[src/netbsd-1-4]: src/usr.sbin/dhcp/common Apply patch (requested by mellon):

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/a777354d2818
branches:  netbsd-1-4
changeset: 470691:a777354d2818
user:      he <he%NetBSD.org@localhost>
date:      Wed Jun 28 18:47:02 2000 +0000

description:
Apply patch (requested by mellon):
  Quote user-supplied shell meta-characters properly in generated
  scripts.

diffstat:

 usr.sbin/dhcp/common/options.c |  41 +++++++++++++++++++++++++++++++++--------
 1 files changed, 33 insertions(+), 8 deletions(-)

diffs (77 lines):

diff -r c1a65fba4da4 -r a777354d2818 usr.sbin/dhcp/common/options.c
--- a/usr.sbin/dhcp/common/options.c    Tue Jun 27 15:43:38 2000 +0000
+++ b/usr.sbin/dhcp/common/options.c    Wed Jun 28 18:47:02 2000 +0000
@@ -42,11 +42,12 @@
 
 #ifndef lint
 static char copyright[] =
-"$Id: options.c,v 1.1.1.9 1999/03/30 03:10:46 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998 The Internet Software Consortium.  All rights reserved.\n";
+"$Id: options.c,v 1.1.1.9.2.1 2000/06/28 18:47:02 he Exp $ Copyright (c) 1995, 1996, 1997, 1998 The Internet Software Consortium.  All rights reserved.\n";
 #endif /* not lint */
 
 #define DHCP_OPTION_DATA
 #include "dhcpd.h"
+#include <ctype.h>
 
 /* Parse all available options out of the specified packet. */
 
@@ -439,7 +440,7 @@
        int numhunk = -1;
        int numelem = 0;
        char fmtbuf [32];
-       int i, j;
+       int i, j, k;
        char *op = optbuf;
        unsigned char *dp = data;
        struct in_addr foo;
@@ -471,11 +472,21 @@
                        numhunk = 0;
                        break;
                      case 'X':
-                       fmtbuf [i] = 'x';
+                       for (k = 0; k < len; k++) {
+                               if (!isascii (data [k]) ||
+                                   !isprint (data [k]))
+                                       break;
+                       }
+                       if (k == len) {
+                               fmtbuf [i] = 't';
+                               numhunk = -2;
+                       } else {
+                               fmtbuf [i] = 'x';
+                               hunksize++;
+                               comma = ':';
+                               numhunk = 0;
+                       }
                        fmtbuf [i + 1] = 0;
-                       hunksize++;
-                       numhunk = 0;
-                       comma = ':';
                        break;
                      case 't':
                        fmtbuf [i] = 't';
@@ -539,8 +550,22 @@
                              case 't':
                                if (emit_quotes)
                                        *op++ = '"';
-                               strcpy (op, (char *)dp);
-                               op += strlen ((char *)dp);
+                               for (; dp < data + len; dp++) {
+                                       if (!isascii (*dp) ||
+                                           !isprint (*dp)) {
+                                               sprintf (op, "\\%03o",
+                                                        *dp);
+                                               op += 4;
+                                       } else if (*dp == '"' ||
+                                                  *dp == '\'' ||
+                                                  *dp == '$' ||
+                                                  *dp == '`' ||
+                                                  *dp == '\\') {
+                                               *op++ = '\\';
+                                               *op++ = *dp;
+                                       } else
+                                               *op++ = *dp;
+                               }
                                if (emit_quotes)
                                        *op++ = '"';
                                *op = 0;