You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fish/fish-upstream-CVE-2014-2905...

186 lines
5.7 KiB

From b5cd21c337a8990c0c343ab2c22d3dc123a03d25 Mon Sep 17 00:00:00 2001
Message-Id: <b5cd21c337a8990c0c343ab2c22d3dc123a03d25.1407803973.git.luto@amacapital.net>
From: David Adam <zanchey@ucc.gu.uwa.edu.au>
Date: Mon, 4 Aug 2014 13:26:14 +0800
Subject: [PATCH 1/3] Further fixes to universal variable server socket
management
- Change fishd_path to std::string
- Warn, rather than exiting with an error, if the universal variable
server path is not available, and provide more useful advice.
- Export the new __fishd_runtime_dir variable.
---
common.cpp | 13 +++++++------
common.h | 2 +-
env.cpp | 4 ++--
env_universal.cpp | 22 ++++++++++++++--------
env_universal.h | 2 +-
fish_pager.cpp | 4 ++--
fishd.cpp | 9 +++++++--
7 files changed, 34 insertions(+), 22 deletions(-)
diff --git a/common.cpp b/common.cpp
index 3e5a2c8..203eda5 100644
--- a/common.cpp
+++ b/common.cpp
@@ -2381,10 +2381,11 @@ static int check_runtime_path(const char * path)
}
/** Return the path of an appropriate runtime data directory */
-const char* common_get_runtime_path(void)
+std::string common_get_runtime_path()
{
const char *dir = getenv("XDG_RUNTIME_DIR");
const char *uname = getenv("USER");
+ std::string path;
if (uname == NULL)
{
@@ -2396,19 +2397,19 @@ const char* common_get_runtime_path(void)
{
// /tmp/fish.user
dir = "/tmp/fish.";
- std::string path;
path.reserve(strlen(dir) + strlen(uname));
path.append(dir);
path.append(uname);
if (check_runtime_path(path.c_str()) != 0)
{
- debug(0, L"Couldn't create secure runtime path: '%s'", path.c_str());
- exit(EXIT_FAILURE);
+ debug(0, L"Runtime path not available. Try deleting the directory %s and restarting fish.", path.c_str());
+ path.clear();
}
- return strdup(path.c_str());
}
else
{
- return dir;
+ path.reserve(strlen(dir));
+ path.append(dir);
}
+ return path;
}
diff --git a/common.h b/common.h
index 4d18aca..b160245 100644
--- a/common.h
+++ b/common.h
@@ -814,6 +814,6 @@ extern "C" {
}
/** Return the path of an appropriate runtime data directory */
-const char* common_get_runtime_path(void);
+std::string common_get_runtime_path();
#endif
diff --git a/env.cpp b/env.cpp
index 0bda417..703d619 100644
--- a/env.cpp
+++ b/env.cpp
@@ -620,8 +620,8 @@ void env_init(const struct config_paths_t *paths /* or NULL */)
const env_var_t user_dir_wstr = env_get_string(L"USER");
- const char * fishd_dir = common_get_runtime_path();
- env_set(L"__fish_runtime_dir", str2wcstring(fishd_dir).c_str(), ENV_GLOBAL);
+ std::string fishd_dir = common_get_runtime_path();
+ env_set(L"__fish_runtime_dir", str2wcstring(fishd_dir).c_str(), ENV_GLOBAL | ENV_EXPORT);
wchar_t * user_dir = user_dir_wstr.missing()?NULL:const_cast<wchar_t*>(user_dir_wstr.c_str());
diff --git a/env_universal.cpp b/env_universal.cpp
index 1a97443..78e3130 100644
--- a/env_universal.cpp
+++ b/env_universal.cpp
@@ -242,23 +242,29 @@ static void reconnect()
}
-void env_universal_init(const char * p,
+void env_universal_init(std::string p,
wchar_t *u,
void (*sf)(),
void (*cb)(fish_message_type_t type, const wchar_t *name, const wchar_t *val))
{
- path=p;
+ path=p.c_str();
user=u;
start_fishd=sf;
external_callback = cb;
- env_universal_server.fd = get_socket();
- env_universal_common_init(&callback);
- env_universal_read_all();
- s_env_univeral_inited = true;
- if (env_universal_server.fd >= 0)
+ if (p == "") {
+ debug(1, L"Could not connect to universal variable server. You will not be able to share variable values between fish sessions.");
+ }
+ else
{
- env_universal_barrier();
+ env_universal_server.fd = get_socket();
+ env_universal_common_init(&callback);
+ env_universal_read_all();
+ s_env_univeral_inited = true;
+ if (env_universal_server.fd >= 0)
+ {
+ env_universal_barrier();
+ }
}
}
diff --git a/env_universal.h b/env_universal.h
index 9e6ab85..f14db29 100644
--- a/env_universal.h
+++ b/env_universal.h
@@ -17,7 +17,7 @@ extern connection_t env_universal_server;
/**
Initialize the envuni library
*/
-void env_universal_init(const char * p,
+void env_universal_init(std::string p,
wchar_t *u,
void (*sf)(),
void (*cb)(fish_message_type_t type, const wchar_t *name, const wchar_t *val));
diff --git a/fish_pager.cpp b/fish_pager.cpp
index 27bc80e..6d05774 100644
--- a/fish_pager.cpp
+++ b/fish_pager.cpp
@@ -1032,8 +1032,8 @@ static void init(int mangle_descriptors, int out)
exit(1);
}
-
- env_universal_init("", 0, 0, 0);
+ std::string dir = common_get_runtime_path();
+ env_universal_init(dir, 0, 0, 0);
input_common_init(&interrupt_handler);
output_set_writer(&pager_buffered_writer);
diff --git a/fishd.cpp b/fishd.cpp
index dd43647..d725e43 100644
--- a/fishd.cpp
+++ b/fishd.cpp
@@ -159,10 +159,15 @@ static int quit=0;
*/
static std::string get_socket_filename(void)
{
- const char *dir = common_get_runtime_path();
+ std::string dir = common_get_runtime_path();
+
+ if (dir == "") {
+ debug(0, L"Cannot access desired socket path.");
+ exit(EXIT_FAILURE);
+ }
std::string name;
- name.reserve(strlen(dir) + strlen(SOCK_FILENAME) + 1);
+ name.reserve(dir.length() + strlen(SOCK_FILENAME) + 1);
name.append(dir);
name.push_back('/');
name.append(SOCK_FILENAME);
--
1.9.3