From d1924756c72fa46e8f18c5c7dd8dfb4b6ea2222f Mon Sep 17 00:00:00 2001 From: Arun Prakash Jana Date: Sun, 14 May 2017 03:22:47 +0530 Subject: [PATCH] Fix #29 Limit all xstrlcpy() calls by dest length. Escape filenames in system(3) calls. --- nnn.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/nnn.c b/nnn.c index 7d93893b..512f20fe 100644 --- a/nnn.c +++ b/nnn.c @@ -1102,9 +1102,9 @@ show_stats(char* fpath, char* fname, struct stat *sb) if (S_ISREG(sb->st_mode)) { /* Show file(1) output */ strcpy(buf, "file -b \""); - xstrlcpy(buf + strlen(buf), fpath, strlen(fpath) + 1); + xstrlcpy(buf + strlen(buf), fpath, sizeof(buf) - strlen(buf)); strcat(buf, "\" 2>&1"); - p = get_output(buf, PATH_MAX + 16); + p = get_output(buf, sizeof(buf)); if (p) { dprintf(fd, "\n\n "); while (*p) { @@ -1139,12 +1139,12 @@ show_mediainfo(const char* fpath, int full) if (get_output(buf, MAX_CMD_LEN) == NULL) return -1; - strcpy(buf, "mediainfo \""); - xstrlcpy(buf + strlen(buf), fpath, strlen(fpath) + 1); + strcpy(buf, "mediainfo \'"); + xstrlcpy(buf + strlen(buf), fpath, sizeof(buf) - strlen(buf)); if (full) - strcat(buf, "\" -f "); + strcat(buf, "\' -f "); else - strcat(buf, "\" "); + strcat(buf, "\' "); sprintf(buf + strlen(buf), "2>&1 | %s", xgetenv("PAGER", "less")); return system(buf); @@ -1569,9 +1569,9 @@ nochange: /* If NNN_OPENER is set, use it */ if (opener) { - sprintf(cmd, "%s \"", opener); - xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); - strcat(cmd, "\" > /dev/null 2>&1"); + sprintf(cmd, "%s \'", opener); + xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd)); + strcat(cmd, "\' > /dev/null 2>&1"); r = system(cmd); continue; } @@ -1579,9 +1579,9 @@ nochange: /* Play with nlay if identified */ mime = getmime(dents[cur].name); if (mime) { - strcpy(cmd, "nlay \""); - xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); - sprintf(cmd + strlen(cmd), "\" %s", mime); + strcpy(cmd, "nlay \'"); + xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd)); + sprintf(cmd + strlen(cmd), "\' %s", mime); exitcurses(); r = system(cmd); initcurses(); @@ -1590,9 +1590,9 @@ nochange: /* If nlay doesn't handle it, open plain text files with vi, then try NNN_FALLBACK_OPENER */ - strcpy(cmd, "file -bi \""); - xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); - strcat(cmd, "\""); + strcpy(cmd, "file -bi \'"); + xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd)); + strcat(cmd, "\'"); if (get_output(cmd, MAX_CMD_LEN) == NULL) continue; @@ -1603,9 +1603,9 @@ nochange: initcurses(); continue; } else if (fb_opener) { - sprintf(cmd, "%s \"", fb_opener); - xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); - strcat(cmd, "\" > /dev/null 2>&1"); + sprintf(cmd, "%s \'", fb_opener); + xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd)); + strcat(cmd, "\' > /dev/null 2>&1"); r = system(cmd); continue; }