Eli Zaretskii <[email protected]> writes: >> From: "Liam R. Howlett" <[email protected]> >> Date: Fri, 22 Jul 2016 20:24:05 -0400 >> Cc: [email protected] >> >> This adds the --ssh-askpass option which is disabled by default. > > Thanks. > >> + >> +/* Execute external application SSH_ASKPASS which is stored in >> opt.ssh_askpass >> + */ >> +void >> +run_ssh_askpass(const char *question, char **answer) >> +{ >> + char tmp[1024]; >> + pid_t pid; >> + int com[2]; >> + >> + if (pipe(com) == -1) >> + { >> + fprintf(stderr, _("Cannot create pipe")); >> + exit (WGET_EXIT_GENERIC_ERROR); >> + } >> + >> + pid = fork(); >> + if (pid == -1) >> + { >> + fprintf(stderr, "Error forking SSH_ASKPASS"); >> + exit (WGET_EXIT_GENERIC_ERROR); >> + } >> + else if (pid == 0) >> + { >> + /* Child */ >> + dup2(com[1], STDOUT_FILENO); >> + close(com[0]); >> + close(com[1]); >> + fprintf(stdout, "test"); >> + execlp("/usr/bin/strace", "-s256", "-otest.out", opt.ssh_askpass, >> question, (char*)NULL); >> + assert("Execlp failed!"); >> + } >> + else >> + { >> + close(com[1]); >> + unsigned int bytes = read(com[0], tmp, sizeof(tmp)); >> + if (!bytes) >> + { >> + fprintf(stderr, >> + _("Error reading response from SSH_ASKPASS %s %s\n"), >> + opt.ssh_askpass, question); >> + exit (WGET_EXIT_GENERIC_ERROR); >> + } >> + else if (bytes > 1) >> + *answer = strndup(tmp, bytes-1); >> + } >> +} > > This implementation is unnecessarily non-portable ('fork' doesn't > exist on some supported platforms). I suggest to use a much more > portable 'popen' instead.
popen(3) may be more portable but is it subject to all the problems brought by "sh -c": the string may contain shell metacharacters, etc. What worries me is the use of strace(1), which is afaik available only on Linux. OpenBSD for example doesn't have it. Why would strace(1) be needed here? -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
