summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorrubidium <rubidium@openttd.org>2013-11-25 21:50:54 +0000
committerrubidium <rubidium@openttd.org>2013-11-25 21:50:54 +0000
commitd2ffba07bb747deaaae2fc58b3c71328a362d928 (patch)
treef9d6a5737d473d052bb980799ce0e1ecdc896033 /src
parent43f76dcabbd64976eb830a525a4cd119b136ef3e (diff)
downloadopenttd-d2ffba07bb747deaaae2fc58b3c71328a362d928.tar.xz
(svn r26114) -Fix-ish: do our best to not get bit by getenv being unsafe as hell
Diffstat (limited to 'src')
-rw-r--r--src/fileio.cpp23
1 files changed, 18 insertions, 5 deletions
diff --git a/src/fileio.cpp b/src/fileio.cpp
index 8ce1d72a6..f88d8deea 100644
--- a/src/fileio.cpp
+++ b/src/fileio.cpp
@@ -1097,20 +1097,33 @@ void DetermineBasePaths(const char *exe)
#ifdef __HAIKU__
BPath path;
find_directory(B_USER_SETTINGS_DIRECTORY, &path);
- const char *homedir = path.Path();
+ const char *homedir = strdup(path.Path());
#else
+ /* getenv is highly unsafe; duplicate it as soon as possible,
+ * or at least before something else touches the environment
+ * variables in any way. It can also contain all kinds of
+ * unvalidated data we rather not want internally. */
const char *homedir = getenv("HOME");
+ if (homedir != NULL) {
+ homedir = strndup(homedir, MAX_PATH);
+ }
if (homedir == NULL) {
const struct passwd *pw = getpwuid(getuid());
- homedir = (pw == NULL) ? "" : pw->pw_dir;
+ homedir = (pw == NULL) ? NULL : strdup(pw->pw_dir);
}
#endif
- snprintf(tmp, MAX_PATH, "%s" PATHSEP "%s", homedir, PERSONAL_DIR);
- AppendPathSeparator(tmp, MAX_PATH);
+ if (homedir != NULL) {
+ ValidateString(homedir);
+ snprintf(tmp, MAX_PATH, "%s" PATHSEP "%s", homedir, PERSONAL_DIR);
+ AppendPathSeparator(tmp, MAX_PATH);
- _searchpaths[SP_PERSONAL_DIR] = strdup(tmp);
+ _searchpaths[SP_PERSONAL_DIR] = strdup(tmp);
+ free(homedir);
+ } else {
+ _searchpaths[SP_PERSONAL_DIR] = NULL;
+ }
#endif
#if defined(WITH_SHARED_DIR)