From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-commits+bounces-321546-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1PuefG-0003td-3y
	for garchives@archives.gentoo.org; Wed, 02 Mar 2011 05:31:58 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 0B4E8E0642;
	Wed,  2 Mar 2011 05:31:48 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id B8FD3E0642
	for <gentoo-commits@lists.gentoo.org>; Wed,  2 Mar 2011 05:31:48 +0000 (UTC)
Received: from flycatcher.gentoo.org (flycatcher.gentoo.org [81.93.255.6])
	(using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id EB4B11B40AA
	for <gentoo-commits@lists.gentoo.org>; Wed,  2 Mar 2011 05:31:47 +0000 (UTC)
Received: by flycatcher.gentoo.org (Postfix, from userid 559)
	id 848E720054; Wed,  2 Mar 2011 05:31:46 +0000 (UTC)
From: "Mike Frysinger (vapier)" <vapier@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Reply-To: gentoo-dev@lists.gentoo.org, vapier@gentoo.org
Subject: [gentoo-commits] gentoo-projects commit in portage-utils: main.c
X-VCS-Repository: gentoo-projects
X-VCS-Files: main.c
X-VCS-Directories: portage-utils
X-VCS-Committer: vapier
X-VCS-Committer-Name: Mike Frysinger
Content-Type: text/plain; charset=utf8
Message-Id: <20110302053146.848E720054@flycatcher.gentoo.org>
Date: Wed,  2 Mar 2011 05:31:46 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: bf4b328464edeb48b81db2748d00b017

vapier      11/03/02 05:31:46

  Modified:             main.c
  Log:
  fix up extended line reading to avoid buffer overflows

Revision  Changes    Path
1.188                portage-utils/main.c

file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/portage-utils=
/main.c?rev=3D1.188&view=3Dmarkup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/portage-utils=
/main.c?rev=3D1.188&content-type=3Dtext/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/portage-utils=
/main.c?r1=3D1.187&r2=3D1.188

Index: main.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /var/cvsroot/gentoo-projects/portage-utils/main.c,v
retrieving revision 1.187
retrieving revision 1.188
diff -u -r1.187 -r1.188
--- main.c	2 Mar 2011 02:40:19 -0000	1.187
+++ main.c	2 Mar 2011 05:31:46 -0000	1.188
@@ -1,7 +1,7 @@
 /*
  * Copyright 2005-2008 Gentoo Foundation
  * Distributed under the terms of the GNU General Public License v2
- * $Header: /var/cvsroot/gentoo-projects/portage-utils/main.c,v 1.187 20=
11/03/02 02:40:19 vapier Exp $
+ * $Header: /var/cvsroot/gentoo-projects/portage-utils/main.c,v 1.188 20=
11/03/02 05:31:46 vapier Exp $
  *
  * Copyright 2005-2008 Ned Ludd        - <solar@gentoo.org>
  * Copyright 2005-2008 Mike Frysinger  - <vapier@gentoo.org>
@@ -11,6 +11,9 @@
 #ifdef _AIX
 #define _LINUX_SOURCE_COMPAT
 #endif
+#ifndef _q_static
+# define _q_static static
+#endif
=20
 #include <stdarg.h>
 #include <stdio.h>
@@ -529,7 +532,7 @@
 	const char *default_value;
 } env_vars;
=20
-static void set_portage_env_var(env_vars *var, const char *value)
+_q_static void set_portage_env_var(env_vars *var, const char *value)
 {
 	switch (var->type) {
 	case _Q_BOOL:
@@ -546,7 +549,7 @@
 }
=20
 /* Helper to read a portage env file (e.g. make.conf) */
-static void read_portage_env_file(const char *file, env_vars vars[])
+_q_static void read_portage_env_file(const char *file, env_vars vars[])
 {
 	size_t i, buflen, line;
 	FILE *fp;
@@ -586,22 +589,32 @@
 			while (isspace(*s))
 				++s;
 			if (*s =3D=3D '"' || *s =3D=3D '\'') {
+				char q =3D *s;
 				size_t l =3D strlen(s);
-				if (*s !=3D s[l - 1]) {
+
+				if (q !=3D s[l - 1]) {
 					/* If the last char is not a quote, then we span lines */
-					char *q =3D s + l + 1, *qq =3D NULL;
-					q[-1] =3D ' ';
-					while (fgets(q, buflen - (s - buf), fp) !=3D NULL) {
-						l =3D strlen(q);
-						qq =3D strchr(q, *s);
+					size_t abuflen;
+					char *abuf, *qq;
+
+					qq =3D abuf =3D NULL;
+					while (getline(&abuf, &abuflen, fp) !=3D -1) {
+						buf =3D xrealloc(buf, buflen + abuflen);
+						strcat(buf, abuf);
+						buflen +=3D abuflen;
+
+						qq =3D strchr(abuf, q);
 						if (qq) {
 							*qq =3D '\0';
 							break;
 						}
 					}
+					free(abuf);
+
 					if (!qq)
 						warn("%s:%zu: %s: quote mismatch", file, line, vars[i].name);
-					++s;
+
+					s =3D buf + vars[i].name_len + 1;
 				} else {
 					s[l - 1] =3D '\0';
 					++s;
@@ -702,10 +715,6 @@
 		if (vars_to_read[i].type !=3D _Q_BOOL)
 			*vars_to_read[i].value.s =3D xstrdup(vars_to_read[i].default_value);
=20
-	if ((s =3D strchr(portroot, '/')) !=3D NULL)
-		if (strlen(s) !=3D 1)
-			strncat(portroot, "/", sizeof(portroot));
-
 	/* walk all the stacked profiles */
 	read_portage_profile(EPREFIX "/etc/make.profile", vars_to_read);
 	read_portage_profile(EPREFIX "/etc/portage/make.profile", vars_to_read)=
;
@@ -729,10 +738,6 @@
 		}
 	}
=20
-	if ((s =3D strchr(portroot, '/')) !=3D NULL)
-		if (strlen(s) !=3D 1)
-			strncat(portroot, "/", sizeof(portroot));
-
 	if (getenv("PORTAGE_QUIET") !=3D NULL)
 		quiet =3D 1;
=20