X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=daemon%2Fguestfsd.c;h=ba4035ea48de324194374178b6e456c102956fcf;hb=296b536c965820b8334150df0247a0657f6e35fd;hp=a9576836b0d7ea35339933f68cb9a8cef29888ef;hpb=2069ade88144d8efd272a74be24b5c9ff49844dc;p=libguestfs.git

diff --git a/daemon/guestfsd.c b/daemon/guestfsd.c
index a957683..ba4035e 100644
--- a/daemon/guestfsd.c
+++ b/daemon/guestfsd.c
@@ -32,6 +32,8 @@
 #include <sys/select.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <ctype.h>
+#include <signal.h>
 
 #include "daemon.h"
 
@@ -66,6 +68,7 @@ main (int argc, char *argv[])
   struct addrinfo hints;
   XDR xdr;
   uint32_t len;
+  struct sigaction sa;
 
   for (;;) {
     c = getopt_long (argc, argv, options, long_options, NULL);
@@ -140,6 +143,13 @@ main (int argc, char *argv[])
     port = VMCHANNEL_PORT;
   }
 
+  /* Make sure SIGPIPE doesn't kill us. */
+  memset (&sa, 0, sizeof sa);
+  sa.sa_handler = SIG_IGN;
+  sa.sa_flags = 0;
+  if (sigaction (SIGPIPE, &sa, NULL) == -1)
+    perror ("sigaction SIGPIPE"); /* but try to continue anyway ... */
+
   /* Resolve the hostname. */
   memset (&hints, 0, sizeof hints);
   hints.ai_socktype = SOCK_STREAM;
@@ -329,20 +339,31 @@ int
 command (char **stdoutput, char **stderror, const char *name, ...)
 {
   va_list args;
-  char **argv;
+  char **argv, **p;
   char *s;
   int i, r;
 
   /* Collect the command line arguments into an array. */
-  va_start (args, name);
-
   i = 2;
   argv = malloc (sizeof (char *) * i);
+  if (argv == NULL) {
+    perror ("malloc");
+    return -1;
+  }
   argv[0] = (char *) name;
   argv[1] = NULL;
 
+  va_start (args, name);
+
   while ((s = va_arg (args, char *)) != NULL) {
-    argv = realloc (argv, sizeof (char *) * (++i));
+    p = realloc (argv, sizeof (char *) * (++i));
+    if (p == NULL) {
+      perror ("realloc");
+      free (argv);
+      va_end (args);
+      return -1;
+    }
+    argv = p;
     argv[i-2] = s;
     argv[i-1] = NULL;
   }
@@ -510,3 +531,40 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
   } else
     return -1;
 }
+
+/* Quote 'in' for the shell, and write max len-1 bytes to out.  The
+ * result will be NUL-terminated, even if it is truncated.
+ *
+ * Returns number of bytes needed, so if result >= len then the buffer
+ * should have been longer.
+ *
+ * XXX This doesn't quote \n correctly (but is still safe).
+ */
+int
+shell_quote (char *out, int len, const char *in)
+{
+#define SAFE(c) (isalnum((c)) ||					\
+		 (c) == '/' || (c) == '-' || (c) == '_' || (c) == '.')
+  int i, j;
+  int outlen = strlen (in);
+
+  /* Calculate how much output space this really needs. */
+  for (i = 0; in[i]; ++i)
+    if (!SAFE (in[i])) outlen++;
+
+  /* Now copy the string, but only up to len-1 bytes. */
+  for (i = 0, j = 0; in[i]; ++i) {
+    int is_safe = SAFE (in[i]);
+
+    /* Enough space left to write this character? */
+    if (j >= len-1 || (!is_safe && j >= len-2))
+      break;
+
+    if (!is_safe) out[j++] = '\\';
+    out[j++] = in[i];
+  }
+
+  out[j] = '\0';
+
+  return outlen;
+}