diff options
| author | Junghyun Yeon <jungh.yeon@samsung.com> | 2017-01-12 20:00:59 +0900 |
|---|---|---|
| committer | Junghyun Yeon <jungh.yeon@samsung.com> | 2017-01-13 12:36:13 +0900 |
| commit | 7f1cc068964e3b94394fccb1579248c59e6991c2 (patch) | |
| tree | bc04099c3f1b7359af845d76dd30c8eebfe296ad | |
| parent | b35a4bbe91659f589a3ced79257477662ca11cdd (diff) | |
| download | pkgmgr-server-7f1cc068964e3b94394fccb1579248c59e6991c2.tar.gz pkgmgr-server-7f1cc068964e3b94394fccb1579248c59e6991c2.tar.bz2 pkgmgr-server-7f1cc068964e3b94394fccb1579248c59e6991c2.zip | |
Change to add quote using g_shell_quote in some parametersubmit/tizen_3.0/20170113.111925accepted/tizen/3.0/wearable/20170114.000303accepted/tizen/3.0/tv/20170114.000248accepted/tizen/3.0/mobile/20170114.000206accepted/tizen/3.0/ivi/20170114.000319accepted/tizen/3.0/common/20170116.122518
- Inserting double quote will not cover if filepath contains double quote
- using g_shell_quote handles this correctly
Change-Id: Ib519c4c40536b3bcc78e2287e72542b822715c84
Signed-off-by: Junghyun Yeon <jungh.yeon@samsung.com>
| -rw-r--r-- | src/pkgmgr-server.c | 39 |
1 files changed, 33 insertions, 6 deletions
diff --git a/src/pkgmgr-server.c b/src/pkgmgr-server.c index 4dd532e..cf55a28 100644 --- a/src/pkgmgr-server.c +++ b/src/pkgmgr-server.c @@ -689,19 +689,28 @@ static int __process_install(struct backend_job *job) char *backend_cmd; char **argv; char args[MAX_PKG_ARGS_LEN]; + gchar *req_id; + gchar *pkgid; int pid; backend_cmd = job->backend_path; if (backend_cmd == NULL) return -1; - snprintf(args, sizeof(args), "%s -k \"%s\" -i \"%s\" -u %d %s", backend_cmd, - job->req_id, job->pkgid, (int)job->target_uid, job->args); + req_id = g_shell_quote(job->req_id); + pkgid = g_shell_quote(job->pkgid); + if (!req_id || !pkgid) + return -1; + + snprintf(args, sizeof(args), "%s -k %s -i %s -u %d %s", backend_cmd, + req_id, pkgid, (int)job->target_uid, job->args); argv = __generate_argv(args); pid = __fork_and_exec_with_args(argv, APPFW_UID); g_strfreev(argv); + g_free(req_id); + g_free(pkgid); return pid; } @@ -711,19 +720,28 @@ static int __process_mount_install(struct backend_job *job) char *backend_cmd; char **argv; char args[MAX_PKG_ARGS_LEN]; + gchar *req_id; + gchar *pkgid; int pid; backend_cmd = job->backend_path; if (backend_cmd == NULL) return -1; - snprintf(args, sizeof(args), "%s -k \"%s\" -w \"%s\" -u %d %s", backend_cmd, - job->req_id, job->pkgid, (int)job->target_uid, job->args); + req_id = g_shell_quote(job->req_id); + pkgid = g_shell_quote(job->pkgid); + if (!req_id || !pkgid) + return -1; + + snprintf(args, sizeof(args), "%s -k %s -w %s -u %d %s", backend_cmd, + req_id, pkgid, (int)job->target_uid, job->args); argv = __generate_argv(args); pid = __fork_and_exec_with_args(argv, APPFW_UID); g_strfreev(argv); + g_free(req_id); + g_free(pkgid); return pid; } @@ -733,19 +751,28 @@ static int __process_reinstall(struct backend_job *job) char *backend_cmd; char **argv; char args[MAX_PKG_ARGS_LEN]; + gchar *req_id; + gchar *pkgid; int pid; backend_cmd = job->backend_path; if (backend_cmd == NULL) return -1; - snprintf(args, sizeof(args), "%s -k \"%s\" -r \"%s\" -u %d", backend_cmd, - job->req_id, job->pkgid, (int)job->target_uid); + req_id = g_shell_quote(job->req_id); + pkgid = g_shell_quote(job->pkgid); + if (!req_id || !pkgid) + return -1; + + snprintf(args, sizeof(args), "%s -k %s -r %s -u %d", backend_cmd, + req_id, pkgid, (int)job->target_uid); argv = __generate_argv(args); pid = __fork_and_exec_with_args(argv, APPFW_UID); g_strfreev(argv); + g_free(req_id); + g_free(pkgid); return pid; } |