more checks for string issues

author: Cassio de Campos <cassiopc@gmail.com> 2017-08-04 10:25:22 +0000
committer: Cassio de Campos <cassiopc@gmail.com> 2017-08-04 10:25:22 +0000
commit: 4d9c902970c275d7eec39ef0c44cc1b611a09122 (patch)
tree: e0ffe2c46243dd11b9d208bef6784ebd84604bff /tools
parent: 324a9c84af6f8d7d2fff5f0f99b85eba37ae47dc (diff)
download: boca-4d9c902970c275d7eec39ef0c44cc1b611a09122.tar.gz
boca-4d9c902970c275d7eec39ef0c44cc1b611a09122.zip
1 files changed, 18 insertions, 2 deletions
diff --git a/tools/boca-submit-run-root-wrapper.c b/tools/boca-submit-run-root-wrapper.c
index 6e8ca66..94ba282 100644
--- a/tools/boca-submit-run-root-wrapper.c
+++ b/tools/boca-submit-run-root-wrapper.c
@@ -2,10 +2,26 @@
 #include<stdio.h>
 #include<sys/types.h>
 #include<unistd.h>
-char str[10000];
+char str[3000];
+char *clean(char *s) {
+  int i;
+  if(s[0]=='"') s++;
+  for(i=0; i < 299 && s[i]; ++i) {
+    if(s[i] == '"' ||
+       s[i] == '\\' ||
+       s[i] == '$' ||
+       s[i] == '`') {
+      if(s[i+1] == 0) s[i]=0;
+      else s[i]='_';
+    }
+  }
+  if(i >= 299) s[i]=0;
+  return s;
+}
 int main(int argc, char **argv) {
   if(argc != 8) return 1;
-  sprintf(str,"/usr/bin/boca-submit-run-root %1000s %1000s %1000s %1000s %1000s %1000s %1000s",argv[1],argv[2],argv[3],argv[4],argv[5],argv[6],argv[7]);
+  sprintf(str,"/usr/bin/boca-submit-run-root \"%300s\" \"%300s\" \"%300s\" \"%300s\" \"%300s\" \"%300s\" \"%300s\"",
+	  clean(argv[1]),clean(argv[2]),clean(argv[3]),clean(argv[4]),clean(argv[5]),clean(argv[6]),clean(argv[7]));
   setuid(0);
   system(str);
   return 0;
author	Cassio de Campos <cassiopc@gmail.com>	2017-08-04 10:25:22 +0000
committer	Cassio de Campos <cassiopc@gmail.com>	2017-08-04 10:25:22 +0000
commit	4d9c902970c275d7eec39ef0c44cc1b611a09122 (patch)
tree	e0ffe2c46243dd11b9d208bef6784ebd84604bff /tools
parent	324a9c84af6f8d7d2fff5f0f99b85eba37ae47dc (diff)
download	boca-4d9c902970c275d7eec39ef0c44cc1b611a09122.tar.gz boca-4d9c902970c275d7eec39ef0c44cc1b611a09122.zip