Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support

From:	Tim Rühsen
Subject:	Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support
Date:	Sat, 03 Sep 2016 21:43:50 +0200
User-agent:	KMail/5.2.3 (Linux/4.7.0-1-amd64; KDE/5.25.0; x86_64; ; )

Hi Liam,

thanks, we received the the FSF copyright assignment for Wget.

Can you give me an example of an external program to use with --use-askpass 
(maybe a 'standard' one available on common Linux distros) ?

I still have trouble with:
+  /* Set the end byte to \0, and decrement bytes */
+  tmp[bytes--] = '\0';
+
+  /* Remove a possible new line */
+  while (bytes >= 0 &&
+        (tmp[bytes] == '\0' || tmp[bytes] == '\n' || tmp[bytes] == '\r'))
+    tmp[bytes--] = '\0';
+
+  *answer = xmemdup (tmp, bytes + 2);

You introduce a buffer overflow by one byte here.

You could write instead e.g.:
while (bytes > 0 &&
    (tmp[bytes - 1] == '\0' || tmp[bytes - 1] == '\n' || tmp[bytes - 1] == 
'\r'))
  bytes--;

*answer = xmemdup0(tmp, bytes);

(needs to add xmemdup0 gnulib module to bootstrap.conf)

And if you do that, you can also:
  bytes = read (com[0], tmp, sizeof (tmp));
instead of
  bytes = read (com[0], tmp, sizeof (tmp) - 1);

The patch looks fine otherwise ! Just have to test it with a program - do you 
have something in mind ?

Regards, Tim


On Donnerstag, 1. September 2016 11:22:32 CEST Liam R. Howlett wrote:
> This adds the --use-askpass option which is disabled by default.
> 
> --use-askpass=COMMAND will request the username and password for a given
> URL by executing the external program COMMAND.  If COMMAND is left
> blank, then the external program in the environment variable
> WGET_ASKPASS will be used.  If WGET_ASKPASS is not set then the
> environment variable SSH_ASKPASS is used.  If there is no value set, an
> error is returned.  If an error occurs requesting the username or
> password, wget will exit.
> 
> 
> I am resending this patch because the FSF Contribution Agreement has been
> signed by our legal team.
> 
> Liam R. Howlett (1):
>   Add --use-askpass=COMMAND support
> 
>  bootstrap.conf |   1 +
>  doc/wget.texi  |  17 ++++++---
>  src/init.c     |  44 +++++++++++++++++++++++
>  src/main.c     | 112
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/options.h  | 
>  1 +
>  src/url.c      |   6 ++++
>  src/url.h      |   1 +
>  7 files changed, 178 insertions(+), 4 deletions(-)

signature.asc
Description: This is a digitally signed message part.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Liam R. Howlett, 2016/09/01
- Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Tim Rühsen <=
  - Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Liam R. Howlett, 2016/09/06
    - Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Liam R. Howlett, 2016/09/06
    - Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Tim Ruehsen, 2016/09/07
    - Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Liam R. Howlett, 2016/09/07
    - Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support, Tim Ruehsen, 2016/09/08

Prev by Date: [Bug-wget] Still Failing: darnir/wget#84 (master - 796e30d)
Next by Date: Re: [Bug-wget] TEST_NAME in Python tests?
Previous by thread: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support
Next by thread: Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support
Index(es):
- Date
- Thread