1 /* vi: set sw=4 ts=4: */
5 * Copyright (C) 2008 by Vladimir Dronnikov <dronnikov@gmail.com>
7 * Licensed under GPLv2, see file LICENSE in this tarball for details.
11 // TODO: xmalloc_reads is vulnerable to remote OOM attack!
13 int lpd_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE;
14 int lpd_main(int argc, char *argv[])
20 s = xmalloc_reads(STDIN_FILENO, NULL);
22 // we understand only "receive job" command
25 printf("Command %02x %s\n",
26 (unsigned char)s[0], "is not supported");
30 // spool directory contains either links to real printer devices or just simple files
31 // these links or files are called "queues"
33 // if a directory named as given queue exists within spool directory
34 // then LPD enters spooling mode and just dumps both control and data files to it
36 // goto spool directory
40 // parse command: "\x2QUEUE_NAME\n"
42 *strchrnul(s, '\n') = '\0';
44 // protect against "/../" attacks
45 if (queue[0] == '.' || strstr(queue, "/."))
48 // queue is a directory -> chdir to it and enter spooling mode
49 spooling = chdir(queue) + 1; /* 0: cannot chdir, 1: done */
51 xdup2(STDOUT_FILENO, STDERR_FILENO);
56 // int is easier than ssize_t: can use xatoi_u,
57 // and can correctly display error returns (-1)
58 int expected_len, real_len;
61 write(STDOUT_FILENO, "", 1);
64 s = xmalloc_reads(STDIN_FILENO, NULL);
66 return EXIT_SUCCESS; // probably EOF
67 // we understand only "control file" or "data file" cmds
68 if (2 != s[0] && 3 != s[0])
71 *strchrnul(s, '\n') = '\0';
72 // valid s must be of form: SUBCMD | LEN | SP | FNAME
73 // N.B. we bail out on any error
74 fname = strchr(s, ' ');
76 printf("Command %02x %s\n",
77 (unsigned char)s[0], "lacks filename");
82 // spooling mode: dump both files
83 // make "/../" attacks in file names ineffective
85 // job in flight has mode 0200 "only writable"
86 fd = xopen3(fname, O_CREAT | O_WRONLY | O_TRUNC | O_EXCL, 0200);
89 // 2: control file (ignoring), 3: data file
92 fd = xopen(queue, O_RDWR | O_APPEND);
94 expected_len = xatoi_u(s + 1);
95 real_len = bb_copyfd_size(STDIN_FILENO, fd, expected_len);
96 if (spooling && real_len != expected_len) {
97 unlink(fname); // don't keep corrupted files
98 printf("Expected %d but got %d bytes\n",
99 expected_len, real_len);
102 // get ACK and see whether it is NUL (ok)
103 if (read(STDIN_FILENO, s, 1) != 1 || s[0] != 0) {
104 // don't send error msg to peer - it obviously
105 // don't follow the protocol, so probably
106 // it can't understand us either
109 // chmod completely downloaded job as "readable+writable"
112 close(fd); // NB: can do close(-1). Who cares?