diff options
author | rubidium <rubidium@openttd.org> | 2013-11-25 21:50:54 +0000 |
---|---|---|
committer | rubidium <rubidium@openttd.org> | 2013-11-25 21:50:54 +0000 |
commit | d2ffba07bb747deaaae2fc58b3c71328a362d928 (patch) | |
tree | f9d6a5737d473d052bb980799ce0e1ecdc896033 /src | |
parent | 43f76dcabbd64976eb830a525a4cd119b136ef3e (diff) | |
download | openttd-d2ffba07bb747deaaae2fc58b3c71328a362d928.tar.xz |
(svn r26114) -Fix-ish: do our best to not get bit by getenv being unsafe as hell
Diffstat (limited to 'src')
-rw-r--r-- | src/fileio.cpp | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/src/fileio.cpp b/src/fileio.cpp index 8ce1d72a6..f88d8deea 100644 --- a/src/fileio.cpp +++ b/src/fileio.cpp @@ -1097,20 +1097,33 @@ void DetermineBasePaths(const char *exe) #ifdef __HAIKU__ BPath path; find_directory(B_USER_SETTINGS_DIRECTORY, &path); - const char *homedir = path.Path(); + const char *homedir = strdup(path.Path()); #else + /* getenv is highly unsafe; duplicate it as soon as possible, + * or at least before something else touches the environment + * variables in any way. It can also contain all kinds of + * unvalidated data we rather not want internally. */ const char *homedir = getenv("HOME"); + if (homedir != NULL) { + homedir = strndup(homedir, MAX_PATH); + } if (homedir == NULL) { const struct passwd *pw = getpwuid(getuid()); - homedir = (pw == NULL) ? "" : pw->pw_dir; + homedir = (pw == NULL) ? NULL : strdup(pw->pw_dir); } #endif - snprintf(tmp, MAX_PATH, "%s" PATHSEP "%s", homedir, PERSONAL_DIR); - AppendPathSeparator(tmp, MAX_PATH); + if (homedir != NULL) { + ValidateString(homedir); + snprintf(tmp, MAX_PATH, "%s" PATHSEP "%s", homedir, PERSONAL_DIR); + AppendPathSeparator(tmp, MAX_PATH); - _searchpaths[SP_PERSONAL_DIR] = strdup(tmp); + _searchpaths[SP_PERSONAL_DIR] = strdup(tmp); + free(homedir); + } else { + _searchpaths[SP_PERSONAL_DIR] = NULL; + } #endif #if defined(WITH_SHARED_DIR) |