diff options
author | Eduardo Chappa <chappa@washington.edu> | 2013-05-31 17:08:22 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2013-05-31 17:08:22 -0600 |
commit | 81e994d7907f850506ddc248f84761a54995e58c (patch) | |
tree | 3bc4993b48ddeec45dee51323437200ab975887c /alpine/dispfilt.c | |
parent | 077522d7e058133f9de99d0d74481566b21c5a98 (diff) | |
download | alpine-81e994d7907f850506ddc248f84761a54995e58c.tar.xz |
* Fix not allow remote execution by adding PIPE_NOSHELL to the opening of a url by
a browser.
Diffstat (limited to 'alpine/dispfilt.c')
-rw-r--r-- | alpine/dispfilt.c | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/alpine/dispfilt.c b/alpine/dispfilt.c index 7c93938b..7a386a1c 100644 --- a/alpine/dispfilt.c +++ b/alpine/dispfilt.c @@ -243,6 +243,19 @@ expand_filter_tokens(char *filter, ENVELOPE *env, char **tmpf, char **resultf, fs_give((void **)q); *q = rl ? rl : cpystr(""); } + else if(!strcmp(*q, "_ADDRESS_")){ + char *r = NULL; + + if(env && env->from && env->from->mailbox && env->from->host){ + size_t l; + l = strlen(env->from->mailbox) + strlen(env->from->host) + 1; + r = (char *) fs_get((l+1) * sizeof(char)); + snprintf(r, l+1, "%s@%s", env->from->mailbox, env->from->host); + } + + fs_give((void **)q); + *q = r ? r : cpystr(""); + } else if(!strcmp(*q, "_TMPFILE_")){ if(!tfn){ tfn = temp_nam(NULL, "sf"); /* send filter file */ @@ -461,3 +474,63 @@ df_valid_test(struct mail_bodystruct *body, char *test) return(passed); } + +char * +exec_function_rule(char *rawcmd, gf_io_t input_gc, gf_io_t output_pc) +{ + char *status = NULL, *cmd, *tmpfile = NULL; + + if((cmd = expand_filter_tokens(rawcmd,NULL,&tmpfile,NULL,NULL,NULL,NULL, NULL)) != NULL){ + suspend_busy_cue(); + ps_global->mangled_screen = 1; + if(tmpfile){ + PIPE_S *filter_pipe; + FILE *fp; + gf_io_t gc, pc; + STORE_S *tmpf_so; + + /* write the tmp file */ + if((tmpf_so = so_get(FileStar, tmpfile, WRITE_ACCESS|OWNER_ONLY|WRITE_TO_LOCALE)) != NULL){ + /* copy input to tmp file */ + gf_set_so_writec(&pc, tmpf_so); + gf_filter_init(); + status = gf_pipe(input_gc, pc); + gf_clear_so_writec(tmpf_so); + if(so_give(&tmpf_so) != 0 && status == NULL) + status = error_description(errno); + + /* prepare the terminal in case the filter uses it */ + if(status == NULL){ + if((filter_pipe = open_system_pipe(cmd, NULL, NULL, + PIPE_USER|PIPE_PROT|PIPE_NOSHELL|PIPE_SILENT, + 0, pipe_callback, NULL)) != NULL){ + if(close_system_pipe(&filter_pipe, NULL, pipe_callback) == 0){ + /* pull result out of tmp file */ + if((fp = our_fopen(tmpfile, "rb")) != NULL){ + gf_set_readc(&gc, fp, 0L, FileStar, READ_FROM_LOCALE); + gf_filter_init(); + status = gf_pipe(gc, output_pc); + fclose(fp); + } + else + status = "Can't read result of EXEC command"; + } + else + status = "EXEC command command returned error."; + } + else + status = "Can't open pipe for EXEC command"; + } + + our_unlink(tmpfile); + } + else + status = "Can't open EXEC command tmp file"; + } + + resume_busy_cue(0); + fs_give((void **)&cmd); + } + + return(status); +} |