bu5hm4n pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=66e2d71414718c65a2c8905118b4c55b6e4e4044
commit 66e2d71414718c65a2c8905118b4c55b6e4e4044 Author: Marcel Hollerbach <[email protected]> Date: Wed Mar 25 15:24:09 2020 +0100 exactness: handbuild a new argv array instead of reassemling the new one this commit removes the code that was changing argv values, and replaces it with a new array. Which is absolutly fine, as the argv / argc values are never accessed later on. Only the copies that have been passed to efl_main or elm_main. This resolves several issues: 1. the for loop is useless, every single array element that gets initialized with it, is some offset from argv[0] this may also crash when argv[i] - argv[opt_args] is bigger strlen argv[0]. 2. The memcpy here is super dangerous, the dest array is not garanteed to have the same size as argv[0], this only works if the client application name is shorter than the name "exactness_recorder" 3. The memset here is absolutly wrong. There is again no garantee that the array has the expected size behind that, this was constantly overwriting the segment after the place where argv was stored, which was lukely enough on fedora always the environs, which deleted the couple first segments. (This was not causing any fuzz, since they have been sudo related env vars on the docker image). However, on arch this just crashed right away. On Ubuntu this overwrote DISPLAY, which resulted in the unability to launch the app. Reviewed-by: Stefan Schmidt <[email protected]> Differential Revision: https://phab.enlightenment.org/D11600 --- src/bin/exactness/player.c | 23 +++++++++++------------ src/bin/exactness/recorder.c | 21 +++++++++------------ 2 files changed, 20 insertions(+), 24 deletions(-) diff --git a/src/bin/exactness/player.c b/src/bin/exactness/player.c index 1d27863299..bb05f7aeb3 100644 --- a/src/bin/exactness/player.c +++ b/src/bin/exactness/player.c @@ -1082,24 +1082,23 @@ int main(int argc, char **argv) setenv("FONTCONFIG_FILE", fonts_conf_name, 1); } } + char **new_argv = argv; + int new_argc = argc; if (argv[opt_args]) { /* Replace the current command line to hide the Exactness part */ - int len = argv[argc - 1] + strlen(argv[argc - 1]) - argv[opt_args]; - memcpy(argv[0], argv[opt_args], len); - memset(argv[0] + len, 0, CMD_LINE_MAX - len); - int i; - for (i = opt_args; i < argc; i++) + new_argv = calloc(argc - opt_args + 1, sizeof(char*)); + new_argc = argc - opt_args; + + for (int i = 0; i < argc - opt_args + 1; ++i) { - if (i != opt_args) - { - argv[i - opt_args] = argv[0] + (argv[i] - argv[opt_args]); - } - INF("%s ", argv[i - opt_args]); + if (i < argc - opt_args) + new_argv[i] = argv[opt_args + i]; + else + new_argv[i] = NULL; } - INF("\n"); } else { @@ -1142,7 +1141,7 @@ int main(int argc, char **argv) ecore_evas_callback_new_set(_my_evas_new); if (_src_type != FTYPE_REMOTE) ecore_idler_add(_src_feed, NULL); - pret = ex_prg_invoke(ex_prg_full_path_guess(argv[0]), argc - opt_args, argv, EINA_TRUE); + pret = ex_prg_invoke(ex_prg_full_path_guess(new_argv[0]), new_argc, new_argv, EINA_TRUE); if (_dest && _dest_unit) { diff --git a/src/bin/exactness/recorder.c b/src/bin/exactness/recorder.c index 11f5bfb1ec..9a33a57c4c 100644 --- a/src/bin/exactness/recorder.c +++ b/src/bin/exactness/recorder.c @@ -381,27 +381,24 @@ int main(int argc, char **argv) } /* Replace the current command line to hide the Exactness part */ - int len = argv[argc - 1] + strlen(argv[argc - 1]) - argv[opt_args]; - memcpy(argv[0], argv[opt_args], len); - memset(argv[0] + len, 0, PATH_MAX - len); + char **new_argv; - int i; - for (i = opt_args; i < argc; i++) + new_argv = calloc(argc - opt_args + 1, sizeof(char*)); + + for (int i = 0; i < argc - opt_args + 1; ++i) { - if (i != opt_args) - { - argv[i - opt_args] = argv[0] + (argv[i] - argv[opt_args]); - } - INF("%s ", argv[i - opt_args]); + if (i < argc - opt_args) + new_argv[i] = argv[opt_args + i]; + else + new_argv[i] = NULL; } - INF("\n"); if (!_shot_key) _shot_key = getenv("SHOT_KEY"); if (!_shot_key) _shot_key = SHOT_KEY_STR; ecore_evas_callback_new_set(_my_evas_new); _last_timestamp = ecore_time_get() * 1000; - pret = ex_prg_invoke(ex_prg_full_path_guess(argv[0]), argc - opt_args, argv, EINA_FALSE); + pret = ex_prg_invoke(ex_prg_full_path_guess(argv[opt_args]), argc - opt_args, new_argv, EINA_FALSE); _output_write(); //free_events(_events_list, EINA_TRUE); --
