Add a knob to use fixed path `iceauth` tool

`system()` and `popen()` may unsafe unless using absolute command path.
Rely on PATH environment variable set by users may result in unwanted tool.

Signed-off-by: OBATA Akio <obache@wizdas.com>
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
pull/99/head
OBATA Akio 4 years ago committed by Slávek Banko
parent 56c5973b6b
commit ac8c8ca54a
No known key found for this signature in database
GPG Key ID: 608F5293A04BE668

@ -1233,6 +1233,17 @@ if ( WITH_TDEICONLOADER_DEBUG )
endif ( WITH_TDEICONLOADER_DEBUG ) endif ( WITH_TDEICONLOADER_DEBUG )
##### find tools path ###########################
if( NOT WIN32 AND NOT ICEAUTH_PATH )
find_program( ICEAUTH_PATH iceauth )
if( ${ICEAUTH_PATH} STREQUAL "ICEAUTH_PATH-NOTFOUND" )
tde_message_fatal( "iceauth command was not found in path." )
endif()
message( STATUS "Found iceauth: ${ICEAUTH_PATH}" )
endif( NOT WIN32 AND NOT ICEAUTH_PATH )
##### write configure files ##################### ##### write configure files #####################
configure_file( config.h.cmake config.h ) configure_file( config.h.cmake config.h )

@ -930,6 +930,15 @@
/* Defined if your system has XRandR support */ /* Defined if your system has XRandR support */
#cmakedefine XRANDR_SUPPORT 1 #cmakedefine XRANDR_SUPPORT 1
/* Defines the executable of iceauth */
#cmakedefine ICEAUTH_PATH "@ICEAUTH_PATH@"
#ifdef ICEAUTH_PATH
# define ICEAUTH_COMMAND ICEAUTH_PATH
#else
# define ICEAUTH_COMMAND "iceauth"
#endif
/* /*
* jpeg.h needs HAVE_BOOLEAN, when the system uses boolean in system * jpeg.h needs HAVE_BOOLEAN, when the system uses boolean in system
* headers and I'm too lazy to write a configure test as long as only * headers and I'm too lazy to write a configure test as long as only

@ -210,13 +210,26 @@ public:
TQCString DCOPClient::iceauthPath() TQCString DCOPClient::iceauthPath()
{ {
#ifdef Q_OS_WIN32 #if defined(ICEAUTH_PATH)
if (
# if defined(Q_WS_WIN)
access(ICEAUTH_PATH, 0) == 0
# else
access(ICEAUTH_PATH, X_OK) == 0
# endif
)
{
return TQCString(ICEAUTH_PATH);
}
#elif defined(Q_OS_WIN32)
char szPath[512]; char szPath[512];
char * pszFilePart; char * pszFilePart;
int ret; int ret;
ret = SearchPathA(NULL,"iceauth.exe",NULL,sizeof(szPath)/sizeof(szPath[0]),szPath,&pszFilePart); ret = SearchPathA(NULL,"iceauth.exe",NULL,sizeof(szPath)/sizeof(szPath[0]),szPath,&pszFilePart);
if(ret != 0) if(ret != 0)
return TQCString(szPath); return TQCString(szPath);
#else #else
TQCString path = ::getenv("PATH"); TQCString path = ::getenv("PATH");
if (path.isEmpty()) if (path.isEmpty())
@ -230,9 +243,9 @@ TQCString DCOPClient::iceauthPath()
{ {
return fPath; return fPath;
} }
fPath = strtok(NULL, ":\b"); fPath = strtok(NULL, ":\b");
} }
#endif #endif
return 0; return 0;
} }

@ -151,7 +151,7 @@ static void cleanupDCOPsocket(char *buffer)
if (socket_file) if (socket_file)
unlink(socket_file); unlink(socket_file);
snprintf(cmd, BUFFER_SIZE, "iceauth remove netid='%s'", buffer); snprintf(cmd, BUFFER_SIZE, ICEAUTH_COMMAND " remove netid='%s'", buffer);
system(cmd); system(cmd);
} }

@ -16,6 +16,8 @@
* Boston, MA 02110-1301, USA. * Boston, MA 02110-1301, USA.
**/ **/
#include <config.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <unistd.h> #include <unistd.h>
@ -236,7 +238,7 @@ void KHostName::changeDcop()
::symlink(fname.data(), compatLink.data()); // Compatibility link ::symlink(fname.data(), compatLink.data()); // Compatibility link
// Update .ICEauthority // Update .ICEauthority
TQString cmd = "iceauth list "+TDEProcess::quote("netid="+oldNetId); TQString cmd = ICEAUTH_COMMAND " list "+TDEProcess::quote("netid="+oldNetId);
FILE *iceFile = popen(TQFile::encodeName(cmd), "r"); FILE *iceFile = popen(TQFile::encodeName(cmd), "r");
if (!iceFile) if (!iceFile)
{ {
@ -271,7 +273,7 @@ void KHostName::changeDcop()
if (netId != oldNetId) if (netId != oldNetId)
continue; continue;
cmd = "iceauth add "; cmd = ICEAUTH_COMMAND " add ";
cmd += TDEProcess::quote(protName); cmd += TDEProcess::quote(protName);
cmd += " '' "; cmd += " '' ";
cmd += TDEProcess::quote(newNetId); cmd += TDEProcess::quote(newNetId);
@ -288,7 +290,7 @@ void KHostName::changeDcop()
char* xauthlocalhostname = getenv("XAUTHLOCALHOSTNAME"); char* xauthlocalhostname = getenv("XAUTHLOCALHOSTNAME");
if (!xauthlocalhostname || !oldNetId.contains(xauthlocalhostname)) if (!xauthlocalhostname || !oldNetId.contains(xauthlocalhostname))
{ {
TQString cmd = "iceauth remove "+TDEProcess::quote("netid="+oldNetId); TQString cmd = ICEAUTH_COMMAND " remove "+TDEProcess::quote("netid="+oldNetId);
system(TQFile::encodeName(cmd)); system(TQFile::encodeName(cmd));
unlink(origFName.data()); unlink(origFName.data());
origFName = DCOPClient::dcopServerFileOld(oldName); // Compatibility link origFName = DCOPClient::dcopServerFileOld(oldName); // Compatibility link

@ -367,9 +367,9 @@ int main()
close(fd); close(fd);
xsetenv("ICEAUTHORITY", iceauthority); xsetenv("ICEAUTHORITY", iceauthority);
fout = popen("iceauth >/dev/null 2>&1", "w"); fout = popen(ICEAUTH_COMMAND " >/dev/null 2>&1", "w");
if (!fout) { if (!fout) {
perror("tdesu_stub: popen iceauth"); perror("tdesu_stub: popen " ICEAUTH_COMMAND);
exit(1); exit(1);
} }
for (i=0; host[i]; i++) for (i=0; host[i]; i++)

Loading…
Cancel
Save