luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tool_getparam: repair cleanarg

Browse Source 
Regression since 9e5669f.

Make sure the "cleaning" of command line arguments is done on the
original argv[] pointers. As a bonus, it also exits better on out of
memory error.

Reported-by: Litter White
Fixes #9128
Closes #9130
This commit is contained in:
Daniel Stenberg 2022-07-10 15:22:13 +02:00
parent eab25898b3
commit bf7e887b24
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
5 changed files with 45 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
src/tool_getparam.c
View File

@ -487,7 +487,6 @@ GetFileAndPassword(char *nextarg, char **file, char **password)
Curl_safefree(*password); Curl_safefree(*password);
*password = passphrase; *password = passphrase;
} }
cleanarg(nextarg);
} }
/* Get a size parameter for '--limit-rate' or '--max-filesize'. /* Get a size parameter for '--limit-rate' or '--max-filesize'.
@ -542,8 +541,24 @@ static ParameterError GetSizeParameter(struct GlobalConfig *global,
return PARAM_OK; return PARAM_OK;
} }
static void cleanarg(char *str)
{
#ifdef HAVE_WRITABLE_ARGV
/* now that GetStr has copied the contents of nextarg, wipe the next
* argument out so that the username:password isn't displayed in the
* system process list */
if(str) {
size_t len = strlen(str);
memset(str, ' ', len);
}
#else
(void)str;
#endif
}
ParameterError getparameter(const char *flag, /* f or -long-flag */ ParameterError getparameter(const char *flag, /* f or -long-flag */
char *nextarg, /* NULL if unset */ char *nextarg, /* NULL if unset */
char *clearthis,
bool *usedarg, /* set to TRUE if the arg bool *usedarg, /* set to TRUE if the arg
has been used */ has been used */
struct GlobalConfig *global, struct GlobalConfig *global,
@ -675,7 +690,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
break; break;
case 'B': /* OAuth 2.0 bearer token */ case 'B': /* OAuth 2.0 bearer token */
GetStr(&config->oauth_bearer, nextarg); GetStr(&config->oauth_bearer, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
config->authtype |= CURLAUTH_BEARER; config->authtype |= CURLAUTH_BEARER;
break; break;
case 'c': /* connect-timeout */ case 'c': /* connect-timeout */
@ -1637,6 +1652,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
case 'E': case 'E':
switch(subletter) { switch(subletter) {
case '\0': /* certificate file */ case '\0': /* certificate file */
cleanarg(clearthis);
GetFileAndPassword(nextarg, &config->cert, &config->key_passwd); GetFileAndPassword(nextarg, &config->cert, &config->key_passwd);
break; break;
case 'a': /* CA info PEM file */ case 'a': /* CA info PEM file */
@ -1653,7 +1669,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
break; break;
case 'e': /* private key passphrase */ case 'e': /* private key passphrase */
GetStr(&config->key_passwd, nextarg); GetStr(&config->key_passwd, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
break; break;
case 'f': /* crypto engine */ case 'f': /* crypto engine */
GetStr(&config->engine, nextarg); GetStr(&config->engine, nextarg);
@ -1679,19 +1695,19 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
break; break;
case 'k': /* TLS username */ case 'k': /* TLS username */
if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) { if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) {
cleanarg(nextarg); cleanarg(clearthis);
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
} }
GetStr(&config->tls_username, nextarg); GetStr(&config->tls_username, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
break; break;
case 'l': /* TLS password */ case 'l': /* TLS password */
if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) { if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) {
cleanarg(nextarg); cleanarg(clearthis);
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
} }
GetStr(&config->tls_password, nextarg); GetStr(&config->tls_password, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
break; break;
case 'm': /* TLS authentication type */ case 'm': /* TLS authentication type */
if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) { if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) {
@ -1752,21 +1768,19 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
break; break;
case 'u': /* TLS username for proxy */ case 'u': /* TLS username for proxy */
cleanarg(clearthis);
if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) { if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) {
cleanarg(nextarg);
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
} }
GetStr(&config->proxy_tls_username, nextarg); GetStr(&config->proxy_tls_username, nextarg);
cleanarg(nextarg);
break; break;
case 'v': /* TLS password for proxy */ case 'v': /* TLS password for proxy */
cleanarg(clearthis);
if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) { if(!(curlinfo->features & CURL_VERSION_TLSAUTH_SRP)) {
cleanarg(nextarg);
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
} }
GetStr(&config->proxy_tls_password, nextarg); GetStr(&config->proxy_tls_password, nextarg);
cleanarg(nextarg);
break; break;
case 'w': /* TLS authentication type for proxy */ case 'w': /* TLS authentication type for proxy */
@ -1780,6 +1794,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
break; break;
case 'x': /* certificate file for proxy */ case 'x': /* certificate file for proxy */
cleanarg(clearthis);
GetFileAndPassword(nextarg, &config->proxy_cert, GetFileAndPassword(nextarg, &config->proxy_cert,
&config->proxy_key_passwd); &config->proxy_key_passwd);
break; break;
@ -1798,7 +1813,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
case '1': /* private key passphrase for proxy */ case '1': /* private key passphrase for proxy */
GetStr(&config->proxy_key_passwd, nextarg); GetStr(&config->proxy_key_passwd, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
break; break;
case '2': /* ciphers for proxy */ case '2': /* ciphers for proxy */
@ -2246,12 +2261,12 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
case 'u': case 'u':
/* user:password */ /* user:password */
GetStr(&config->userpwd, nextarg); GetStr(&config->userpwd, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
break; break;
case 'U': case 'U':
/* Proxy user:password */ /* Proxy user:password */
GetStr(&config->proxyuserpwd, nextarg); GetStr(&config->proxyuserpwd, nextarg);
cleanarg(nextarg); cleanarg(clearthis);
break; break;
case 'v': case 'v':
if(toggle) { if(toggle) {
@ -2424,11 +2439,19 @@ ParameterError parse_args(struct GlobalConfig *global, int argc,
following (URL) argument to start with -. */ following (URL) argument to start with -. */
stillflags = FALSE; stillflags = FALSE;
else { else {
char *nextarg = (i < (argc - 1)) char *nextarg = NULL;
? curlx_convert_tchar_to_UTF8(argv[i + 1]) char *clear = NULL;
: NULL; if(i < (argc - 1)) {
nextarg = curlx_convert_tchar_to_UTF8(argv[i + 1]);
if(!nextarg) {
curlx_unicodefree(orig_opt);
return PARAM_NO_MEM;
}
clear = argv[i + 1];
}
result = getparameter(orig_opt, nextarg, &passarg, global, config); result = getparameter(orig_opt, nextarg, clear, &passarg,
global, config);
curlx_unicodefree(nextarg); curlx_unicodefree(nextarg);
config = global->last; config = global->last;
@ -2466,7 +2489,7 @@ ParameterError parse_args(struct GlobalConfig *global, int argc,
bool used; bool used;
/* Just add the URL please */ /* Just add the URL please */
result = getparameter("--url", orig_opt, &used, global, result = getparameter("--url", orig_opt, NULL, &used, global,
config); config);
} }

3
src/tool_getparam.h
View File

@ -54,7 +54,8 @@ typedef enum {
struct GlobalConfig; struct GlobalConfig;
struct OperationConfig; struct OperationConfig;
ParameterError getparameter(const char *flag, char *nextarg, bool *usedarg, ParameterError getparameter(const char *flag, char *nextarg, char *clearthis,
bool *usedarg,
struct GlobalConfig *global, struct GlobalConfig *global,
struct OperationConfig *operation); struct OperationConfig *operation);

15
src/tool_paramhlp.c
View File

@ -116,21 +116,6 @@ ParameterError file2memory(char **bufp, size_t *size, FILE *file)
return PARAM_OK; return PARAM_OK;
} }
void cleanarg(char *str)
{
#ifdef HAVE_WRITABLE_ARGV
/* now that GetStr has copied the contents of nextarg, wipe the next
* argument out so that the username:password isn't displayed in the
* system process list */
if(str) {
size_t len = strlen(str);
memset(str, ' ', len);
}
#else
(void)str;
#endif
}
/* /*
* Parse the string and write the long in the given address. Return PARAM_OK * Parse the string and write the long in the given address. Return PARAM_OK
* on success, otherwise a parameter specific error enum. * on success, otherwise a parameter specific error enum.

2
src/tool_paramhlp.h
View File

@ -31,8 +31,6 @@ ParameterError file2string(char **bufp, FILE *file);
ParameterError file2memory(char **bufp, size_t *size, FILE *file); ParameterError file2memory(char **bufp, size_t *size, FILE *file);
void cleanarg(char *str);
ParameterError str2num(long *val, const char *str); ParameterError str2num(long *val, const char *str);
ParameterError str2unum(long *val, const char *str); ParameterError str2unum(long *val, const char *str);
ParameterError oct2nummax(long *val, const char *str, long max); ParameterError oct2nummax(long *val, const char *str, long max);

2
src/tool_parsecfg.c
View File

@ -223,7 +223,7 @@ int parseconfig(const char *filename, struct GlobalConfig *global)
#ifdef DEBUG_CONFIG #ifdef DEBUG_CONFIG
fprintf(stderr, "PARAM: \"%s\"\n",(param ? param : "(null)")); fprintf(stderr, "PARAM: \"%s\"\n",(param ? param : "(null)"));
#endif #endif
res = getparameter(option, param, &usedarg, global, operation); res = getparameter(option, param, NULL, &usedarg, global, operation);
operation = global->last; operation = global->last;
if(!res && param && *param && !usedarg) if(!res && param && *param && !usedarg)