Limit all xstrlcpy() calls by dest length.
Escape filenames in system(3) calls.
This commit is contained in:
Arun Prakash Jana 2017-05-14 03:22:47 +05:30
parent 3f1df2b584
commit d1924756c7
No known key found for this signature in database
GPG key ID: A75979F35C080412

36
nnn.c
View file

@ -1102,9 +1102,9 @@ show_stats(char* fpath, char* fname, struct stat *sb)
if (S_ISREG(sb->st_mode)) { if (S_ISREG(sb->st_mode)) {
/* Show file(1) output */ /* Show file(1) output */
strcpy(buf, "file -b \""); strcpy(buf, "file -b \"");
xstrlcpy(buf + strlen(buf), fpath, strlen(fpath) + 1); xstrlcpy(buf + strlen(buf), fpath, sizeof(buf) - strlen(buf));
strcat(buf, "\" 2>&1"); strcat(buf, "\" 2>&1");
p = get_output(buf, PATH_MAX + 16); p = get_output(buf, sizeof(buf));
if (p) { if (p) {
dprintf(fd, "\n\n "); dprintf(fd, "\n\n ");
while (*p) { while (*p) {
@ -1139,12 +1139,12 @@ show_mediainfo(const char* fpath, int full)
if (get_output(buf, MAX_CMD_LEN) == NULL) if (get_output(buf, MAX_CMD_LEN) == NULL)
return -1; return -1;
strcpy(buf, "mediainfo \""); strcpy(buf, "mediainfo \'");
xstrlcpy(buf + strlen(buf), fpath, strlen(fpath) + 1); xstrlcpy(buf + strlen(buf), fpath, sizeof(buf) - strlen(buf));
if (full) if (full)
strcat(buf, "\" -f "); strcat(buf, "\' -f ");
else else
strcat(buf, "\" "); strcat(buf, "\' ");
sprintf(buf + strlen(buf), "2>&1 | %s", xgetenv("PAGER", "less")); sprintf(buf + strlen(buf), "2>&1 | %s", xgetenv("PAGER", "less"));
return system(buf); return system(buf);
@ -1569,9 +1569,9 @@ nochange:
/* If NNN_OPENER is set, use it */ /* If NNN_OPENER is set, use it */
if (opener) { if (opener) {
sprintf(cmd, "%s \"", opener); sprintf(cmd, "%s \'", opener);
xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd));
strcat(cmd, "\" > /dev/null 2>&1"); strcat(cmd, "\' > /dev/null 2>&1");
r = system(cmd); r = system(cmd);
continue; continue;
} }
@ -1579,9 +1579,9 @@ nochange:
/* Play with nlay if identified */ /* Play with nlay if identified */
mime = getmime(dents[cur].name); mime = getmime(dents[cur].name);
if (mime) { if (mime) {
strcpy(cmd, "nlay \""); strcpy(cmd, "nlay \'");
xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd));
sprintf(cmd + strlen(cmd), "\" %s", mime); sprintf(cmd + strlen(cmd), "\' %s", mime);
exitcurses(); exitcurses();
r = system(cmd); r = system(cmd);
initcurses(); initcurses();
@ -1590,9 +1590,9 @@ nochange:
/* If nlay doesn't handle it, open plain text /* If nlay doesn't handle it, open plain text
files with vi, then try NNN_FALLBACK_OPENER */ files with vi, then try NNN_FALLBACK_OPENER */
strcpy(cmd, "file -bi \""); strcpy(cmd, "file -bi \'");
xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd));
strcat(cmd, "\""); strcat(cmd, "\'");
if (get_output(cmd, MAX_CMD_LEN) == NULL) if (get_output(cmd, MAX_CMD_LEN) == NULL)
continue; continue;
@ -1603,9 +1603,9 @@ nochange:
initcurses(); initcurses();
continue; continue;
} else if (fb_opener) { } else if (fb_opener) {
sprintf(cmd, "%s \"", fb_opener); sprintf(cmd, "%s \'", fb_opener);
xstrlcpy(cmd + strlen(cmd), newpath, strlen(newpath) + 1); xstrlcpy(cmd + strlen(cmd), newpath, sizeof(cmd) - strlen(cmd));
strcat(cmd, "\" > /dev/null 2>&1"); strcat(cmd, "\' > /dev/null 2>&1");
r = system(cmd); r = system(cmd);
continue; continue;
} }