Bug#404235: trr19: segfault when no argument is given

2007-01-21 Thread Nico Golde 
Hi Arnaud,
* Arnaud Fontaine <[EMAIL PROTECTED]> [2007-01-21 22:59]:
> Your patch is wrong because you  are using `char *textfile` in the first
> snprintf without initializing it. I made a patch which fixes the bug and
> works on the Hurd.

As said I didnt test it, I just wrote it down very quick 
since I dont care about emacs stuff and just wanted to point 
out the issues.
Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de
JAB: [EMAIL PROTECTED] - GPG: 0x73647CFF
Forget about that mouse with 3/4/5 buttons,
gimme a keyboard with 103/104/105 keys!


pgpi6XOdwPHAp.pgp
Description: PGP signature

Bug#404235: trr19: segfault when no argument is given

2007-01-21 Thread Arnaud Fontaine 
Hello,

Your patch is wrong because you  are using `char *textfile` in the first
snprintf without initializing it. I made a patch which fixes the bug and
works on the Hurd.

Regards,
Arnaud Fontaine

diff -uN trr19-1.0beta5.orig/trr_format.c trr19-1.0beta5/trr_format.c
--- trr19-1.0beta5.orig/trr_format.c	2007-01-21 21:19:23.0 +0100
+++ trr19-1.0beta5/trr_format.c	2007-01-21 18:56:58.0 +0100
@@ -21,6 +21,11 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
+
+#include "utils.h"
 
 #if defined(HAVE_STRING_H)
 #include 
@@ -40,12 +45,16 @@
 
 
 main(int argc, char **argv){
-  char textfile[256], formattedfile[256], lockfile[256], *tmpfname;
-  char command[256], line[1024];
+  int err = 0;
   FILE *fd, *tmpfd;
+  size_t len=0;
+  pid_t ret;
   int i;
   struct passwd *pw = NULL;
-
+  int tmpfnamefd = 0;
+  char *textfile = NULL, *lockfile = NULL, *formattedfile = NULL,
+*command = NULL, *line = NULL;
+  char tmpfname[] = "/tmp/trr_update.XX";
 
   /* ignore signals */
   signal(SIGHUP, SIG_IGN);
@@ -53,14 +62,16 @@
   signal(SIGQUIT, SIG_IGN);
   signal(SIGTERM, SIG_IGN);
 
-  strcpy(textfile, TEXT_DIR);
-  strcat(textfile, argv[1]);
-  strcpy(formattedfile, textfile);
-  strcat(formattedfile, ".formed");
-  strcpy(lockfile, textfile);
-  strcat(lockfile, ".lock");
+  if(argc < 2){
+fprintf(stderr, "%s: %s\n", argv[0], strerror (EINVAL));
+exit(1);
+  }
+
+  my_asprintf(&textfile, "%s%s", TEXT_DIR, argv[1]);
+  my_asprintf(&formattedfile, "%s.formed", textfile);
+  my_asprintf(&lockfile, "%s.lock", textfile);
 
-  umask(18);
+  umask(022);
 
   /* if previous process is formatting same target text,
  wait for that process to finish formatting. */
@@ -81,47 +92,82 @@
 	}
   }
   /* successfully formatted */
-  unlink(lockfile);
-  return 0;
+  exit(0);
 } else{
   perror(lockfile);
   exit(1);
 }
   else{
+tmpfnamefd = mkstemp(tmpfname);
+
 /* format a text - fork and exec the processes so we can drop privileges */
 switch( fork() ) {
   case -1:  /* Error */
-	perror(fork);
+	perror("fork");
 	exit(1);
 	break;
   case 0:   /* Child */
-	tmpfname = tmpnam(NULL);
 	unlink(formattedfile);
 
 	/* Drop group privileges */
 	pw = getpwuid(getuid());
+	if(!pw){
+	  unlink(lockfile);
+	  fprintf(stderr, "You don't exist..go away\n");
+	  exit(1);
+	}
+
 	setgid(pw->pw_gid);
 
-	sprintf(command, "%s -v '^[ \t]*$' %s | %s 's/\\([.?!;]\\) *$/\\1/' | %s 's/^  *\\(.*\\)$/\\1/' > %s",
-		GREP, textfile, SED, SED, tmpfname);
-	system(command);
+	if (my_asprintf(&command, "%s -v '^[ \t]*$' %s | %s 's/\\([.?!;]\\) *$/\\1/' | %s 's/^  *\\(.*\\)$/\\1/' > %s",
+			GREP, textfile, SED, SED, tmpfname) == -1 || tmpfnamefd == -1)
+	  {
+	if (tmpfnamefd != -1)
+	  unlink(lockfile);
+
+	perror("temporary file creation");
+	exit(1);
+	  }
+	
+	execl("/bin/sh", "sh", "-c", command);
 	break;
   default:  /* Parent */
+	do
+	  ret = wait (NULL);
+	while (!(ret == -1 && errno == ECHILD));
 	break;
 }
 
-tmpfd = fopen(tmpfname, "r");
+unlink(tmpfname);
+tmpfd = fdopen(tmpfnamefd, "r");
+if (!tmpfd){
+  unlink(lockfile);
+  perror("fopen");
+  exit(1);
+}
+	
 fd = fopen(formattedfile, "w");
-
-while(fgets(line, 1024, tmpfd))
+if (!fd){
+  unlink(lockfile);
+  perror("fopen");
+  exit(1);
+}
+	
+while(my_getline(&line, &len, tmpfd) != -1)
   fputs(line, fd);
 
+/* release lock */
+unlink(lockfile);
+
+free(line);
+free(command);
+free(formattedfile);
+free(textfile);
+free(lockfile);
+
 fclose(tmpfd);
 fclose(fd);
-unlink(tmpfname);
 
-/* release lock */
-unlink(lockfile);
-return 0;
+return err;
   }
 }
diff -uN trr19-1.0beta5.orig/trr_update.c trr19-1.0beta5/trr_update.c
--- trr19-1.0beta5.orig/trr_update.c	2007-01-21 21:19:23.0 +0100
+++ trr19-1.0beta5/trr_update.c	2007-01-21 21:18:12.0 +0100
@@ -21,6 +21,9 @@
 #include 
 #include 
 #include 
+#include 
+
+#include "utils.h"
 
 #if defined(HAVE_STRING_H)
 #include 
@@ -45,9 +48,12 @@
 #endif /* HAVE_FCNTL_H */
 
 main(int argc, char **argv){
-  char scorefile[256], lockfile[256], datestr[64];
-  char line[256], savedline[256];
-  const char *user, *scores, *step, *times, *ttime, *token;
+  char *scorefile = NULL, *lockfile = NULL, *line = NULL, *savedline = NULL;
+  char *user = NULL, *scores = NULL, *step = NULL, *times = NULL,
+*ttime = NULL, *token = NULL;
+  size_t len=0;
+  char datestr[64];
+
   FILE *fd, *tmpf;
   int score, tmpscore, i, myself, inserted;
   long datev;
@@ -59,12 +65,16 @@
   signal(SIGTERM, SIG_IGN);
 
   umask(18);
-  strcpy(scorefile, RECORD_DIR);
+
+  if (argc < 7){
+fprintf(stderr, "too few arguments\n");
+exit(1);
+  }
+
+  my_asprintf (&scorefile, "%s%s", RECORD_DIR, argv[1]);
 
   /* create a new record file */
   if (argc == 2){
-strcat(scorefil

Bug#404235: trr19: segfault when no argument is given

2007-01-16 Thread Arnaud Fontaine 
Hello,

The package  fixing this issue is almost  ready. I will port  it for the
Hurd as  I have already  ported two packages  to it and will  upload the
patch for reviewing on the alioth Hurd  group. I think I will be able to
upload a package this week-end. Sorry for the delay. Thanks Nico for the
patches you provided.

Regards,
Arnaud Fontaine


pgp7vSswP7oVY.pgp
Description: PGP signature