[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support
From: |
Tim Rühsen |
Subject: |
Re: [Bug-wget] [PATCH v4] (resend) Add --use-askpass=COMMAND support |
Date: |
Sat, 03 Sep 2016 21:43:50 +0200 |
User-agent: |
KMail/5.2.3 (Linux/4.7.0-1-amd64; KDE/5.25.0; x86_64; ; ) |
Hi Liam,
thanks, we received the the FSF copyright assignment for Wget.
Can you give me an example of an external program to use with --use-askpass
(maybe a 'standard' one available on common Linux distros) ?
I still have trouble with:
+ /* Set the end byte to \0, and decrement bytes */
+ tmp[bytes--] = '\0';
+
+ /* Remove a possible new line */
+ while (bytes >= 0 &&
+ (tmp[bytes] == '\0' || tmp[bytes] == '\n' || tmp[bytes] == '\r'))
+ tmp[bytes--] = '\0';
+
+ *answer = xmemdup (tmp, bytes + 2);
You introduce a buffer overflow by one byte here.
You could write instead e.g.:
while (bytes > 0 &&
(tmp[bytes - 1] == '\0' || tmp[bytes - 1] == '\n' || tmp[bytes - 1] ==
'\r'))
bytes--;
*answer = xmemdup0(tmp, bytes);
(needs to add xmemdup0 gnulib module to bootstrap.conf)
And if you do that, you can also:
bytes = read (com[0], tmp, sizeof (tmp));
instead of
bytes = read (com[0], tmp, sizeof (tmp) - 1);
The patch looks fine otherwise ! Just have to test it with a program - do you
have something in mind ?
Regards, Tim
On Donnerstag, 1. September 2016 11:22:32 CEST Liam R. Howlett wrote:
> This adds the --use-askpass option which is disabled by default.
>
> --use-askpass=COMMAND will request the username and password for a given
> URL by executing the external program COMMAND. If COMMAND is left
> blank, then the external program in the environment variable
> WGET_ASKPASS will be used. If WGET_ASKPASS is not set then the
> environment variable SSH_ASKPASS is used. If there is no value set, an
> error is returned. If an error occurs requesting the username or
> password, wget will exit.
>
>
> I am resending this patch because the FSF Contribution Agreement has been
> signed by our legal team.
>
> Liam R. Howlett (1):
> Add --use-askpass=COMMAND support
>
> bootstrap.conf | 1 +
> doc/wget.texi | 17 ++++++---
> src/init.c | 44 +++++++++++++++++++++++
> src/main.c | 112
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/options.h |
> 1 +
> src/url.c | 6 ++++
> src/url.h | 1 +
> 7 files changed, 178 insertions(+), 4 deletions(-)
signature.asc
Description: This is a digitally signed message part.