[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[mgp-users 01214] Patch for mgp.c
- To: mgp-users@mew.org
- Subject: [mgp-users 01214] Patch for mgp.c
- From: Tim Maher <tim@consultix-inc.com>
- Date: Mon, 23 Jun 2003 07:05:15 -0700
- Delivered-to: mailing list mgp-users@mew.org
- Mailing-list: contact mgp-users-help@mew.org; run by ezmlm
- Organization: Consultix
- User-agent: Mutt/1.3.22.1i
mgp.c isn't doing any error checking on its invocations
of xwintoppm and pnmscale via system() functions.
IMHO, this is an overly optimistic policy for a
production program, as demonstrated by some related
problems I had this weekend, so I've provided a patch below.
-Tim
*------------------------------------------------------------*
| Tim Maher (206) 781-UNIX (866) DOC-PERL (866) DOC-UNIX |
| CEO, JAWCAR ("Just Another White Camel Award Recipient") |
| tim(AT)Consultix-Inc.Com TeachMeUnix.Com TeachMePerl.Com |
*+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-*
| Watch for my Book: "Minimal Perl for Shell Programmers" |
*------------------------------------------------------------*
Patch for mgp.c in Magicpoint 1.09a release
44a45,53
> /* tfm mod; for WEXITSTATUS */
> /*
> Following #include unnecessary on Linux, although symbol defined there,
> and symbol not in that header file on Solaris. I'll leave it to somebody
> else to come up with the portable solution to defining WEXITSTATUS.
>
> #include <stdlib.h>
> */
>
496c505,511
< system(buf); /*XXX security hole*/
---
>
> /* <tfm modifications> */
> int err;
> err=system(buf); /*XXX security hole*/
> exit_on_failure(err,buf);
> /* </tfm modifications> */
>
502c517,520
< system(buf); /*XXX security hole*/
---
> /* <tfm modifications> */
> err=system(buf); /*XXX security hole*/
> exit_on_failure(err,buf);
> /* </tfm modifications> */
1346a1365,1399
>
> /* <tfm modifications> */
> static void
> exit_on_failure(err, command)
> int err;
> char *command;
> /*
> Tim Maher, Mon Jun 23 06:01:25 PDT 2003
>
> Wrote this because I spent the whole weekend trying to
> figure out why my image files were turning out corrupted,
> and eventually noticed the lack of error checking on system()
> calls, which was part of the problem.
>
> Haven't written C-code in a few decades, but I think I've got
> it right! 8-}
> */
>
> {
> if (err == -1 ) {
> fprintf(stderr,
> "\nsystem() failed for %s\n", command);
> exit (1);
> }
> else {
> err=WEXITSTATUS(err);
> if (err > 0) {
> fprintf(stderr,
> "\nCommand '%s' failed, with code %d\n",
> command, err);
> exit (err);
> }
> }
> }
> /* </tfm modifications> */