[netsniff-ng] Re: [PATCH 2/5] cpp: Allow to pass cpp arguments

2015-11-29 Thread Vadim Kochan 
On Wed, Nov 25, 2015 at 10:31:28AM +0100, Tobias Klauser wrote:
> On 2015-11-25 at 00:51:48 +0100, Vadim Kochan  wrote:
> > Extend cpp_exec func to pass cpp arguments
> > 
> > Signed-off-by: Vadim Kochan 
> > ---
> >  bpf_parser.y | 2 +-
> >  cpp.c| 6 +++---
> >  cpp.h| 2 +-
> >  trafgen_parser.y | 2 +-
> >  4 files changed, 6 insertions(+), 6 deletions(-)
> > 
> > diff --git a/bpf_parser.y b/bpf_parser.y
> > index 8aed9dc..db6a007 100644
> > --- a/bpf_parser.y
> > +++ b/bpf_parser.y
> > @@ -745,7 +745,7 @@ int compile_filter(char *file, int verbose, int bypass, 
> > int format,
> > memset(tmp_file, 0, sizeof(tmp_file));
> >  
> > if (invoke_cpp) {
> > -   ret = cpp_exec(file, tmp_file, sizeof(tmp_file));
> > +   ret = cpp_exec(file, tmp_file, sizeof(tmp_file), NULL);
> > if (ret) {
> > fprintf(stderr, "Failed to invoke C preprocessor!\n");
> > goto exit;
> > diff --git a/cpp.c b/cpp.c
> > index 6734eac..99c4c33 100644
> > --- a/cpp.c
> > +++ b/cpp.c
> > @@ -4,7 +4,7 @@
> >  #include "str.h"
> >  #include "xmalloc.h"
> >  
> > -int cpp_exec(char *in_file, char *out_file, size_t out_len)
> > +int cpp_exec(char *in_file, char *out_file, size_t out_len, char *args)
> >  {
> > char *tmp = xstrdup(in_file);
> > char cmd[256], *base;
> > @@ -13,8 +13,8 @@ int cpp_exec(char *in_file, char *out_file, size_t 
> > out_len)
> > base = basename(tmp);
> >  
> > slprintf(out_file, out_len, "/tmp/.tmp-%u-%s", rand(), base);
> > -   slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s > %s",
> > -in_file, out_file);
> > +   slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s %s > %s",
> > +args ? args : "", in_file, out_file);
> 
> By crafting an appropriate string, a user might be able to inject
> additional, potentially dangerous commands here using 'args'. I'd
> suggest to pass the args similar to (int argc, char **argv) to cpp_exec
> and then do the prefixing with -D in cpp_exec.
> 
> Also you should check the contents of the passed definitions carefully
> (i.e. they only contain valid macro definitions).

What about automatically escape such characters like '&><"\;#$ by prepending 
'\' ?

-- 
You received this message because you are subscribed to the Google Groups 
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[netsniff-ng] Re: [PATCH 2/5] cpp: Allow to pass cpp arguments

2015-11-29 Thread Tobias Klauser 
On 2015-11-29 at 13:42:43 +0100, Vadim Kochan  wrote:
> On Wed, Nov 25, 2015 at 10:31:28AM +0100, Tobias Klauser wrote:
> > On 2015-11-25 at 00:51:48 +0100, Vadim Kochan  wrote:
> > > Extend cpp_exec func to pass cpp arguments
> > > 
> > > Signed-off-by: Vadim Kochan 
> > > ---
> > >  bpf_parser.y | 2 +-
> > >  cpp.c| 6 +++---
> > >  cpp.h| 2 +-
> > >  trafgen_parser.y | 2 +-
> > >  4 files changed, 6 insertions(+), 6 deletions(-)
> > > 
> > > diff --git a/bpf_parser.y b/bpf_parser.y
> > > index 8aed9dc..db6a007 100644
> > > --- a/bpf_parser.y
> > > +++ b/bpf_parser.y
> > > @@ -745,7 +745,7 @@ int compile_filter(char *file, int verbose, int 
> > > bypass, int format,
> > >   memset(tmp_file, 0, sizeof(tmp_file));
> > >  
> > >   if (invoke_cpp) {
> > > - ret = cpp_exec(file, tmp_file, sizeof(tmp_file));
> > > + ret = cpp_exec(file, tmp_file, sizeof(tmp_file), NULL);
> > >   if (ret) {
> > >   fprintf(stderr, "Failed to invoke C preprocessor!\n");
> > >   goto exit;
> > > diff --git a/cpp.c b/cpp.c
> > > index 6734eac..99c4c33 100644
> > > --- a/cpp.c
> > > +++ b/cpp.c
> > > @@ -4,7 +4,7 @@
> > >  #include "str.h"
> > >  #include "xmalloc.h"
> > >  
> > > -int cpp_exec(char *in_file, char *out_file, size_t out_len)
> > > +int cpp_exec(char *in_file, char *out_file, size_t out_len, char *args)
> > >  {
> > >   char *tmp = xstrdup(in_file);
> > >   char cmd[256], *base;
> > > @@ -13,8 +13,8 @@ int cpp_exec(char *in_file, char *out_file, size_t 
> > > out_len)
> > >   base = basename(tmp);
> > >  
> > >   slprintf(out_file, out_len, "/tmp/.tmp-%u-%s", rand(), base);
> > > - slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s > %s",
> > > -  in_file, out_file);
> > > + slprintf(cmd, sizeof(cmd), "cpp -I" ETCDIRE_STRING " %s %s > %s",
> > > +  args ? args : "", in_file, out_file);
> > 
> > By crafting an appropriate string, a user might be able to inject
> > additional, potentially dangerous commands here using 'args'. I'd
> > suggest to pass the args similar to (int argc, char **argv) to cpp_exec
> > and then do the prefixing with -D in cpp_exec.
> > 
> > Also you should check the contents of the passed definitions carefully
> > (i.e. they only contain valid macro definitions).
> 
> What about automatically escape such characters like '&><"\;#$ by prepending 
> '\' ?

Sure, as long as the resulting string is a valid macro definition which
cannot be used to spawn processes I'm fine with that too.

-- 
You received this message because you are subscribed to the Google Groups 
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.