diff options
author | OBATA Akio <obache@wizdas.com> | 2020-08-09 17:34:23 +0900 |
---|---|---|
committer | Slávek Banko <slavek.banko@axis.cz> | 2021-02-03 22:41:23 +0100 |
commit | 35bff96a9ce2ea78beacd98dba537c1a5871dfff (patch) | |
tree | 00f3993656680a1fb102990528dc447876633f84 | |
parent | f250423e9d9f93562ad82fc04620b335e0c6c783 (diff) | |
download | tdelibs-35bff96a9ce2ea78beacd98dba537c1a5871dfff.tar.gz tdelibs-35bff96a9ce2ea78beacd98dba537c1a5871dfff.zip |
Add a knob to use fixed path `iceauth` tool
`system()` and `popen()` may unsafe unless using absolute command path.
Rely on PATH environment variable set by users may result in unwanted tool.
Signed-off-by: OBATA Akio <obache@wizdas.com>
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
(cherry picked from commit ac8c8ca54aaed1466255161a3d727dcfade4a7d9)
-rw-r--r-- | CMakeLists.txt | 11 | ||||
-rw-r--r-- | config.h.cmake | 9 | ||||
-rw-r--r-- | dcop/dcopclient.cpp | 17 | ||||
-rw-r--r-- | dcop/dcopserver_shutdown.c | 2 | ||||
-rw-r--r-- | kded/khostname.cpp | 8 | ||||
-rw-r--r-- | kdesu/kdesu_stub.c | 4 |
6 files changed, 43 insertions, 8 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 1b7142ca2..9126e82a2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1094,6 +1094,17 @@ if( WITH_HSPELL ) endif( WITH_HSPELL ) +##### find tools path ########################### + +if( NOT WIN32 AND NOT ICEAUTH_PATH ) + find_program( ICEAUTH_PATH iceauth ) + if( ${ICEAUTH_PATH} STREQUAL "ICEAUTH_PATH-NOTFOUND" ) + tde_message_fatal( "iceauth command was not found in path." ) + endif() + message( STATUS "Found iceauth: ${ICEAUTH_PATH}" ) +endif( NOT WIN32 AND NOT ICEAUTH_PATH ) + + ##### write configure files ##################### configure_file( config.h.cmake config.h ) diff --git a/config.h.cmake b/config.h.cmake index b4927f631..0bced5c2b 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -909,6 +909,15 @@ /* Defined if your system has XRandR support */ #cmakedefine XRANDR_SUPPORT 1 +/* Defines the executable of iceauth */ +#cmakedefine ICEAUTH_PATH "@ICEAUTH_PATH@" + +#ifdef ICEAUTH_PATH +# define ICEAUTH_COMMAND ICEAUTH_PATH +#else +# define ICEAUTH_COMMAND "iceauth" +#endif + /* * jpeg.h needs HAVE_BOOLEAN, when the system uses boolean in system * headers and I'm too lazy to write a configure test as long as only diff --git a/dcop/dcopclient.cpp b/dcop/dcopclient.cpp index a64a681f9..ed9594c6a 100644 --- a/dcop/dcopclient.cpp +++ b/dcop/dcopclient.cpp @@ -213,13 +213,26 @@ public: TQCString DCOPClient::iceauthPath() { -#ifdef Q_OS_WIN32 +#if defined(ICEAUTH_PATH) + if ( +# if defined(Q_WS_WIN) + access(ICEAUTH_PATH, 0) == 0 +# else + access(ICEAUTH_PATH, X_OK) == 0 +# endif + ) + { + return TQCString(ICEAUTH_PATH); + } + +#elif defined(Q_OS_WIN32) char szPath[512]; char * pszFilePart; int ret; ret = SearchPathA(NULL,"iceauth.exe",NULL,sizeof(szPath)/sizeof(szPath[0]),szPath,&pszFilePart); if(ret != 0) return TQCString(szPath); + #else TQCString path = ::getenv("PATH"); if (path.isEmpty()) @@ -233,9 +246,9 @@ TQCString DCOPClient::iceauthPath() { return fPath; } - fPath = strtok(NULL, ":\b"); } + #endif return 0; } diff --git a/dcop/dcopserver_shutdown.c b/dcop/dcopserver_shutdown.c index fb25a86fa..af75c6d5a 100644 --- a/dcop/dcopserver_shutdown.c +++ b/dcop/dcopserver_shutdown.c @@ -151,7 +151,7 @@ static void cleanupDCOPsocket(char *buffer) if (socket_file) unlink(socket_file); - snprintf(cmd, BUFFER_SIZE, "iceauth remove netid='%s'", buffer); + snprintf(cmd, BUFFER_SIZE, ICEAUTH_COMMAND " remove netid='%s'", buffer); system(cmd); } diff --git a/kded/khostname.cpp b/kded/khostname.cpp index 9b57e5362..4f75848db 100644 --- a/kded/khostname.cpp +++ b/kded/khostname.cpp @@ -16,6 +16,8 @@ * Boston, MA 02110-1301, USA. **/ +#include <config.h> + #include <sys/types.h> #include <sys/stat.h> #include <unistd.h> @@ -236,7 +238,7 @@ void KHostName::changeDcop() ::symlink(fname.data(), compatLink.data()); // Compatibility link // Update .ICEauthority - TQString cmd = "iceauth list "+KProcess::quote("netid="+oldNetId); + TQString cmd = ICEAUTH_COMMAND " list "+KProcess::quote("netid="+oldNetId); FILE *iceFile = popen(TQFile::encodeName(cmd), "r"); if (!iceFile) { @@ -271,7 +273,7 @@ void KHostName::changeDcop() if (netId != oldNetId) continue; - cmd = "iceauth add "; + cmd = ICEAUTH_COMMAND " add "; cmd += KProcess::quote(protName); cmd += " '' "; cmd += KProcess::quote(newNetId); @@ -288,7 +290,7 @@ void KHostName::changeDcop() char* xauthlocalhostname = getenv("XAUTHLOCALHOSTNAME"); if (!xauthlocalhostname || !oldNetId.contains(xauthlocalhostname)) { - TQString cmd = "iceauth remove "+KProcess::quote("netid="+oldNetId); + TQString cmd = ICEAUTH_COMMAND " remove "+KProcess::quote("netid="+oldNetId); system(TQFile::encodeName(cmd)); unlink(origFName.data()); origFName = DCOPClient::dcopServerFileOld(oldName); // Compatibility link diff --git a/kdesu/kdesu_stub.c b/kdesu/kdesu_stub.c index 8ef7f503e..86c775baf 100644 --- a/kdesu/kdesu_stub.c +++ b/kdesu/kdesu_stub.c @@ -367,9 +367,9 @@ int main() close(fd); xsetenv("ICEAUTHORITY", iceauthority); - fout = popen("iceauth >/dev/null 2>&1", "w"); + fout = popen(ICEAUTH_COMMAND " >/dev/null 2>&1", "w"); if (!fout) { - perror("kdesu_stub: popen iceauth"); + perror("kdesu_stub: popen " ICEAUTH_COMMAND); exit(1); } for (i=0; host[i]; i++) |