diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2000-08-02 04:10:51 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2000-08-02 04:10:51 +0000 |
| commit | eb9184a174a8fb2f98f2f1418f87863716a5c115 (patch) | |
| tree | 02b606fefe2b41782be054be7fdd586e53befba0 /usr.bin | |
| parent | 3602a750205b32f442e2e132baa5b3e9a3c83349 (diff) | |
$HOME paranoia: never use getenv("HOME") w/o checking for NULL and non-zero
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/calendar/io.c | 9 | ||||
| -rw-r--r-- | usr.bin/indent/args.c | 24 | ||||
| -rw-r--r-- | usr.bin/mail/cmd3.c | 11 | ||||
| -rw-r--r-- | usr.bin/mail/fio.c | 9 | ||||
| -rw-r--r-- | usr.bin/mail/temp.c | 15 | ||||
| -rw-r--r-- | usr.bin/mg/fileio.c | 7 | ||||
| -rw-r--r-- | usr.bin/msgs/msgs.c | 13 | ||||
| -rw-r--r-- | usr.bin/nohup/nohup.c | 6 | ||||
| -rw-r--r-- | usr.bin/sup/src/expand.c | 10 | ||||
| -rw-r--r-- | usr.bin/telnet/commands.c | 4 | ||||
| -rw-r--r-- | usr.bin/tset/termcap.c | 5 | ||||
| -rw-r--r-- | usr.bin/vi/ex/ex_cd.c | 2 | ||||
| -rw-r--r-- | usr.bin/window/startup.c | 8 |
13 files changed, 75 insertions, 48 deletions
diff --git a/usr.bin/calendar/io.c b/usr.bin/calendar/io.c index 9b4bfb06198..1b39f96a968 100644 --- a/usr.bin/calendar/io.c +++ b/usr.bin/calendar/io.c @@ -1,4 +1,4 @@ -/* $OpenBSD: io.c,v 1.8 1999/11/25 03:46:47 pjanzen Exp $ */ +/* $OpenBSD: io.c,v 1.9 2000/08/02 04:10:47 millert Exp $ */ /* * Copyright (c) 1989, 1993, 1994 @@ -43,7 +43,7 @@ static const char copyright[] = #if 0 static const char sccsid[] = "@(#)calendar.c 8.3 (Berkeley) 3/25/94"; #else -static char rcsid[] = "$OpenBSD: io.c,v 1.8 1999/11/25 03:46:47 pjanzen Exp $"; +static char rcsid[] = "$OpenBSD: io.c,v 1.9 2000/08/02 04:10:47 millert Exp $"; #endif #endif /* not lint */ @@ -310,7 +310,10 @@ opencal() if (!freopen(calendarFile, "r", stdin)) return (NULL); } else { - chdir(getenv("HOME")); + char *home = getenv("HOME"); + if (home == NULL || *home == '\0') + errx(1, "cannot get home directory"); + chdir(home); if (!(chdir(calendarHome) == 0 && freopen(calendarFile, "r", stdin))) errx(1, "no calendar file: ``%s'' or ``~/%s/%s", diff --git a/usr.bin/indent/args.c b/usr.bin/indent/args.c index c7547903b16..71a6e6b5733 100644 --- a/usr.bin/indent/args.c +++ b/usr.bin/indent/args.c @@ -1,4 +1,4 @@ -/* $OpenBSD: args.c,v 1.4 1997/07/25 22:00:44 mickey Exp $ */ +/* $OpenBSD: args.c,v 1.5 2000/08/02 04:10:47 millert Exp $ */ /* * Copyright (c) 1985 Sun Microsystems, Inc. @@ -37,7 +37,7 @@ #ifndef lint /*static char sccsid[] = "from: @(#)args.c 5.10 (Berkeley) 2/26/91";*/ -static char rcsid[] = "$OpenBSD: args.c,v 1.4 1997/07/25 22:00:44 mickey Exp $"; +static char rcsid[] = "$OpenBSD: args.c,v 1.5 2000/08/02 04:10:47 millert Exp $"; #endif /* not lint */ /* @@ -168,16 +168,20 @@ set_profile() { register FILE *f; char fname[BUFSIZ]; + char *home; static char prof[] = ".indent.pro"; - if (strlen(getenv("HOME")) + sizeof(prof) > sizeof(fname)) { - warnx("%s/%s: %s", getenv("HOME"), prof, strerror(ENAMETOOLONG)); - return; - } - sprintf(fname, "%s/%s", getenv("HOME"), prof); - if ((f = fopen(option_source = fname, "r")) != NULL) { - scan_profile(f); - (void) fclose(f); + home = getenv("HOME"); + if (home != NULL && *home != '\0') { + if (strlen(home) + sizeof(prof) > sizeof(fname)) { + warnx("%s/%s: %s", home, prof, strerror(ENAMETOOLONG)); + return; + } + sprintf(fname, "%s/%s", home, prof); + if ((f = fopen(option_source = fname, "r")) != NULL) { + scan_profile(f); + (void) fclose(f); + } } if ((f = fopen(option_source = prof, "r")) != NULL) { scan_profile(f); diff --git a/usr.bin/mail/cmd3.c b/usr.bin/mail/cmd3.c index 19f2dfa9200..22576a11366 100644 --- a/usr.bin/mail/cmd3.c +++ b/usr.bin/mail/cmd3.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmd3.c,v 1.12 2000/06/30 16:00:16 millert Exp $ */ +/* $OpenBSD: cmd3.c,v 1.13 2000/08/02 04:10:48 millert Exp $ */ /* $NetBSD: cmd3.c,v 1.8 1997/07/09 05:29:49 mikel Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)cmd3.c 8.2 (Berkeley) 4/20/95"; #else -static char rcsid[] = "$OpenBSD: cmd3.c,v 1.12 2000/06/30 16:00:16 millert Exp $"; +static char rcsid[] = "$OpenBSD: cmd3.c,v 1.13 2000/08/02 04:10:48 millert Exp $"; #endif #endif /* not lint */ @@ -182,11 +182,14 @@ schdir(v) char **arglist = v; char *cp; - if (*arglist == NULL) + if (*arglist == NULL) { + if (homedir == NULL) + return(1); cp = homedir; - else + } else { if ((cp = expand(*arglist)) == NULL) return(1); + } if (chdir(cp) < 0) { warn("%s", cp); return(1); diff --git a/usr.bin/mail/fio.c b/usr.bin/mail/fio.c index 01a1647bf7f..2a64f6d3802 100644 --- a/usr.bin/mail/fio.c +++ b/usr.bin/mail/fio.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fio.c,v 1.16 1998/06/12 17:51:51 millert Exp $ */ +/* $OpenBSD: fio.c,v 1.17 2000/08/02 04:10:48 millert Exp $ */ /* $NetBSD: fio.c,v 1.8 1997/07/07 22:57:55 phil Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)fio.c 8.2 (Berkeley) 4/20/95"; #else -static char rcsid[] = "$OpenBSD: fio.c,v 1.16 1998/06/12 17:51:51 millert Exp $"; +static char rcsid[] = "$OpenBSD: fio.c,v 1.17 2000/08/02 04:10:48 millert Exp $"; #endif #endif /* not lint */ @@ -389,7 +389,7 @@ expand(name) name = savestr(xname); } /* catch the most common shell meta character */ - if (name[0] == '~' && (name[1] == '/' || name[1] == '\0')) { + if (name[0] == '~' && homedir && (name[1] == '/' || name[1] == '\0')) { (void)snprintf(xname, sizeof(xname), "%s%s", homedir, name + 1); name = savestr(xname); } @@ -455,7 +455,8 @@ getfold(name, namelen) strncpy(name, folder, namelen-1); name[namelen-1] = '\0'; } else - (void)snprintf(name, namelen, "%s/%s", homedir, folder); + (void)snprintf(name, namelen, "%s/%s", homedir ? homedir : ".", + folder); return(0); } diff --git a/usr.bin/mail/temp.c b/usr.bin/mail/temp.c index 9bff6c7b05b..350107cbf37 100644 --- a/usr.bin/mail/temp.c +++ b/usr.bin/mail/temp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: temp.c,v 1.10 1997/11/14 00:23:59 millert Exp $ */ +/* $OpenBSD: temp.c,v 1.11 2000/08/02 04:10:48 millert Exp $ */ /* $NetBSD: temp.c,v 1.5 1996/06/08 19:48:42 christos Exp $ */ /* @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)temp.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: temp.c,v 1.10 1997/11/14 00:23:59 millert Exp $"; +static char rcsid[] = "$OpenBSD: temp.c,v 1.11 2000/08/02 04:10:48 millert Exp $"; #endif #endif /* not lint */ @@ -85,9 +85,12 @@ tinit() } else myname = savestr(cp); } - if ((cp = getenv("HOME")) == NULL || strlen(getenv("HOME")) >= PATHSIZE) - cp = "."; - homedir = savestr(cp); + if ((cp = getenv("HOME")) == NULL || *cp == '\0' || + strlen(cp) >= PATHSIZE) + homedir = NULL; + else + homedir = savestr(cp); if (debug) - printf("user = %s, homedir = %s\n", myname, homedir); + printf("user = %s, homedir = %s\n", myname, + homedir ? homedir : "NONE"); } diff --git a/usr.bin/mg/fileio.c b/usr.bin/mg/fileio.c index 8fb3b049a43..4cb42ef2628 100644 --- a/usr.bin/mg/fileio.c +++ b/usr.bin/mg/fileio.c @@ -210,8 +210,9 @@ adjustname(fn) break; case '~': fn++; - if (*fn == '/' || *fn == '\0') { - (VOID) strcpy(fnb, getenv("HOME")); + cp = getenv("HOME"); + if (cp != NULL && *cp != '\0' && (*fn == '/' || *fn == '\0')) { + (VOID) strcpy(fnb, cp); cp = fnb + strlen(fnb); if (*fn) fn++; @@ -324,7 +325,7 @@ startupfile(suffix) char *file; static char home[NFILEN]; - if ((file = getenv("HOME")) == NULL) + if ((file = getenv("HOME")) == NULL || *file == '\0') goto notfound; if (strlen(file) + 7 >= NFILEN - 1) goto notfound; diff --git a/usr.bin/msgs/msgs.c b/usr.bin/msgs/msgs.c index e17be79f5ca..54e2d940f37 100644 --- a/usr.bin/msgs/msgs.c +++ b/usr.bin/msgs/msgs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msgs.c,v 1.16 2000/07/06 06:24:39 deraadt Exp $ */ +/* $OpenBSD: msgs.c,v 1.17 2000/08/02 04:10:48 millert Exp $ */ /* $NetBSD: msgs.c,v 1.7 1995/09/28 06:57:40 tls Exp $ */ /*- @@ -44,7 +44,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)msgs.c 8.2 (Berkeley) 4/28/95"; #else -static char rcsid[] = "$OpenBSD: msgs.c,v 1.16 2000/07/06 06:24:39 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: msgs.c,v 1.17 2000/08/02 04:10:48 millert Exp $"; #endif #endif /* not lint */ @@ -172,6 +172,7 @@ main(argc, argv) int firstmsg, nextmsg, lastmsg = 0; int blast = 0; FILE *bounds; + char *cp; #ifdef UNBUFFERED setbuf(stdout, NULL); @@ -294,9 +295,9 @@ main(argc, argv) lastmsg = 0; for (dp = readdir(dirp); dp != NULL; dp = readdir(dirp)){ - register char *cp = dp->d_name; register int i = 0; + cp = dp->d_name; if (dp->d_ino == 0) continue; if (dp->d_namlen == 0) @@ -417,7 +418,11 @@ main(argc, argv) totty = (isatty(fileno(stdout)) != 0); use_pager = use_pager && totty; - snprintf(fname, sizeof(fname), "%s/%s", getenv("HOME"), MSGSRC); + if ((cp = getenv("HOME")) == NULL || *cp == '\0') { + fprintf(stderr, "Error, no home directory!\n"); + exit(1); + } + snprintf(fname, sizeof(fname), "%s/%s", cp, MSGSRC); msgsrc = fopen(fname, "r"); if (msgsrc) { newrc = NO; diff --git a/usr.bin/nohup/nohup.c b/usr.bin/nohup/nohup.c index 9800bec031f..99ba18d3f56 100644 --- a/usr.bin/nohup/nohup.c +++ b/usr.bin/nohup/nohup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nohup.c,v 1.5 1997/12/23 03:28:14 deraadt Exp $ */ +/* $OpenBSD: nohup.c,v 1.6 2000/08/02 04:10:49 millert Exp $ */ /* $NetBSD: nohup.c,v 1.6 1995/08/31 23:35:25 jtc Exp $ */ /* @@ -44,7 +44,7 @@ char copyright[] = #if 0 static char sccsid[] = "@(#)nohup.c 5.4 (Berkeley) 6/1/90"; #endif -static char rcsid[] = "$OpenBSD: nohup.c,v 1.5 1997/12/23 03:28:14 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: nohup.c,v 1.6 2000/08/02 04:10:49 millert Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -116,7 +116,7 @@ dofile() p = FILENAME; if ((fd = open(p, O_RDWR|O_CREAT|O_APPEND, S_IRUSR|S_IWUSR)) >= 0) goto dupit; - if ((p = getenv("HOME")) != NULL && + if ((p = getenv("HOME")) != NULL && *p != '\0' && (strlen(p) + strlen(FILENAME) + 1) < sizeof(path)) { (void)strcpy(path, p); (void)strcat(path, "/"); diff --git a/usr.bin/sup/src/expand.c b/usr.bin/sup/src/expand.c index d27a11c034a..e1a06cb021c 100644 --- a/usr.bin/sup/src/expand.c +++ b/usr.bin/sup/src/expand.c @@ -1,4 +1,4 @@ -/* $OpenBSD: expand.c,v 1.6 1997/09/16 23:03:10 millert Exp $ */ +/* $OpenBSD: expand.c,v 1.7 2000/08/02 04:10:49 millert Exp $ */ /* * Copyright (c) 1991 Carnegie Mellon University @@ -128,11 +128,15 @@ static void glob(as) { register char *cs; register char *spathp, *oldcs; + char *home; struct stat stb; + if ((home = getenv("HOME")) != NULL && *home == '\0') + home = NULL; + spathp = pathp; cs = as; - if (*cs == '~' && pathp == path) { + if (*cs == '~' && home && pathp == path) { if (addpath('~')) goto endit; for (cs++; isalnum(*cs) || *cs == '_' || *cs == '-';) if (addpath(*cs++)) goto endit; @@ -142,7 +146,7 @@ static void glob(as) if (gethdir(path + 1,sizeof path-1)) goto endit; strncpy(path, path + 1, sizeof path-1); } else - strncpy(path, (char *)getenv("HOME"), sizeof path-1); + strncpy(path, home, sizeof path-1); path[sizeof path-1] = '\0'; pathp = path + strlen(path); } diff --git a/usr.bin/telnet/commands.c b/usr.bin/telnet/commands.c index d11f8de5c66..2b67ac56b6c 100644 --- a/usr.bin/telnet/commands.c +++ b/usr.bin/telnet/commands.c @@ -1,4 +1,4 @@ -/* $OpenBSD: commands.c,v 1.28 2000/04/30 23:57:08 millert Exp $ */ +/* $OpenBSD: commands.c,v 1.29 2000/08/02 04:10:49 millert Exp $ */ /* $NetBSD: commands.c,v 1.14 1996/03/24 22:03:48 jtk Exp $ */ /* @@ -2202,6 +2202,8 @@ cmdrc(char *m1, char *m2) if (rcname[0] == 0) { char *home = getenv("HOME"); + if (home == NULL || *home == '\0') + return; snprintf (rcname, sizeof(rcname), "%s/.telnetrc", home ? home : ""); } diff --git a/usr.bin/tset/termcap.c b/usr.bin/tset/termcap.c index e75ec91afd7..47aa953eeaa 100644 --- a/usr.bin/tset/termcap.c +++ b/usr.bin/tset/termcap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: termcap.c,v 1.1 1998/11/16 03:08:41 millert Exp $ */ +/* $OpenBSD: termcap.c,v 1.2 2000/08/02 04:10:50 millert Exp $ */ /* $NetBSD: termcap.c,v 1.7 1995/06/05 19:45:52 pk Exp $ */ /* @@ -35,7 +35,7 @@ */ #ifndef lint -static char rcsid[] = "$OpenBSD: termcap.c,v 1.1 1998/11/16 03:08:41 millert Exp $"; +static char rcsid[] = "$OpenBSD: termcap.c,v 1.2 2000/08/02 04:10:50 millert Exp $"; #endif /* not lint */ #define PVECSIZ 32 /* max number of names in path */ @@ -90,6 +90,7 @@ tcgetent(bp, name) strlcpy(pathbuf, termpath, sizeof(pathbuf)); else { if ((home = getenv("HOME")) != NULL && + *home != '\0' && strlen(home) + sizeof(_PATH_DEF) < sizeof(pathbuf)) { sprintf(pathbuf, "%s/%s", home, diff --git a/usr.bin/vi/ex/ex_cd.c b/usr.bin/vi/ex/ex_cd.c index 3307c7b6306..1a43cd857e6 100644 --- a/usr.bin/vi/ex/ex_cd.c +++ b/usr.bin/vi/ex/ex_cd.c @@ -60,7 +60,7 @@ ex_cd(sp, cmdp) switch (cmdp->argc) { case 0: /* If no argument, change to the user's home directory. */ - if ((dir = getenv("HOME")) == NULL) { + if ((dir = getenv("HOME")) == NULL || *dir == '\0') { if ((pw = getpwuid(getuid())) == NULL || pw->pw_dir == NULL || pw->pw_dir[0] == '\0') { msgq(sp, M_ERR, diff --git a/usr.bin/window/startup.c b/usr.bin/window/startup.c index c7822d6c73d..a747de6f29c 100644 --- a/usr.bin/window/startup.c +++ b/usr.bin/window/startup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: startup.c,v 1.4 1997/02/25 00:04:17 downsj Exp $ */ +/* $OpenBSD: startup.c,v 1.5 2000/08/02 04:10:50 millert Exp $ */ /* $NetBSD: startup.c,v 1.4 1996/02/08 20:45:04 mycroft Exp $ */ /* @@ -41,7 +41,7 @@ #if 0 static char sccsid[] = "@(#)startup.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: startup.c,v 1.4 1997/02/25 00:04:17 downsj Exp $"; +static char rcsid[] = "$OpenBSD: startup.c,v 1.5 2000/08/02 04:10:50 millert Exp $"; #endif #endif /* not lint */ @@ -58,8 +58,8 @@ doconfig() char *home; static char runcom[] = RUNCOM; - if ((home = getenv("HOME")) == 0) - home = "."; + if ((home = getenv("HOME")) == NULL || *home == '\0') + return -1; (void) sprintf(buf, "%.*s/%s", (sizeof buf - sizeof runcom) / sizeof (char) - 1, home, runcom); |