Mercurial > mplayer.hg
view sub/unrar_exec.c @ 32811:b34b8e47a844
Prevent out buffer overflow.
author | ib |
---|---|
date | Sun, 13 Feb 2011 17:58:02 +0000 |
parents | 22888a8cb312 |
children | 804c3926503b |
line wrap: on
line source
/* * List files and extract file from rars by using external executable unrar. * * Copyright (C) 2005 Jindrich Makovicka <makovick gmail com> * Copyright (C) 2007 Ulion <ulion2002 gmail com> * * This file is part of MPlayer. * * MPlayer is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * MPlayer is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along * with MPlayer; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ #include <sys/wait.h> #include <unistd.h> #include <fcntl.h> #include <stdlib.h> #include <stdio.h> #include <string.h> #include <errno.h> #include <locale.h> #include "unrar_exec.h" #include "mp_msg.h" #define UNRAR_LIST 1 #define UNRAR_EXTRACT 2 char* unrar_executable = NULL; static FILE* launch_pipe(pid_t *apid, const char *executable, int action, const char *archive, const char *filename) { if (!executable || access(executable, R_OK | X_OK)) return NULL; if (access(archive, R_OK)) return NULL; { int mypipe[2]; pid_t pid; if (pipe(mypipe)) { mp_msg(MSGT_GLOBAL, MSGL_ERR, "UnRAR: Cannot create pipe.\n"); return NULL; } pid = fork(); if (pid == 0) { /* This is the child process. Execute the unrar executable. */ close(mypipe[0]); // Close MPlayer's stdin, stdout and stderr so the unrar binary // can not mess them up. // TODO: Close all other files except the pipe. close(0); close(1); close(2); // Assign new stdin, stdout and stderr and check they actually got the // right descriptors. if (open("/dev/null", O_RDONLY) != 0 || dup(mypipe[1]) != 1 || open("/dev/null", O_WRONLY) != 2) _exit(EXIT_FAILURE); if (action == UNRAR_LIST) execl(executable, executable, "v", archive, NULL); else if (action == UNRAR_EXTRACT) execl(executable, executable, "p", "-inul", "-p-", archive,filename,NULL); mp_msg(MSGT_GLOBAL, MSGL_ERR, "UnRAR: Cannot execute %s\n", executable); _exit(EXIT_FAILURE); } if (pid < 0) { /* The fork failed. Report failure. */ mp_msg(MSGT_GLOBAL, MSGL_ERR, "UnRAR: Fork failed\n"); return NULL; } /* This is the parent process. Prepare the pipe stream. */ close(mypipe[1]); *apid = pid; if (action == UNRAR_LIST) mp_msg(MSGT_GLOBAL, MSGL_V, "UnRAR: call unrar with command line: %s v %s\n", executable, archive); else if (action == UNRAR_EXTRACT) mp_msg(MSGT_GLOBAL, MSGL_V, "UnRAR: call unrar with command line: %s p -inul -p- %s %s\n", executable, archive, filename); return fdopen(mypipe[0], "r"); } } #define ALLOC_INCR 1 * 1024 * 1024 int unrar_exec_get(unsigned char **output, unsigned long *size, const char *filename, const char *rarfile) { int bufsize = ALLOC_INCR, bytesread; pid_t pid; int status = 0; FILE *rar_pipe; rar_pipe=launch_pipe(&pid,unrar_executable,UNRAR_EXTRACT,rarfile,filename); if (!rar_pipe) return 0; *size = 0; *output = malloc(bufsize); while (*output) { bytesread=fread(*output+*size, 1, bufsize-*size, rar_pipe); if (bytesread <= 0) break; *size += bytesread; if (*size == bufsize) { char *p; bufsize += ALLOC_INCR; p = realloc(*output, bufsize); if (!p) free(*output); *output = p; } } fclose(rar_pipe); pid = waitpid(pid, &status, 0); if (!*output || !*size || (pid == -1 && errno != ECHILD) || (pid > 0 && status)) { free(*output); *output = NULL; *size = 0; return 0; } if (bufsize > *size) { char *p = realloc(*output, *size); if (p) *output = p; } mp_msg(MSGT_GLOBAL, MSGL_V, "UnRAR: got file %s len %lu\n", filename,*size); return 1; } #define PARSE_NAME 0 #define PARSE_PROPS 1 int unrar_exec_list(const char *rarfile, ArchiveList_struct **list) { char buf[1024], fname[1024]; char *p; pid_t pid; int status = 0, file_num = -1, ignore_next_line = 0, state = PARSE_NAME; FILE *rar_pipe; ArchiveList_struct *alist = NULL, *current = NULL, *new; rar_pipe = launch_pipe(&pid, unrar_executable, UNRAR_LIST, rarfile, NULL); if (!rar_pipe) return -1; while (fgets(buf, sizeof(buf), rar_pipe)) { int packsize, unpsize, ratio, day, month, year, hour, min; int llen = strlen(buf); // If read nothing, we got a file_num -1. if (file_num == -1) file_num = 0; if (buf[llen-1] != '\n') // The line is too long, ignore it. ignore_next_line = 2; if (ignore_next_line) { --ignore_next_line; state = PARSE_NAME; continue; } // Trim the line. while (llen > 0 && strchr(" \t\n\r\v\f", buf[llen-1])) --llen; buf[llen] = '\0'; p = buf; while (*p && strchr(" \t\n\r\v\f", *p)) ++p; if (!*p) { state = PARSE_NAME; continue; } if (state == PARSE_PROPS && sscanf(p, "%d %d %d%% %d-%d-%d %d:%d", &unpsize, &packsize, &ratio, &day, &month, &year, &hour, &min) == 8) { new = calloc(1, sizeof(ArchiveList_struct)); if (!new) { file_num = -1; break; } if (!current) alist = new; else current->next = new; current = new; current->item.Name = strdup(fname); state = PARSE_NAME; if (!current->item.Name) { file_num = -1; break; } current->item.PackSize = packsize; current->item.UnpSize = unpsize; ++file_num; continue; } strcpy(fname, p); state = PARSE_PROPS; } fclose(rar_pipe); pid = waitpid(pid, &status, 0); if (file_num < 0 || (pid == -1 && errno != ECHILD) || (pid > 0 && status)) { unrar_exec_freelist(alist); return -1; } if (!alist) return -1; *list = alist; mp_msg(MSGT_GLOBAL, MSGL_V, "UnRAR: list got %d files\n", file_num); return file_num; } void unrar_exec_freelist(ArchiveList_struct *list) { ArchiveList_struct* tmp; while (list) { tmp = list->next; free(list->item.Name); free(list); list = tmp; } }