$OpenBSD: patch-source_ps_c,v 1.2 2002/10/26 21:48:07 brad Exp $ --- source/ps.c.orig Fri Jun 6 18:00:00 1997 +++ source/ps.c Wed Oct 23 19:17:59 2002 @@ -420,6 +420,16 @@ psscan(fileP,filename,filename_raw,filen char cmd[512]; char s[512]; filename_unc=file_getTmpFilename(NULL,filename_raw); + if (file_nameIsDangerous(filename)) + { + INFMESSAGE(the filename is dangerous) + sprintf(s, "The filename \"%s\" is dangerous: only alphanumeric " + "characters and \"%s\" are allowed.\n", + filename, file_charsAllowedInName); + NotePopupShowMessage(s); + ENDMESSAGE(psscan) + return(NULL); + } sprintf(cmd,cmd_uncompress,filename,filename_unc); INFMESSAGE(is compressed) INFSMESSAGE(uncompress command,cmd) @@ -478,7 +488,7 @@ unc_ok: doc = (struct document *) PS_malloc(sizeof(struct document)); CHECK_MALLOCED(doc); memset(doc, 0, sizeof(struct document)); - sscanf(line, "%*s %s", text); + sscanf(line, "%*s %256s", text); /*###jp###*/ /*doc->epsf = iscomment(text, "EPSF-");*/ doc->epsf = iscomment(text, "EPSF"); @@ -491,6 +501,16 @@ unc_ok: char cmd[512]; char s[512]; filename_dsc=file_getTmpFilename(NULL,filename_raw); + if (file_nameIsDangerous(filename)) + { + INFMESSAGE(the filename is dangerous) + sprintf(s, "The filename \"%s\" is dangerous: only alphanumeric " + "characters and \"%s\" are allowed.\n", + filename, file_charsAllowedInName); + NotePopupShowMessage(s); + ENDMESSAGE(psscan) + return(NULL); + } sprintf(cmd,cmd_scan_pdf,filename,filename_dsc); INFMESSAGE(is PDF) INFSMESSAGE(scan command,cmd) @@ -546,7 +566,7 @@ scan_ok: } else if (doc->date == NULL && iscomment(line+2, "CreationDate:")) { doc->date = gettextline(line+length("%%CreationDate:")); } else if (bb_set == NONE && iscomment(line+2, "BoundingBox:")) { - sscanf(line+length("%%BoundingBox:"), "%s", text); + sscanf(line+length("%%BoundingBox:"), "%256s", text); if (strcmp(text, "(atend)") == 0) { bb_set = ATEND; } else { @@ -578,7 +598,7 @@ scan_ok: } } else if (orientation_set == NONE && iscomment(line+2, "Orientation:")) { - sscanf(line+length("%%Orientation:"), "%s", text); + sscanf(line+length("%%Orientation:"), "%256s", text); if (strcmp(text, "(atend)") == 0) { orientation_set = ATEND; } else if (strcmp(text, "Portrait") == 0) { @@ -589,7 +609,7 @@ scan_ok: orientation_set = 1; } } else if (page_order_set == NONE && iscomment(line+2, "PageOrder:")) { - sscanf(line+length("%%PageOrder:"), "%s", text); + sscanf(line+length("%%PageOrder:"), "%256s", text); if (strcmp(text, "(atend)") == 0) { page_order_set = ATEND; } else if (strcmp(text, "Ascend") == 0) { @@ -603,7 +623,7 @@ scan_ok: page_order_set = 1; } } else if (pages_set == NONE && iscomment(line+2, "Pages:")) { - sscanf(line+length("%%Pages:"), "%s", text); + sscanf(line+length("%%Pages:"), "%256s", text); if (strcmp(text, "(atend)") == 0) { pages_set = ATEND; } else { @@ -823,7 +843,7 @@ scan_ok: /* Do nothing */ } else if (doc->default_page_orientation == NONE && iscomment(line+2, "PageOrientation:")) { - sscanf(line+length("%%PageOrientation:"), "%s", text); + sscanf(line+length("%%PageOrientation:"), "%256s", text); if (strcmp(text, "Portrait") == 0) { doc->default_page_orientation = PORTRAIT; } else if (strcmp(text, "Landscape") == 0) { @@ -945,7 +965,7 @@ scan_ok: /* Do nothing */ } else if (doc->default_page_orientation == NONE && iscomment(line+2, "PageOrientation:")) { - sscanf(line+length("%%PageOrientation:"), "%s", text); + sscanf(line+length("%%PageOrientation:"), "%256s", text); if (strcmp(text, "Portrait") == 0) { doc->default_page_orientation = PORTRAIT; } else if (strcmp(text, "Landscape") == 0) { @@ -1082,7 +1102,7 @@ continuepage: /* Do nothing */ } else if (doc->pages[doc->numpages].orientation == NONE && iscomment(line+2, "PageOrientation:")) { - sscanf(line+length("%%PageOrientation:"), "%s", text); + sscanf(line+length("%%PageOrientation:"), "%256s", text); if (strcmp(text, "Portrait") == 0) { doc->pages[doc->numpages].orientation = PORTRAIT; } else if (strcmp(text, "Landscape") == 0) { @@ -1114,7 +1134,7 @@ continuepage: PS_free(cp); } else if ((page_bb_set == NONE || page_bb_set == ATEND) && iscomment(line+2, "PageBoundingBox:")) { - sscanf(line+length("%%PageBoundingBox:"), "%s", text); + sscanf(line+length("%%PageBoundingBox:"), "%256s", text); if (strcmp(text, "(atend)") == 0) { page_bb_set = ATEND; } else { @@ -1228,14 +1248,14 @@ continuepage: } } else if (orientation_set == ATEND && iscomment(line+2, "Orientation:")) { - sscanf(line+length("%%Orientation:"), "%s", text); + sscanf(line+length("%%Orientation:"), "%256s", text); if (strcmp(text, "Portrait") == 0) { doc->orientation = PORTRAIT; } else if (strcmp(text, "Landscape") == 0) { doc->orientation = LANDSCAPE; } } else if (page_order_set == ATEND && iscomment(line+2, "PageOrder:")) { - sscanf(line+length("%%PageOrder:"), "%s", text); + sscanf(line+length("%%PageOrder:"), "%256s", text); if (strcmp(text, "Ascend") == 0) { doc->pageorder = ASCEND; } else if (strcmp(text, "Descend") == 0) { @@ -1789,7 +1809,7 @@ static char * readline (fd, lineP, posit INFMESSAGE(encountered "BeginData:") if (FD_LINE_LEN > 100) FD_BUF[100] = '\0'; text[0] = '\0'; - if (sscanf(line+length("%%BeginData:"), "%d %*s %s", &num, text) >= 1) { + if (sscanf(line+length("%%BeginData:"), "%d %*s %100s", &num, text) >= 1) { if (strcmp(text, "Lines") == 0) { INFIMESSAGE(number of lines to skip:,num) while (num) { @@ -1888,7 +1908,7 @@ pscopyuntil(fd, to, begin, end, comment) INFMESSAGE(encountered "BeginData:") if (FD_LINE_LEN > 100) FD_BUF[100] = '\0'; text[0] = '\0'; - if (sscanf(line+length("%%BeginData:"), "%d %*s %s", &num, text) >= 1) { + if (sscanf(line+length("%%BeginData:"), "%d %*s %100s", &num, text) >= 1) { if (strcmp(text, "Lines") == 0) { INFIMESSAGE(number of lines:,num) while (num) { @@ -1985,7 +2005,7 @@ pscopydoc(dest_file,src_filename,d,pagel PS_free(comment); continue; } - sscanf(comment+length("%%Pages:"), "%s", text); + sscanf(comment+length("%%Pages:"), "%256s", text); if (strcmp(text, "(atend)") == 0) { fputs(comment, dest_file); pages_atend = True;