mirrors/gnss-sdr
1
0
Fork 0
mirror of https://github.com/gnss-sdr/gnss-sdr synced 2024-12-16 05:00:35 +00:00
Code Issues Releases Wiki Activity

Make reading of environment variable safer

Browse Source
This commit is contained in:
Carles Fernandez 2018-05-21 21:27:06 +02:00
parent 5722a3f9aa
commit bbaa660f66
No known key found for this signature in database
GPG Key ID: 4C583C52B0C3877D
1 changed files with 38 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
src/tests/common-files/gnuplot_i.h
View File

@ -56,6 +56,7 @@
#include <stdexcept> #include <stdexcept>
#include <cstdio> #include <cstdio>
#include <cstdlib> // for getenv() #include <cstdlib> // for getenv()
#include <cstring> // for strncpy
#include <cmath> #include <cmath>
#include <list> // for std::list #include <list> // for std::list
@ -1962,44 +1963,48 @@ bool Gnuplot::get_program_path()
char *path; char *path;
// Retrieves a C string containing the value of environment variable PATH // Retrieves a C string containing the value of environment variable PATH
path = std::getenv("PATH"); path = std::getenv("PATH");
char secured_path[4096];
if (path == NULL || std::char_traits<char>::length(path) > 4096 * sizeof(char)) size_t len = strlen(path);
if (path && len < 4046 * sizeof(char))
{ {
throw GnuplotException("Path is not set"); strncpy(secured_path, path, len);
} }
else else
{ {
std::list<std::string> ls; throw GnuplotException("Path is not set or it is too long");
std::string path_str(path);
//split path (one long string) into list ls of strings
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32__) || defined(__TOS_WIN__)
stringtok(ls, path_str, ";");
#elif defined(unix) || defined(__unix) || defined(__unix__) || defined(__APPLE__)
stringtok(ls, path_str, ":");
#endif
// scan list for Gnuplot program files
for (std::list<std::string>::const_iterator i = ls.begin();
i != ls.end(); ++i)
{
tmp = (*i) + "/" + Gnuplot::m_sGNUPlotFileName;
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32__) || defined(__TOS_WIN__)
if (Gnuplot::file_exists(tmp, 0)) // check existence
#elif defined(unix) || defined(__unix) || defined(__unix__) || defined(__APPLE__)
if (Gnuplot::file_exists(tmp, 1)) // check existence and execution permission
#endif
{
Gnuplot::m_sGNUPlotPath = *i; // set m_sGNUPlotPath
return true;
}
}
tmp = "Can't find gnuplot neither in PATH nor in \"" +
Gnuplot::m_sGNUPlotPath + "\"";
Gnuplot::m_sGNUPlotPath = "";
throw GnuplotException(tmp);
} }
secured_path[len] = '\0';
std::string path_str(secured_path);
std::list<std::string> ls;
//split path (one long string) into list ls of strings
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32__) || defined(__TOS_WIN__)
stringtok(ls, path_str, ";");
#elif defined(unix) || defined(__unix) || defined(__unix__) || defined(__APPLE__)
stringtok(ls, path_str, ":");
#endif
// scan list for Gnuplot program files
for (std::list<std::string>::const_iterator i = ls.begin();
i != ls.end(); ++i)
{
tmp = (*i) + "/" + Gnuplot::m_sGNUPlotFileName;
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32__) || defined(__TOS_WIN__)
if (Gnuplot::file_exists(tmp, 0)) // check existence
#elif defined(unix) || defined(__unix) || defined(__unix__) || defined(__APPLE__)
if (Gnuplot::file_exists(tmp, 1)) // check existence and execution permission
#endif
{
Gnuplot::m_sGNUPlotPath = *i; // set m_sGNUPlotPath
return true;
}
}
tmp = "Can't find gnuplot neither in PATH nor in \"" +
Gnuplot::m_sGNUPlotPath + "\"";
Gnuplot::m_sGNUPlotPath = "";
throw GnuplotException(tmp);
} }