/* $NetBSD: percent_x.c,v 1.5 2012/03/21 10:10:37 matt Exp $ */ /* * percent_x() takes a string and performs %<char> expansions. It aborts the * program when the expansion would overflow the output buffer. The result * of %<char> expansion may be passed on to a shell process. For this * reason, characters with a special meaning to shells are replaced by * underscores. * * Diagnostics are reported through syslog(3). * * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. */ #include <sys/cdefs.h> #ifndef lint #if 0 static char sccsid[] = "@(#) percent_x.c 1.4 94/12/28 17:42:37"; #else __RCSID("$NetBSD: percent_x.c,v 1.5 2012/03/21 10:10:37 matt Exp $"); #endif #endif /* System libraries. */ #include <stdio.h> #include <syslog.h> #include <stdlib.h> #include <unistd.h> #include <string.h> /* Local stuff. */ #include "tcpd.h" /* percent_x - do %<char> expansion, abort if result buffer is too small */ char * percent_x(char *result, int result_len, char *string, struct request_info *request) { char *bp = result; char *end = result + result_len - 1; /* end of result buffer */ char *expansion; size_t expansion_len; static const char ok_chars[] = "1234567890!@%-_=+:,./" "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; char *str = string; char *cp; int ch; /* * Warning: we may be called from a child process or after pattern * matching, so we cannot use clean_exit() or tcpd_jump(). */ while (*str) { if (*str == '%' && (ch = str[1]) != 0) { str += 2; expansion = ch == 'a' ? eval_hostaddr(request->client) : ch == 'A' ? eval_hostaddr(request->server) : ch == 'c' ? eval_client(request) : ch == 'd' ? eval_daemon(request) : ch == 'h' ? eval_hostinfo(request->client) : ch == 'H' ? eval_hostinfo(request->server) : ch == 'n' ? eval_hostname(request->client) : ch == 'N' ? eval_hostname(request->server) : ch == 'p' ? eval_pid(request) : ch == 's' ? eval_server(request) : ch == 'u' ? eval_user(request) : ch == '%' ? __UNCONST("%") : (tcpd_warn("unrecognized %%%c", ch), __UNCONST("")); for (cp = expansion; *(cp += strspn(cp, ok_chars)); /* */ ) *cp = '_'; expansion_len = cp - expansion; } else { expansion = str++; expansion_len = 1; } if (bp + expansion_len >= end) { tcpd_warn("percent_x: expansion too long: %.30s...", result); sleep(5); exit(0); } memcpy(bp, expansion, expansion_len); bp += expansion_len; } *bp = 0; return (result); } |