summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOBATA Akio <obache@wizdas.com>2020-08-09 17:34:23 +0900
committerSlávek Banko <slavek.banko@axis.cz>2021-02-03 22:41:23 +0100
commit35bff96a9ce2ea78beacd98dba537c1a5871dfff (patch)
tree00f3993656680a1fb102990528dc447876633f84
parentf250423e9d9f93562ad82fc04620b335e0c6c783 (diff)
downloadtdelibs-35bff96a9ce2ea78beacd98dba537c1a5871dfff.tar.gz
tdelibs-35bff96a9ce2ea78beacd98dba537c1a5871dfff.zip
Add a knob to use fixed path `iceauth` tool
`system()` and `popen()` may unsafe unless using absolute command path. Rely on PATH environment variable set by users may result in unwanted tool. Signed-off-by: OBATA Akio <obache@wizdas.com> Signed-off-by: Slávek Banko <slavek.banko@axis.cz> (cherry picked from commit ac8c8ca54aaed1466255161a3d727dcfade4a7d9)
-rw-r--r--CMakeLists.txt11
-rw-r--r--config.h.cmake9
-rw-r--r--dcop/dcopclient.cpp17
-rw-r--r--dcop/dcopserver_shutdown.c2
-rw-r--r--kded/khostname.cpp8
-rw-r--r--kdesu/kdesu_stub.c4
6 files changed, 43 insertions, 8 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1b7142ca2..9126e82a2 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1094,6 +1094,17 @@ if( WITH_HSPELL )
endif( WITH_HSPELL )
+##### find tools path ###########################
+
+if( NOT WIN32 AND NOT ICEAUTH_PATH )
+ find_program( ICEAUTH_PATH iceauth )
+ if( ${ICEAUTH_PATH} STREQUAL "ICEAUTH_PATH-NOTFOUND" )
+ tde_message_fatal( "iceauth command was not found in path." )
+ endif()
+ message( STATUS "Found iceauth: ${ICEAUTH_PATH}" )
+endif( NOT WIN32 AND NOT ICEAUTH_PATH )
+
+
##### write configure files #####################
configure_file( config.h.cmake config.h )
diff --git a/config.h.cmake b/config.h.cmake
index b4927f631..0bced5c2b 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -909,6 +909,15 @@
/* Defined if your system has XRandR support */
#cmakedefine XRANDR_SUPPORT 1
+/* Defines the executable of iceauth */
+#cmakedefine ICEAUTH_PATH "@ICEAUTH_PATH@"
+
+#ifdef ICEAUTH_PATH
+# define ICEAUTH_COMMAND ICEAUTH_PATH
+#else
+# define ICEAUTH_COMMAND "iceauth"
+#endif
+
/*
* jpeg.h needs HAVE_BOOLEAN, when the system uses boolean in system
* headers and I'm too lazy to write a configure test as long as only
diff --git a/dcop/dcopclient.cpp b/dcop/dcopclient.cpp
index a64a681f9..ed9594c6a 100644
--- a/dcop/dcopclient.cpp
+++ b/dcop/dcopclient.cpp
@@ -213,13 +213,26 @@ public:
TQCString DCOPClient::iceauthPath()
{
-#ifdef Q_OS_WIN32
+#if defined(ICEAUTH_PATH)
+ if (
+# if defined(Q_WS_WIN)
+ access(ICEAUTH_PATH, 0) == 0
+# else
+ access(ICEAUTH_PATH, X_OK) == 0
+# endif
+ )
+ {
+ return TQCString(ICEAUTH_PATH);
+ }
+
+#elif defined(Q_OS_WIN32)
char szPath[512];
char * pszFilePart;
int ret;
ret = SearchPathA(NULL,"iceauth.exe",NULL,sizeof(szPath)/sizeof(szPath[0]),szPath,&pszFilePart);
if(ret != 0)
return TQCString(szPath);
+
#else
TQCString path = ::getenv("PATH");
if (path.isEmpty())
@@ -233,9 +246,9 @@ TQCString DCOPClient::iceauthPath()
{
return fPath;
}
-
fPath = strtok(NULL, ":\b");
}
+
#endif
return 0;
}
diff --git a/dcop/dcopserver_shutdown.c b/dcop/dcopserver_shutdown.c
index fb25a86fa..af75c6d5a 100644
--- a/dcop/dcopserver_shutdown.c
+++ b/dcop/dcopserver_shutdown.c
@@ -151,7 +151,7 @@ static void cleanupDCOPsocket(char *buffer)
if (socket_file)
unlink(socket_file);
- snprintf(cmd, BUFFER_SIZE, "iceauth remove netid='%s'", buffer);
+ snprintf(cmd, BUFFER_SIZE, ICEAUTH_COMMAND " remove netid='%s'", buffer);
system(cmd);
}
diff --git a/kded/khostname.cpp b/kded/khostname.cpp
index 9b57e5362..4f75848db 100644
--- a/kded/khostname.cpp
+++ b/kded/khostname.cpp
@@ -16,6 +16,8 @@
* Boston, MA 02110-1301, USA.
**/
+#include <config.h>
+
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -236,7 +238,7 @@ void KHostName::changeDcop()
::symlink(fname.data(), compatLink.data()); // Compatibility link
// Update .ICEauthority
- TQString cmd = "iceauth list "+KProcess::quote("netid="+oldNetId);
+ TQString cmd = ICEAUTH_COMMAND " list "+KProcess::quote("netid="+oldNetId);
FILE *iceFile = popen(TQFile::encodeName(cmd), "r");
if (!iceFile)
{
@@ -271,7 +273,7 @@ void KHostName::changeDcop()
if (netId != oldNetId)
continue;
- cmd = "iceauth add ";
+ cmd = ICEAUTH_COMMAND " add ";
cmd += KProcess::quote(protName);
cmd += " '' ";
cmd += KProcess::quote(newNetId);
@@ -288,7 +290,7 @@ void KHostName::changeDcop()
char* xauthlocalhostname = getenv("XAUTHLOCALHOSTNAME");
if (!xauthlocalhostname || !oldNetId.contains(xauthlocalhostname))
{
- TQString cmd = "iceauth remove "+KProcess::quote("netid="+oldNetId);
+ TQString cmd = ICEAUTH_COMMAND " remove "+KProcess::quote("netid="+oldNetId);
system(TQFile::encodeName(cmd));
unlink(origFName.data());
origFName = DCOPClient::dcopServerFileOld(oldName); // Compatibility link
diff --git a/kdesu/kdesu_stub.c b/kdesu/kdesu_stub.c
index 8ef7f503e..86c775baf 100644
--- a/kdesu/kdesu_stub.c
+++ b/kdesu/kdesu_stub.c
@@ -367,9 +367,9 @@ int main()
close(fd);
xsetenv("ICEAUTHORITY", iceauthority);
- fout = popen("iceauth >/dev/null 2>&1", "w");
+ fout = popen(ICEAUTH_COMMAND " >/dev/null 2>&1", "w");
if (!fout) {
- perror("kdesu_stub: popen iceauth");
+ perror("kdesu_stub: popen " ICEAUTH_COMMAND);
exit(1);
}
for (i=0; host[i]; i++)