1(expanded_archive_name, &fp)) {	1089	if (open_old_archive_1(expanded_archive_name, &fp)) {
1072	archive_name = expanded_archive_name;	1090	archive_name = expanded_archive_name;
1073	return fp;	1091	return fp;
Lines 1076-1082 Link Here
1076	* if ( (errno&0xffff)!=E_PNNF ) { archive_name =	1094	* if ( (errno&0xffff)!=E_PNNF ) { archive_name =
1077	* expanded_archive_name; return NULL; }	1095	* expanded_archive_name; return NULL; }
1078	*/	1096	*/
1079	sprintf(expanded_archive_name, "%s.lzs", archive_name);	1097	snprintf(expanded_archive_name, sizeof(expanded_archive_name),
		1098	"%s.lzs", archive_name);
1080	if (open_old_archive_1(expanded_archive_name, &fp)) {	1099	if (open_old_archive_1(expanded_archive_name, &fp)) {
1081	archive_name = expanded_archive_name;	1100	archive_name = expanded_archive_name;
1082	return fp;	1101	return fp;
Lines 1106-1111 Link Here
1106		1125
1107	fgets(buffer, 1024, stdin);	1126	fgets(buffer, 1024, stdin);
1108		1127
		1128	/* XXX thomas: this may loop "forever" */
1109	for (p = selective; *p; p++)	1129	for (p = selective; *p; p++)
1110	if (buffer[0] == *p)	1130	if (buffer[0] == *p)
1111	return p - selective;	1131	return p - selective;




	register char  *p;

	/* make parent directory name into PATH for recursive call */
	memset(path, 0, sizeof(path));
	strncpy(path, name, sizeof(path)-1);
	for (p = path + strlen(path); p > path; p--)
		if (p[-1] == '/') {
			*--p = '\0';

	if (verbose)
		printf("Making directory \"%s\".\n", path);

	/* XXX thomas: should we keep this unsecure file mode? */
	if (mkdir(path, 0777) >= 0)	/* try */
		return TRUE;	/* successful done. */
	errno = 0;

			if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_SYMLINK) {
				char            buf[256], *bb1, *bb2;
				int             l_code;
				strncpy(buf, name, sizeof(buf));
				buf[sizeof(buf)-1] =  0;
				bb1 = strtok(buf, "|");
				bb2 = strtok(NULL, "|");


				if (quiet != TRUE) {
					printf("Symbolic Link %s -> %s\n", bb1, bb2);
				}
				/* XXX thomas: this may overflow */
				strncpy(name, bb1, 255); /* Symbolic's name set */
				name[255] = 0;
#else
				snprintf(buf, sizeof(buf), "%s -> %s", bb1, bb2);
				warning("Can't make Symbolic Link", buf);
				return;
#endif

Lines 251-257 Link Here

(-)lhlist.c.my-orig (-1 / +2 lines)
251	printf(" %s", hdr->name);	251	printf(" %s", hdr->name);
252	else {	252	else {
253	char buf[256], b1, b2;	253	char buf[256], b1, b2;
254	strcpy(buf, hdr->name);	254	strncpy(buf, hdr->name, sizeof(buf));
		255	buf[sizeof(buf)-1] = 0;
255	b1 = strtok(buf, "\|");	256	b1 = strtok(buf, "\|");
256	b2 = strtok(NULL, "\|");	257	b2 = strtok(NULL, "\|");
257	printf(" %s -> %s", b1, b2);	258	printf(" %s -> %s", b1, b2);




 * 1992 modified by Masaru Oki #ifndef USESTRCASECMP added. Mar 31 1992
 * modified by Masaru Oki #ifdef NOMEMSET added.
 */
#include <errno.h>

/* ------------------------------------------------------------------------ */
extern unsigned short crc;

	char           *path;
{
	int             stat, rtn = 0;
	pid_t		child;


	/* XXX thomas: shell meta chars in path could exec commands */
	/* therefore we should avoid using system() */
	if ((child = fork()) < 0)
		return (-1);	/* fork error */
	else if (child) {	/* parent process */
		while (child != wait(&stat))	/* ignore signals */
			continue;
	}
	else {			/* child process */
		execl(RMDIRPATH, "rmdir", path, (char *) 0);
		/* never come here except execl is error */
		return (-1);
	strcpy(cmdname, RMDIRPATH);
	*(cmdname + strlen(RMDIRPATH)) = ' ';
	strcpy(cmdname + strlen(RMDIRPATH) + 1, path);
	if ((stat = system(cmdname)) < 0)
		rtn = -1;	/* fork or exec error */
	else if (stat) {	/* RMDIR command error */
		errno = EIO;
		rtn = -1;
	}
	if (stat != 0) {
		errno = EIO;	/* cannot get error num. */
		return (-1);
	}
	return (0);
}

/* ------------------------------------------------------------------------ */

Return to bug 58081

Lines 13-19 Link Here

(-)util.c.my-orig (-14 / +19 lines)
13	* 1992 modified by Masaru Oki #ifndef USESTRCASECMP added. Mar 31 1992	13	* 1992 modified by Masaru Oki #ifndef USESTRCASECMP added. Mar 31 1992
14	* modified by Masaru Oki #ifdef NOMEMSET added.	14	* modified by Masaru Oki #ifdef NOMEMSET added.
15	*/	15	*/
16	#include <errno.h>
17		16
18	/* ------------------------------------------------------------------------ */	17	/* ------------------------------------------------------------------------ */
19	extern unsigned short crc;	18	extern unsigned short crc;
Lines 276-296 Link Here
276	char *path;	275	char *path;
277	{	276	{
278	int stat, rtn = 0;	277	int stat, rtn = 0;
279	char *cmdname;	278	pid_t child;
280	if ((cmdname = (char *) malloc(strlen(RMDIRPATH) + 1 + strlen(path) + 1))	279
281	== 0)	280
		281	/* XXX thomas: shell meta chars in path could exec commands */
		282	/* therefore we should avoid using system() */
		283	if ((child = fork()) < 0)
		284	return (-1); /* fork error */
		285	else if (child) { /* parent process */
		286	while (child != wait(&stat)) /* ignore signals */
		287	continue;
		288	}
		289	else { /* child process */
		290	execl(RMDIRPATH, "rmdir", path, (char *) 0);
		291	/* never come here except execl is error */
282	return (-1);	292	return (-1);
283	strcpy(cmdname, RMDIRPATH);
284	*(cmdname + strlen(RMDIRPATH)) = ' ';
285	strcpy(cmdname + strlen(RMDIRPATH) + 1, path);
286	if ((stat = system(cmdname)) < 0)
287	rtn = -1; /* fork or exec error */
288	else if (stat) { /* RMDIR command error */
289	errno = EIO;
290	rtn = -1;
291	}	293	}
292	free(cmdname);	294	if (stat != 0) {
293	return (rtn);	295	errno = EIO; /* cannot get error num. */
		296	return (-1);
		297	}
		298	return (0);
294	}	299	}
295		300
296	/* ------------------------------------------------------------------------ */	301	/* ------------------------------------------------------------------------ */

Lines 82-88 Link Here

(-)lhext.c.my-orig (-4 / +9 lines)
82	register char *p;	82	register char *p;
83		83
84	/* make parent directory name into PATH for recursive call */	84	/* make parent directory name into PATH for recursive call */
85	strcpy(path, name);	85	memset(path, 0, sizeof(path));
		86	strncpy(path, name, sizeof(path)-1);
86	for (p = path + strlen(path); p > path; p--)	87	for (p = path + strlen(path); p > path; p--)
87	if (p[-1] == '/') {	88	if (p[-1] == '/') {
88	*--p = '\0';	89	*--p = '\0';
Lines 105-110 Link Here
105	if (verbose)	106	if (verbose)
106	printf("Making directory \"%s\".\n", path);	107	printf("Making directory \"%s\".\n", path);
107		108
		109	/* XXX thomas: should we keep this unsecure file mode? */
108	if (mkdir(path, 0777) >= 0) /* try */	110	if (mkdir(path, 0777) >= 0) /* try */
109	return TRUE; /* successful done. */	111	return TRUE; /* successful done. */
110	errno = 0;	112	errno = 0;
Lines 337-343 Link Here
337	if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_SYMLINK) {	339	if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_SYMLINK) {
338	char buf[256], bb1, bb2;	340	char buf[256], bb1, bb2;
339	int l_code;	341	int l_code;
340	strcpy(buf, name);	342	strncpy(buf, name, sizeof(buf));
		343	buf[sizeof(buf)-1] = 0;
341	bb1 = strtok(buf, "\|");	344	bb1 = strtok(buf, "\|");
342	bb2 = strtok(NULL, "\|");	345	bb2 = strtok(NULL, "\|");
343		346
Lines 366-374 Link Here
366	if (quiet != TRUE) {	369	if (quiet != TRUE) {
367	printf("Symbolic Link %s -> %s\n", bb1, bb2);	370	printf("Symbolic Link %s -> %s\n", bb1, bb2);
368	}	371	}
369	strcpy(name, bb1); /* Symbolic's name set */	372	/* XXX thomas: this may overflow */
		373	strncpy(name, bb1, 255); /* Symbolic's name set */
		374	name[255] = 0;
370	#else	375	#else
371	sprintf(buf, "%s -> %s", bb1, bb2);	376	snprintf(buf, sizeof(buf), "%s -> %s", bb1, bb2);
372	warning("Can't make Symbolic Link", buf);	377	warning("Can't make Symbolic Link", buf);
373	return;	378	return;
374	#endif	379	#endif