summaryrefslogtreecommitdiffstats
path: root/buffer.h
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-09-06 09:42:17 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2008-09-06 09:42:17 +0000
commitb8fb090c167ff500a8d702f612a42914d4f0bb03 (patch)
tree982fe657f91c834bc17d1e81f04672323a2dda1a /buffer.h
parent0a838de8adf3b06590e73cff6415275d9b1cd4fe (diff)
downloadopenvpn-b8fb090c167ff500a8d702f612a42914d4f0bb03.tar.gz
openvpn-b8fb090c167ff500a8d702f612a42914d4f0bb03.tar.xz
openvpn-b8fb090c167ff500a8d702f612a42914d4f0bb03.zip
2.1_rc8 and earlier did implicit shell expansion on script
arguments since all scripts were called by system(). The security hardening changes made to 2.1_rc9 no longer use system(), but rather use the safer execve or CreateProcess system calls. The security hardening also introduced a backward incompatibility with 2.1_rc8 and earlier in that script parameters were no longer shell-expanded, so for example: client-connect "docc CLIENT-CONNECT" would fail to work because execve would try to execute a script called "docc CLIENT-CONNECT" instead of "docc" with "CLIENT-CONNECT" as the first argument. This patch fixes the issue, bringing the script argument semantics back to pre 2.1_rc9 behavior in order to preserve backward compatibility while still using execve or CreateProcess to execute the script/executable. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3311 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'buffer.h')
-rw-r--r--buffer.h32
1 files changed, 1 insertions, 31 deletions
diff --git a/buffer.h b/buffer.h
index 2320e4c..e16b670 100644
--- a/buffer.h
+++ b/buffer.h
@@ -60,6 +60,7 @@ struct buffer
/* used by argv_x functions */
struct argv {
+ size_t capacity;
size_t argc;
char **argv;
};
@@ -293,37 +294,6 @@ int openvpn_snprintf(char *str, size_t size, const char *format, ...)
;
/*
- * A printf-like function (that only recognizes a subset of standard printf
- * format operators) that prints arguments to an argv list instead
- * of a standard string. This is used to build up argv arrays for passing
- * to execve.
- */
-void argv_init (struct argv *a);
-struct argv argv_new (void);
-void argv_reset (struct argv *a);
-size_t argv_argc (const char *format);
-char *argv_term (const char **f);
-const char *argv_str (const struct argv *a, struct gc_arena *gc, const unsigned int flags);
-struct argv argv_insert_head (const struct argv *a, const char *head);
-void argv_msg (const int msglev, const struct argv *a);
-void argv_msg_prefix (const int msglev, const struct argv *a, const char *prefix);
-
-#define APA_CAT (1<<0) /* concatentate onto existing struct argv list */
-void argv_printf_arglist (struct argv *a, const char *format, const unsigned int flags, va_list arglist);
-
-void argv_printf (struct argv *a, const char *format, ...)
-#ifdef __GNUC__
- __attribute__ ((format (printf, 2, 3)))
-#endif
- ;
-
-void argv_printf_cat (struct argv *a, const char *format, ...)
-#ifdef __GNUC__
- __attribute__ ((format (printf, 2, 3)))
-#endif
- ;
-
-/*
* remove/add trailing characters
*/
generated by cgit (git 2.34.1) at 2024-05-02 19:38:47 +0000