From 4875d6b64dd0ed8d451746cc0cc609cff36192bd Mon Sep 17 00:00:00 2001 From: Wayne Davison Date: Mon, 7 Feb 2005 20:36:43 +0000 Subject: [PATCH] Adding more calls to safe_fname(). --- authenticate.c | 7 ++++--- backup.c | 20 ++++++++++++-------- batch.c | 30 ++++++++++++++++-------------- cleanup.c | 4 ++-- clientserver.c | 17 ++++++++++------- generator.c | 22 ++++++++++++++-------- log.c | 2 +- options.c | 6 ++++-- params.c | 2 +- pipe.c | 3 ++- rsync.c | 27 ++++++++++++++++----------- 11 files changed, 82 insertions(+), 58 deletions(-) diff --git a/authenticate.c b/authenticate.c index 542f4403..ff240288 100644 --- a/authenticate.c +++ b/authenticate.c @@ -87,7 +87,7 @@ static int get_secret(int module, char *user, char *secret, int len) return 0; if (do_stat(fname, &st) == -1) { - rsyserr(FLOG, errno, "stat(%s)", fname); + rsyserr(FLOG, errno, "stat(%s)", safe_fname(fname)); ok = 0; } else if (lp_strict_modes(module)) { if ((st.st_mode & 06) != 0) { @@ -156,14 +156,15 @@ static char *getpassf(char *filename) return NULL; if ((fd = open(filename,O_RDONLY)) < 0) { - rsyserr(FERROR, errno, "could not open password file \"%s\"",filename); + rsyserr(FERROR, errno, "could not open password file \"%s\"", + safe_fname(filename)); if (envpw) rprintf(FERROR, "falling back to RSYNC_PASSWORD environment variable.\n"); return NULL; } if (do_stat(filename, &st) == -1) { - rsyserr(FERROR, errno, "stat(%s)", filename); + rsyserr(FERROR, errno, "stat(%s)", safe_fname(filename)); ok = 0; } else if ((st.st_mode & 06) != 0) { rprintf(FERROR,"password file must not be other-accessible\n"); diff --git a/backup.c b/backup.c index 689bfad5..1db011ce 100644 --- a/backup.c +++ b/backup.c @@ -64,11 +64,13 @@ static int make_simple_backup(char *fname) /* cygwin (at least version b19) reports EINVAL */ if (errno != ENOENT && errno != EINVAL) { rsyserr(FERROR, errno, - "rename %s to backup %s", fname, fnamebak); + "rename %s to backup %s", + safe_fname(fname), safe_fname(fnamebak)); return 0; } } else if (verbose > 1) { - rprintf(FINFO, "backed up %s to %s\n", fname, fnamebak); + rprintf(FINFO, "backed up %s to %s\n", + safe_fname(fname), safe_fname(fnamebak)); } return 1; } @@ -182,7 +184,7 @@ static int keep_backup(char *fname) } else if (verbose > 2) { rprintf(FINFO, "make_backup: DEVICE %s successful.\n", - fname); + safe_fname(fname)); } } kept = 1; @@ -219,7 +221,7 @@ static int keep_backup(char *fname) && (errno != ENOENT || make_bak_dir(buf) < 0 || do_symlink(file->u.link, buf) < 0)) { rsyserr(FERROR, errno, "link %s -> \"%s\"", - full_fname(buf), file->u.link); + full_fname(buf), safe_fname(file->u.link)); } do_unlink(fname); kept = 1; @@ -228,7 +230,7 @@ static int keep_backup(char *fname) if (!kept && !S_ISREG(file->mode)) { rprintf(FINFO, "make_bak: skipping non-regular file %s\n", - fname); + safe_fname(fname)); return 1; } @@ -236,7 +238,7 @@ static int keep_backup(char *fname) if (!kept) { if (robust_move(fname, buf) != 0) { rsyserr(FERROR, errno, "keep_backup failed: %s -> \"%s\"", - full_fname(fname), buf); + full_fname(fname), safe_fname(buf)); } else if (st.st_nlink > 1) { /* If someone has hard-linked the file into the backup * dir, rename() might return success but do nothing! */ @@ -246,8 +248,10 @@ static int keep_backup(char *fname) set_perms(buf, file, NULL, 0); free(file); - if (verbose > 1) - rprintf(FINFO, "backed up %s to %s\n", fname, buf); + if (verbose > 1) { + rprintf(FINFO, "backed up %s to %s\n", + safe_fname(fname), safe_fname(buf)); + } return 1; } diff --git a/batch.c b/batch.c index 55b01c1f..68d284d6 100644 --- a/batch.c +++ b/batch.c @@ -143,7 +143,8 @@ void write_batch_shell_file(int argc, char *argv[], int file_arg_cnt) fd = do_open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IEXEC); if (fd < 0) { - rsyserr(FERROR, errno, "Batch file %s open error", filename); + rsyserr(FERROR, errno, "Batch file %s open error", + safe_fname(filename)); exit_cleanup(1); } @@ -190,7 +191,8 @@ void write_batch_shell_file(int argc, char *argv[], int file_arg_cnt) if (filter_list.head) write_filter_rules(fd); if (write(fd, "\n", 1) != 1 || close(fd) < 0) { - rsyserr(FERROR, errno, "Batch file %s write error", filename); + rsyserr(FERROR, errno, "Batch file %s write error", + safe_fname(filename)); exit_cleanup(1); } } @@ -207,25 +209,25 @@ void show_flist(int index, struct file_struct **fptr) rprintf(FINFO, "flist->length=%.0f\n", (double) fptr[i]->length); rprintf(FINFO, "flist->mode=%#o\n", (int) fptr[i]->mode); - rprintf(FINFO, "flist->basename=%s\n", fptr[i]->basename); - if (fptr[i]->dirname) + rprintf(FINFO, "flist->basename=%s\n", + safe_fname(fptr[i]->basename)); + if (fptr[i]->dirname) { rprintf(FINFO, "flist->dirname=%s\n", - fptr[i]->dirname); - if (am_sender && fptr[i]->dir.root) + safe_fname(fptr[i]->dirname)); + } + if (am_sender && fptr[i]->dir.root) { rprintf(FINFO, "flist->dir.root=%s\n", - fptr[i]->dir.root); + safe_fname(fptr[i]->dir.root)); + } } } +/* for debugging */ void show_argvs(int argc, char *argv[]) { - /* for debugging * */ - int i; - rprintf(FINFO, "BATCH.C:show_argvs,argc=%d\n", argc); - for (i = 0; i < argc; i++) { - /* if (argv[i]) */ - rprintf(FINFO, "i=%d,argv[i]=%s\n", i, argv[i]); - } + rprintf(FINFO, "BATCH.C:show_argvs,argc=%d\n", argc); + for (i = 0; i < argc; i++) + rprintf(FINFO, "i=%d,argv[i]=%s\n", i, safe_fname(argv[i])); } diff --git a/cleanup.c b/cleanup.c index ca7e3546..d183c9d1 100644 --- a/cleanup.c +++ b/cleanup.c @@ -99,7 +99,7 @@ void _exit_cleanup(int code, const char *file, int line) if (verbose > 3) { rprintf(FINFO,"_exit_cleanup(code=%d, file=%s, line=%d): entered\n", - code, file, line); + code, safe_fname(file), line); } if (cleanup_child_pid != -1) { @@ -147,7 +147,7 @@ void _exit_cleanup(int code, const char *file, int line) if (verbose > 2) { rprintf(FINFO,"_exit_cleanup(code=%d, file=%s, line=%d): about to call exit(%d)\n", - ocode, file, line, code); + ocode, safe_fname(file), line, code); } close_all(); diff --git a/clientserver.c b/clientserver.c index 19d54c61..4007bffe 100644 --- a/clientserver.c +++ b/clientserver.c @@ -258,9 +258,8 @@ static int rsync_module(int f_in, int f_out, int i) if (!claim_connection(lp_lock_file(i), lp_max_connections(i))) { if (errno) { rsyserr(FLOG, errno, "failed to open lock file %s", - lp_lock_file(i)); - io_printf(f_out, "@ERROR: failed to open lock file %s\n", - lp_lock_file(i)); + safe_fname(lp_lock_file(i))); + io_printf(f_out, "@ERROR: failed to open lock file\n"); } else { rprintf(FLOG, "max connections (%d) reached\n", lp_max_connections(i)); @@ -360,20 +359,23 @@ static int rsync_module(int f_in, int f_out, int i) * in which case we fail. */ if (chroot(lp_path(i))) { - rsyserr(FLOG, errno, "chroot %s failed", lp_path(i)); + rsyserr(FLOG, errno, "chroot %s failed", + safe_fname(lp_path(i))); io_printf(f_out, "@ERROR: chroot failed\n"); return -1; } if (!push_dir("/")) { - rsyserr(FLOG, errno, "chdir %s failed\n", lp_path(i)); + rsyserr(FLOG, errno, "chdir %s failed\n", + safe_fname(lp_path(i))); io_printf(f_out, "@ERROR: chdir failed\n"); return -1; } } else { if (!push_dir(lp_path(i))) { - rsyserr(FLOG, errno, "chdir %s failed\n", lp_path(i)); + rsyserr(FLOG, errno, "chdir %s failed\n", + safe_fname(lp_path(i))); io_printf(f_out, "@ERROR: chdir failed\n"); return -1; } @@ -646,7 +648,8 @@ int daemon_main(void) if ((fd = do_open(lp_pid_file(), O_WRONLY|O_CREAT|O_TRUNC, 0666 & ~orig_umask)) == -1) { cleanup_set_pid(0); - rsyserr(FLOG, errno, "failed to create pid file %s", pid_file); + rsyserr(FLOG, errno, "failed to create pid file %s", + safe_fname(pid_file)); exit_cleanup(RERR_FILEIO); } snprintf(pidbuf, sizeof pidbuf, "%ld\n", (long)pid); diff --git a/generator.c b/generator.c index bbe70fb0..8f3177ce 100644 --- a/generator.c +++ b/generator.c @@ -251,8 +251,10 @@ static void recv_generator(char *fname, struct file_list *flist, if (list_only) return; - if (verbose > 2) - rprintf(FINFO, "recv_generator(%s,%d)\n", safe_fname(fname), ndx); + if (verbose > 2) { + rprintf(FINFO, "recv_generator(%s,%d)\n", + safe_fname(fname), ndx); + } if (server_filter_list.head && check_filter(&server_filter_list, fname, @@ -318,8 +320,10 @@ static void recv_generator(char *fname, struct file_list *flist, delete_in_dir(flist, fname, file); return; } else if (max_size && file->length > max_size) { - if (verbose > 1) - rprintf(FINFO, "%s is over max-size\n", fname); + if (verbose > 1) { + rprintf(FINFO, "%s is over max-size\n", + safe_fname(fname)); + } return; } @@ -327,8 +331,10 @@ static void recv_generator(char *fname, struct file_list *flist, #if SUPPORT_LINKS if (safe_symlinks && unsafe_symlink(file->u.link, fname)) { if (verbose) { - rprintf(FINFO, "ignoring unsafe symlink %s -> \"%s\"\n", - full_fname(fname), file->u.link); + rprintf(FINFO, + "ignoring unsafe symlink %s -> \"%s\"\n", + full_fname(fname), + safe_fname(file->u.link)); } return; } @@ -446,7 +452,7 @@ static void recv_generator(char *fname, struct file_list *flist, if (verbose) { rsyserr(FINFO, errno, "link %s => %s", - fnamecmpbuf, + full_fname(fnamecmpbuf), safe_fname(fname)); } fnamecmp = fnamecmpbuf; @@ -593,7 +599,7 @@ notify_others: set_perms(backupptr, back_file, NULL, 0); if (verbose > 1) { rprintf(FINFO, "backed up %s to %s\n", - fname, backupptr); + safe_fname(fname), safe_fname(backupptr)); } free(back_file); } diff --git a/log.c b/log.c index 95fd96c0..256e70e8 100644 --- a/log.c +++ b/log.c @@ -376,7 +376,7 @@ static void log_formatted(enum logcode code, case 'f': pathjoin(buf2, sizeof buf2, am_sender && file->dir.root ? file->dir.root : "", - f_name(file)); + safe_fname(f_name(file))); clean_fname(buf2, 0); n = buf2; if (*n == '/') n++; diff --git a/options.c b/options.c index a00370fc..5cb8c22d 100644 --- a/options.c +++ b/options.c @@ -993,8 +993,10 @@ int parse_arguments(int *argc, const char ***argv, int frommain) backup_dir_buf[backup_dir_len++] = '/'; backup_dir_buf[backup_dir_len] = '\0'; } - if (verbose > 1 && !am_sender) - rprintf(FINFO, "backup_dir is %s\n", backup_dir_buf); + if (verbose > 1 && !am_sender) { + rprintf(FINFO, "backup_dir is %s\n", + safe_fname(backup_dir_buf)); + } } else if (!backup_suffix_len && (!am_server || !am_sender)) { snprintf(err_buf, sizeof err_buf, "--suffix cannot be a null string without --backup-dir\n"); diff --git a/params.c b/params.c index 95981464..f48ed0f2 100644 --- a/params.c +++ b/params.c @@ -492,7 +492,7 @@ static FILE *OpenConfFile( char *FileName ) if( NULL == OpenedFile ) { rsyserr(FERROR, errno, "rsync: unable to open configuration file \"%s\"", - FileName); + safe_fname(FileName)); } return( OpenedFile ); diff --git a/pipe.c b/pipe.c index 446afa7d..941e5d87 100644 --- a/pipe.c +++ b/pipe.c @@ -79,7 +79,8 @@ pid_t piped_child(char **command, int *f_in, int *f_out) if (blocking_io > 0) set_blocking(STDOUT_FILENO); execvp(command[0], command); - rsyserr(FERROR, errno, "Failed to exec %s", command[0]); + rsyserr(FERROR, errno, "Failed to exec %s", + safe_fname(command[0])); exit_cleanup(RERR_IPC); } diff --git a/rsync.c b/rsync.c index 537df0a1..89fe6f3e 100644 --- a/rsync.c +++ b/rsync.c @@ -123,9 +123,10 @@ int delete_file(char *fname, int flags) else flags &= ~DEL_DIR; - if (verbose) + if (verbose) { rprintf(FINFO, "deleting %s%s\n", safe_fname(buf), flags & DEL_DIR ? "/" : ""); + } if (delete_file(buf, flags) != 0) { closedir(d); return -1; @@ -193,13 +194,15 @@ int set_perms(char *fname,struct file_struct *file,STRUCT_STAT *st, if (verbose > 2) { if (change_uid) { rprintf(FINFO, - "set uid of %s from %ld to %ld\n", - fname, (long)st->st_uid, (long)file->uid); + "set uid of %s from %ld to %ld\n", + safe_fname(fname), + (long)st->st_uid, (long)file->uid); } if (change_gid) { rprintf(FINFO, - "set gid of %s from %ld to %ld\n", - fname, (long)st->st_gid, (long)file->gid); + "set gid of %s from %ld to %ld\n", + safe_fname(fname), + (long)st->st_gid, (long)file->gid); } } if (do_lchown(fname, @@ -237,9 +240,9 @@ int set_perms(char *fname,struct file_struct *file,STRUCT_STAT *st, if (verbose > 1 && flags & PERMS_REPORT) { if (updated) - rprintf(FINFO,"%s\n",fname); + rprintf(FINFO, "%s\n", safe_fname(fname)); else - rprintf(FINFO,"%s is uptodate\n",fname); + rprintf(FINFO, "%s is uptodate\n", safe_fname(fname)); } return updated; } @@ -269,7 +272,7 @@ void finish_transfer(char *fname, char *fnametmp, struct file_struct *file, if (inplace) { if (verbose > 2) - rprintf(FINFO, "finishing %s\n", fname); + rprintf(FINFO, "finishing %s\n", safe_fname(fname)); goto do_set_perms; } @@ -280,13 +283,15 @@ void finish_transfer(char *fname, char *fnametmp, struct file_struct *file, set_perms(fnametmp, file, NULL, ok_to_set_time ? 0 : PERMS_SKIP_MTIME); /* move tmp file over real file */ - if (verbose > 2) - rprintf(FINFO, "renaming %s to %s\n", fnametmp, fname); + if (verbose > 2) { + rprintf(FINFO, "renaming %s to %s\n", + safe_fname(fnametmp), safe_fname(fname)); + } ret = robust_rename(fnametmp, fname, file->mode & INITACCESSPERMS); if (ret < 0) { rsyserr(FERROR, errno, "%s %s -> \"%s\"", ret == -2 ? "copy" : "rename", - full_fname(fnametmp), fname); + full_fname(fnametmp), safe_fname(fname)); do_unlink(fnametmp); return; } -- 2.34.1