[netsniff-ng] Re: [PATCH 2/5] cpp: Allow to pass cpp arguments
On 2015-11-29 at 13:42:43 +0100, Vadim Kochan wrote: > On Wed, Nov 25, 2015 at 10:31:28AM +0100, Tobias Klauser wrote: > > On 2015-11-25 at 00:51:48 +0100, Vadim Kochan wrote: > > > Extend cpp_exec func to pass cpp arguments > > > > > > Signed-off-by: Vadim Kochan > > > --- > > > bpf_parser.y | 2 +- > > > cpp.c| 6 +++--- > > > cpp.h| 2 +- > > > trafgen_parser.y | 2 +- > > > 4 files changed, 6 insertions(+), 6 deletions(-) > > > > > > diff --git a/bpf_parser.y b/bpf_parser.y > > > index 8aed9dc..db6a007 100644 > > > --- a/bpf_parser.y > > > +++ b/bpf_parser.y > > > @@ -745,7 +745,7 @@ int compile_filter(char *file, int verbose, int > > > bypass, int format, > > > memset(tmp_file, 0, sizeof(tmp_file)); > > > > > > if (invoke_cpp) { > > > - ret = cpp_exec(file, tmp_file, sizeof(tmp_file)); > > > + ret = cpp_exec(file, tmp_file, sizeof(tmp_file), NULL); > > > if (ret) { > > > fprintf(stderr, "Failed to invoke C preprocessor!\n"); > > > goto exit; > > > diff --git a/cpp.c b/cpp.c > > > index 6734eac..99c4c33 100644 > > > --- a/cpp.c > > > +++ b/cpp.c > > > @@ -4,7 +4,7 @@ > > > #include "str.h" > > > #include "xmalloc.h" > > > > > > -int cpp_exec(char *in_file, char *out_file, size_t out_len) > > > +int cpp_exec(char *in_file, char *out_file, size_t out_len, char *args) > > > { > > > char *tmp = xstrdup(in_file); > > > char cmd[256], *base; > > > @@ -13,8 +13,8 @@ int cpp_exec(char *in_file, char *out_file, size_t > > > out_len) > > > base = basename(tmp); > > > > > > slprintf(out_file, out_len, "/tmp/.tmp-%u-%s", rand(), base); > > > - slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s > %s", > > > - in_file, out_file); > > > + slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s %s > %s", > > > + args ? args : "", in_file, out_file); > > > > By crafting an appropriate string, a user might be able to inject > > additional, potentially dangerous commands here using 'args'. I'd > > suggest to pass the args similar to (int argc, char **argv) to cpp_exec > > and then do the prefixing with -D in cpp_exec. > > > > Also you should check the contents of the passed definitions carefully > > (i.e. they only contain valid macro definitions). > > What about automatically escape such characters like '&><"\;#$ by prepending > '\' ? Sure, as long as the resulting string is a valid macro definition which cannot be used to spawn processes I'm fine with that too. -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 2/5] cpp: Allow to pass cpp arguments
On Wed, Nov 25, 2015 at 10:31:28AM +0100, Tobias Klauser wrote: > On 2015-11-25 at 00:51:48 +0100, Vadim Kochan wrote: > > Extend cpp_exec func to pass cpp arguments > > > > Signed-off-by: Vadim Kochan > > --- > > bpf_parser.y | 2 +- > > cpp.c| 6 +++--- > > cpp.h| 2 +- > > trafgen_parser.y | 2 +- > > 4 files changed, 6 insertions(+), 6 deletions(-) > > > > diff --git a/bpf_parser.y b/bpf_parser.y > > index 8aed9dc..db6a007 100644 > > --- a/bpf_parser.y > > +++ b/bpf_parser.y > > @@ -745,7 +745,7 @@ int compile_filter(char *file, int verbose, int bypass, > > int format, > > memset(tmp_file, 0, sizeof(tmp_file)); > > > > if (invoke_cpp) { > > - ret = cpp_exec(file, tmp_file, sizeof(tmp_file)); > > + ret = cpp_exec(file, tmp_file, sizeof(tmp_file), NULL); > > if (ret) { > > fprintf(stderr, "Failed to invoke C preprocessor!\n"); > > goto exit; > > diff --git a/cpp.c b/cpp.c > > index 6734eac..99c4c33 100644 > > --- a/cpp.c > > +++ b/cpp.c > > @@ -4,7 +4,7 @@ > > #include "str.h" > > #include "xmalloc.h" > > > > -int cpp_exec(char *in_file, char *out_file, size_t out_len) > > +int cpp_exec(char *in_file, char *out_file, size_t out_len, char *args) > > { > > char *tmp = xstrdup(in_file); > > char cmd[256], *base; > > @@ -13,8 +13,8 @@ int cpp_exec(char *in_file, char *out_file, size_t > > out_len) > > base = basename(tmp); > > > > slprintf(out_file, out_len, "/tmp/.tmp-%u-%s", rand(), base); > > - slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s > %s", > > -in_file, out_file); > > + slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s %s > %s", > > +args ? args : "", in_file, out_file); > > By crafting an appropriate string, a user might be able to inject > additional, potentially dangerous commands here using 'args'. I'd > suggest to pass the args similar to (int argc, char **argv) to cpp_exec > and then do the prefixing with -D in cpp_exec. > > Also you should check the contents of the passed definitions carefully > (i.e. they only contain valid macro definitions). What about automatically escape such characters like '&><"\;#$ by prepending '\' ? -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] Re: [PATCH 2/5] cpp: Allow to pass cpp arguments
On 2015-11-25 at 00:51:48 +0100, Vadim Kochan wrote: > Extend cpp_exec func to pass cpp arguments > > Signed-off-by: Vadim Kochan > --- > bpf_parser.y | 2 +- > cpp.c| 6 +++--- > cpp.h| 2 +- > trafgen_parser.y | 2 +- > 4 files changed, 6 insertions(+), 6 deletions(-) > > diff --git a/bpf_parser.y b/bpf_parser.y > index 8aed9dc..db6a007 100644 > --- a/bpf_parser.y > +++ b/bpf_parser.y > @@ -745,7 +745,7 @@ int compile_filter(char *file, int verbose, int bypass, > int format, > memset(tmp_file, 0, sizeof(tmp_file)); > > if (invoke_cpp) { > - ret = cpp_exec(file, tmp_file, sizeof(tmp_file)); > + ret = cpp_exec(file, tmp_file, sizeof(tmp_file), NULL); > if (ret) { > fprintf(stderr, "Failed to invoke C preprocessor!\n"); > goto exit; > diff --git a/cpp.c b/cpp.c > index 6734eac..99c4c33 100644 > --- a/cpp.c > +++ b/cpp.c > @@ -4,7 +4,7 @@ > #include "str.h" > #include "xmalloc.h" > > -int cpp_exec(char *in_file, char *out_file, size_t out_len) > +int cpp_exec(char *in_file, char *out_file, size_t out_len, char *args) > { > char *tmp = xstrdup(in_file); > char cmd[256], *base; > @@ -13,8 +13,8 @@ int cpp_exec(char *in_file, char *out_file, size_t out_len) > base = basename(tmp); > > slprintf(out_file, out_len, "/tmp/.tmp-%u-%s", rand(), base); > - slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s > %s", > - in_file, out_file); > + slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s %s > %s", > + args ? args : "", in_file, out_file); By crafting an appropriate string, a user might be able to inject additional, potentially dangerous commands here using 'args'. I'd suggest to pass the args similar to (int argc, char **argv) to cpp_exec and then do the prefixing with -D in cpp_exec. Also you should check the contents of the passed definitions carefully (i.e. they only contain valid macro definitions). -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.