// Read one line a-la fgets. Reads byte-by-byte.
// Useful when it is important to not read ahead.
// Bytes are appended to pfx (which must be malloced, or NULL).
-extern char *xmalloc_reads(int fd, char *pfx);
+extern char *xmalloc_reads(int fd, char *pfx, size_t *maxsz_p);
extern ssize_t read_close(int fd, void *buf, size_t count);
extern ssize_t open_read_close(const char *filename, void *buf, size_t count);
extern void *xmalloc_open_read_close(const char *filename, size_t *sizep);
// Read one line a-la fgets. Reads byte-by-byte.
// Useful when it is important to not read ahead.
// Bytes are appended to pfx (which must be malloced, or NULL).
-char *xmalloc_reads(int fd, char *buf)
+char *xmalloc_reads(int fd, char *buf, size_t *maxsz_p)
{
char *p;
- int sz = buf ? strlen(buf) : 0;
+ size_t sz = buf ? strlen(buf) : 0;
+ size_t maxsz = maxsz_p ? *maxsz_p : MAXINT(size_t);
goto jump_in;
- while (1) {
+ while (sz < maxsz) {
if (p - buf == sz) {
jump_in:
buf = xrealloc(buf, sz + 128);
p++;
}
*p++ = '\0';
+ if (maxsz_p)
+ *maxsz_p = p - buf - 1;
return xrealloc(buf, p - buf);
}
*/
#include "libbb.h"
-// TODO: xmalloc_reads is vulnerable to remote OOM attack!
-
// strip argument of bad chars
static char *sane(char *str)
{
return str;
}
+/* vfork() disables some optimizations. Moving its use
+ * to minimal, non-inlined function saves bytes */
+static NOINLINE void vfork_close_stdio_and_exec(char **argv)
+{
+ if (vfork() == 0) {
+ // CHILD
+ // we are the helper. we wanna be silent.
+ // this call reopens stdio fds to "/dev/null"
+ // (no daemonization is done)
+ bb_daemonize_or_rexec(DAEMON_DEVNULL_STDIO | DAEMON_ONLY_SANITIZE, NULL);
+ BB_EXECVP(*argv, argv);
+ _exit(127);
+ }
+}
+
static void exec_helper(const char *fname, char **argv)
{
char *p, *q, *file;
// next line, plz!
q = p;
}
+ free(file);
- if (vfork() == 0) {
- // CHILD
- // we are the helper. we wanna be silent
- // this call reopens stdio fds to "/dev/null"
- // (no daemonization is done)
- bb_daemonize_or_rexec(DAEMON_DEVNULL_STDIO | DAEMON_ONLY_SANITIZE, NULL);
- BB_EXECVP(*argv, argv);
- _exit(127);
- }
+ vfork_close_stdio_and_exec(argv);
// PARENT (or vfork error)
// clean up...
- free(file);
while (--env_idx >= 0) {
*strchrnul(our_env[env_idx], '=') = '\0';
unsetenv(our_env[env_idx]);
}
}
+static char *xmalloc_read_stdin(void)
+{
+ size_t max = 4 * 1024; /* more than enough for commands! */
+ return xmalloc_reads(STDIN_FILENO, NULL, &max);
+}
+
int lpd_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE;
int lpd_main(int argc ATTRIBUTE_UNUSED, char *argv[])
{
char *s, *queue;
// read command
- s = xmalloc_reads(STDIN_FILENO, NULL);
+ s = xmalloc_read_stdin();
// we understand only "receive job" command
if (2 != *s) {
write(STDOUT_FILENO, "", 1);
// get subcommand
- s = xmalloc_reads(STDIN_FILENO, NULL);
+ s = xmalloc_read_stdin();
if (!s)
return EXIT_SUCCESS; // probably EOF
// we understand only "control file" or "data file" cmds
projects / oweals / busybox.git / commitdiff