}
}
-/* like strncpy but does not 0 fill the buffer and always null
- terminates. bufsize is the size of the destination buffer */
-size_t strlcpy(char *d, const char *s, size_t bufsize)
-{
- size_t len = strlen(s);
- size_t ret = len;
- if (len >= bufsize) len = bufsize-1;
- memcpy(d, s, len);
- d[len] = 0;
- return ret;
-}
-
-/* like strncat but does not 0 fill the buffer and always null
- terminates. bufsize is the length of the buffer, which should
- be one more than the maximum resulting string length */
-size_t strlcat(char *d, const char *s, size_t bufsize)
-{
- size_t len1 = strlen(d);
- size_t len2 = strlen(s);
- size_t ret = len1 + len2;
-
- if (len1+len2 >= bufsize) {
- len2 = bufsize - (len1+1);
- }
- if (len2 > 0) {
- memcpy(d+len1, s, len2);
- d[len1+len2] = 0;
- }
- return ret;
-}
-
/* turn a user name into a uid */
int name_to_uid(char *name, uid_t *uid)
{
}
-static void glob_expand_one(char *s, char **argv, int *argc, int maxargs)
+static void glob_expand_one(char *s, char **argv, int *argc, int maxargs, int sanitize_paths)
{
#if !(defined(HAVE_GLOB) && defined(HAVE_GLOB_H))
if (!*s) s = ".";
if (!*s) s = ".";
- argv[*argc] = strdup(s);
+ s = strdup(s);
+ sanitize_path(s);
+ argv[*argc] = s;
memset(&globbuf, 0, sizeof(globbuf));
glob(argv[*argc], 0, NULL, &globbuf);
#endif
}
-void glob_expand(char *base1, char **argv, int *argc, int maxargs)
+void glob_expand(char *base1, char **argv, int *argc, int maxargs, int sanitize_paths)
{
char *s = argv[*argc];
char *p, *q;
while ((p = strstr(q,base)) && ((*argc) < maxargs)) {
/* split it at this point */
*p = 0;
- glob_expand_one(q, argv, argc, maxargs);
+ glob_expand_one(q, argv, argc, maxargs, sanitize_paths);
q = p+strlen(base);
}
- if (*q && (*argc < maxargs)) glob_expand_one(q, argv, argc, maxargs);
+ if (*q && (*argc < maxargs)) glob_expand_one(q, argv, argc, maxargs, sanitize_paths);
free(s);
free(base);
* While we're at it, remove double slashes and "." components like
* clean_fname does(), but DON'T remove a trailing slash because that
* is sometimes significant on command line arguments.
- * Return a malloc'ed copy.
+ * Can only shrink paths, so sanitizes in place.
* Contributed by Dave Dykstra <dwd@bell-labs.com>
*/
-char *sanitize_path(char *p)
+void sanitize_path(char *p)
{
- char *copy, *copyp;
+ char *start, *sanp;
- copy = (char *) malloc(strlen(p)+1);
- copyp = copy;
+ start = p;
+ sanp = p;
while (*p == '/') {
/* remove leading slashes */
p++;
}
while (*p != '\0') {
/* this loop iterates once per filename component in p.
- * both p (and copyp if the original had a slash) should
+ * both p (and sanp if the original had a slash) should
* always be left pointing after a slash
*/
if ((*p == '.') && ((*(p+1) == '/') || (*(p+1) == '\0'))) {
p += 2;
if (*p == '/')
p++;
- if (copyp != copy) {
- /* back up the copy one level */
- --copyp; /* now pointing at slash */
- while ((copyp > copy) && (*(copyp - 1) != '/')) {
+ if (sanp != start) {
+ /* back up sanp one level */
+ --sanp; /* now pointing at slash */
+ while ((sanp > start) && (*(sanp - 1) != '/')) {
/* skip back up to slash */
- copyp--;
+ sanp--;
}
}
} else {
while (1) {
/* copy one component through next slash */
- *copyp++ = *p++;
+ *sanp++ = *p++;
if ((*p == '\0') || (*(p-1) == '/')) {
while (*p == '/') {
/* skip multiple slashes */
}
}
}
- if (copyp == copy) {
+ if (sanp == start) {
/* ended up with nothing, so put in "." component */
- *copyp++ = '.';
+ *sanp++ = '.';
}
- *copyp = '\0';
- return(copy);
+ *sanp = '\0';
}
to ensure that signed/unsigned usage is consistent between machines. */
int u_strcmp(const char *cs1, const char *cs2)
{
- const uchar *s1 = (uchar *)cs1;
- const uchar *s2 = (uchar *)cs2;
+ const uchar *s1 = (const uchar *)cs1;
+ const uchar *s2 = (const uchar *)cs2;
while (*s1 && *s2 && (*s1 == *s2)) {
s1++; s2++;