X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=etc%2Fpapd%2Flp.c;h=3b817b9f4d3c7d1cdca4d496ad517b9dafcdf377;hb=5f5367aa2eedd7e8538566a83d163cc549c9d68f;hp=ee7d7274e0978f1fc458c487247fc6d640624ec0;hpb=18b1ed14673cfa7b72a67c97dacdf3dde4b86238;p=netatalk.git

diff --git a/etc/papd/lp.c b/etc/papd/lp.c
index ee7d7274..3b817b9f 100644
--- a/etc/papd/lp.c
+++ b/etc/papd/lp.c
@@ -1,5 +1,5 @@
 /*
- * $Id: lp.c,v 1.22 2009-01-28 18:03:15 morgana Exp $
+ * $Id: lp.c,v 1.31 2009-10-22 13:40:11 franklahm Exp $
  *
  * Copyright (c) 1990,1994 Regents of The University of Michigan.
  * All Rights Reserved.  See COPYRIGHT.
@@ -92,11 +92,11 @@ int lp_disconn_inet( int );
 int lp_conn_unix();
 int lp_disconn_unix( int );
 
-char	hostname[ MAXHOSTNAMELEN ];
+static char hostname[ MAXHOSTNAMELEN ];
 
 extern struct sockaddr_at *sat;
 
-struct lp {
+static struct lp {
     int			lp_flags;
     FILE		*lp_stream;
     int			lp_seq;
@@ -127,7 +127,7 @@ static void convert_octal (char *string, charset_t dest)
     char temp[4];
     long int ch;
 
-    q=p=string;
+    q=p=(unsigned char *)string;
     while ( *p != '\0' ) {
         ch = 0;
         if ( *p == '\\' ) {
@@ -208,6 +208,8 @@ static void lp_setup_comments (charset_t dest)
 
 #define is_var(a, b) (strncmp((a), (b), 2) == 0)
 
+#if 0
+/* removed, it's not used and a pain to get it right from a security POV */
 static size_t quote(char *dest, char *src, const size_t bsize, size_t len)
 {
 size_t used = 0;
@@ -217,26 +219,7 @@ size_t used = 0;
           case '$':
           case '\\':
           case '"':
-          case ';':
-          case '&':
-          case '(':
-          case ')':
-          case ' ':
-          case '*':
-          case '#':
-          case '|':
-          case '>':
-          case '<':
-          case '[':
-          case ']':
-          case '{':
-          case '}':
-          case '^':
-          case '?':
-          case '~':
           case '`':
-          case '\x0A':
-          case '\xFF':
             if (used + 2 > bsize )
               return used;
             *dest = '\\';
@@ -253,7 +236,6 @@ size_t used = 0;
     return used;
 }
 
-
 static char* pipexlate(char *src)
 {
     char *p, *q, *dest; 
@@ -266,9 +248,9 @@ static char* pipexlate(char *src)
     if (!src)
 	return NULL;
 
-    memset(dest, 0, sizeof(destbuf));
+    memset(dest, 0, MAXPATHLEN +1);
     if ((p = strchr(src, '%')) == NULL) { /* nothing to do */
-        strncpy(dest, src, sizeof(dest) - 1);
+        strncpy(dest, src, MAXPATHLEN);
         return destbuf;
     }
     /* first part of the path. copy and forward to the next variable. */
@@ -315,12 +297,15 @@ static char* pipexlate(char *src)
             destlen -= len;
         }
     }
+    if (!destlen) {
+        /* reach end of buffer, maybe prematurely, give up */
+        return NULL;
+    }
     return destbuf;
 }
+#endif
 
-
-void lp_person( person )
-    char	*person;
+void lp_person(char *person)
 {
     if ( lp.lp_person != NULL ) {
 	free( lp.lp_person );
@@ -333,7 +318,7 @@ void lp_person( person )
 }
 
 #ifdef ABS_PRINT
-int lp_pagecost()
+int lp_pagecost(void)
 {
     char	cost[ 22 ];
     char	balance[ 22 ];
@@ -350,8 +335,7 @@ int lp_pagecost()
 }
 #endif /* ABS_PRINT */
 
-void lp_host( host )
-    char	*host;
+void lp_host( char *host)
 {
     if ( lp.lp_host != NULL ) {
 	free( lp.lp_host );
@@ -369,8 +353,7 @@ void lp_host( host )
  * This should be added.
  */
 
-void lp_job( job )
-    char	*job;
+void lp_job(char *job)
 {
     if ( lp.lp_job != NULL ) {
 	free( lp.lp_job );
@@ -383,8 +366,7 @@ void lp_job( job )
     
 }
 
-void lp_for ( lpfor )
-	char	*lpfor;
+void lp_for (char *lpfor)
 {
     if ( lp.lp_created_for != NULL ) {
 	free( lp.lp_created_for );
@@ -394,9 +376,7 @@ void lp_for ( lpfor )
 }
 
 
-int lp_init( out, sat )
-    struct papfile	*out;
-    struct sockaddr_at	*sat;
+static int lp_init(struct papfile *out, struct sockaddr_at *sat)
 {
     int		authenticated = 0;
 #ifndef HAVE_CUPS
@@ -559,9 +539,7 @@ int lp_init( out, sat )
     return( 0 );
 }
 
-int lp_open( out, sat )
-    struct papfile	*out;
-    struct sockaddr_at	*sat;
+int lp_open(struct papfile *out, struct sockaddr_at *sat)
 {
     char	name[ MAXPATHLEN ];
     int		fd;
@@ -585,25 +563,34 @@ int lp_open( out, sat )
     }
 
     if ( lp.lp_flags & LP_PIPE ) {
+        char *pipe_cmd;
 
 	/* go right to program */
 	if (lp.lp_person != NULL) {
 	    if((pwent = getpwnam(lp.lp_person)) != NULL) {
 		if(setreuid(pwent->pw_uid, pwent->pw_uid) != 0) {
-		    LOG(log_info, logtype_papd, "setreuid error: %s", strerror(errno));
+		    LOG(log_error, logtype_papd, "setreuid error: %s", strerror(errno));
+		    exit(1);
 		}
 	    } else {
-		LOG(log_info, logtype_papd, "Error getting username (%s)", lp.lp_person);
+		LOG(log_error, logtype_papd, "Error getting username (%s)", lp.lp_person);
+                exit(1);
 	    }
 	}
 
 	lp_setup_comments(CH_UNIX);
-	if (( lp.lp_stream = popen( pipexlate(printer->p_printer), "w" )) == NULL ) {
+	pipe_cmd = printer->p_printer;
+	if (!pipe_cmd) {
+	    LOG(log_error, logtype_papd, "lp_open: no pipe cmd" );
+	    spoolerror( out, NULL );
+	    return( -1 );
+	}
+	if (( lp.lp_stream = popen(pipe_cmd, "w" )) == NULL ) {
 	    LOG(log_error, logtype_papd, "lp_open popen %s: %s", printer->p_printer, strerror(errno) );
 	    spoolerror( out, NULL );
 	    return( -1 );
 	}
-        LOG(log_debug, logtype_papd, "lp_open: opened %s",  pipexlate(printer->p_printer) );
+        LOG(log_debug, logtype_papd, "lp_open: opened %s",  pipe_cmd );
     } else {
 	sprintf( name, "df%c%03d%s", lp.lp_letter++, lp.lp_seq, hostname );
 
@@ -652,7 +639,7 @@ int lp_open( out, sat )
     return( 0 );
 }
 
-int lp_close()
+int lp_close(void)
 {
     if (( lp.lp_flags & LP_INIT ) == 0 || ( lp.lp_flags & LP_OPEN ) == 0 ) {
 	return 0;
@@ -666,10 +653,7 @@ int lp_close()
 
 
 
-int lp_write(in, buf, len )
-    struct papfile *in;
-    char	*buf;
-    size_t	len;
+int lp_write(struct papfile *in, char *buf, size_t len)
 {
 #define BUFSIZE 32768
     static char tempbuf[BUFSIZE];
@@ -752,7 +736,7 @@ int lp_write(in, buf, len )
     return( 0 );
 }
 
-int lp_cancel()
+int lp_cancel(void)
 {
     char	name[ MAXPATHLEN ];
     char	letter;
@@ -781,7 +765,7 @@ int lp_cancel()
  *
  * XXX piped?
  */
-int lp_print()
+int lp_print(void)
 {
 #ifndef HAVE_CUPS
     char		buf[ MAXPATHLEN ];
@@ -905,7 +889,7 @@ int lp_disconn_unix( int fd )
     return( close( fd ));
 }
 
-int lp_conn_unix()
+int lp_conn_unix(void)
 {
     int			s;
     struct sockaddr_un	saun;
@@ -932,7 +916,7 @@ int lp_disconn_inet( int fd )
     return( close( fd ));
 }
 
-int lp_conn_inet()
+int lp_conn_inet(void)
 {
     int			privfd, port = IPPORT_RESERVED - 1;
     struct sockaddr_in	sin;
@@ -976,8 +960,7 @@ int lp_conn_inet()
     return( privfd );
 }
 
-int lp_rmjob( job )
-    int		job;
+int lp_rmjob( int job)
 {
     char	buf[ 1024 ];
     int		n, s;
@@ -1016,8 +999,7 @@ char	*tag_files = "files: ";
 char	*tag_size = "size: ";
 char	*tag_status = "status: ";
 
-int lp_queue( out )
-    struct papfile	*out;
+int lp_queue( struct papfile *out)
 {
     char			buf[ 1024 ], *start, *stop, *p, *q;
     int				linelength, crlflength;