X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=daemon%2Fguestfsd.c;h=d7ba4821263bbbd061f0c49aacdcb5a5483dc826;hb=668d27b56857230fb81c04d1663a5aca1b9e77b9;hp=2553ea2cd3046aae2828f886a1011aac2e7ebeb4;hpb=170f262f0413de843af62b968f6d12c1c476ae7f;p=libguestfs.git

diff --git a/daemon/guestfsd.c b/daemon/guestfsd.c
index 2553ea2..d7ba482 100644
--- a/daemon/guestfsd.c
+++ b/daemon/guestfsd.c
@@ -32,6 +32,8 @@
 #include <sys/select.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <ctype.h>
+#include <signal.h>
 
 #include "daemon.h"
 
@@ -66,6 +68,7 @@ main (int argc, char *argv[])
   struct addrinfo hints;
   XDR xdr;
   uint32_t len;
+  struct sigaction sa;
 
   for (;;) {
     c = getopt_long (argc, argv, options, long_options, NULL);
@@ -140,6 +143,13 @@ main (int argc, char *argv[])
     port = VMCHANNEL_PORT;
   }
 
+  /* Make sure SIGPIPE doesn't kill us. */
+  memset (&sa, 0, sizeof sa);
+  sa.sa_handler = SIG_IGN;
+  sa.sa_flags = 0;
+  if (sigaction (SIGPIPE, &sa, NULL) == -1)
+    perror ("sigaction SIGPIPE"); /* but try to continue anyway ... */
+
   /* Resolve the hostname. */
   memset (&hints, 0, sizeof hints);
   hints.ai_socktype = SOCK_STREAM;
@@ -384,6 +394,10 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
   pid = fork ();
   if (pid == -1) {
     perror ("fork");
+    close (so_fd[0]);
+    close (so_fd[1]);
+    close (se_fd[0]);
+    close (se_fd[1]);
     return -1;
   }
 
@@ -415,6 +429,8 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
     r = select (MAX (so_fd[0], se_fd[0]) + 1, &rset2, NULL, NULL, NULL);
     if (r == -1) {
       perror ("select");
+      close (so_fd[0]);
+      close (se_fd[0]);
       waitpid (pid, NULL, 0);
       return -1;
     }
@@ -423,6 +439,8 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
       r = read (so_fd[0], buf, sizeof buf);
       if (r == -1) {
 	perror ("read");
+	close (so_fd[0]);
+	close (se_fd[0]);
 	waitpid (pid, NULL, 0);
 	return -1;
       }
@@ -444,6 +462,8 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
       r = read (se_fd[0], buf, sizeof buf);
       if (r == -1) {
 	perror ("read");
+	close (so_fd[0]);
+	close (se_fd[0]);
 	waitpid (pid, NULL, 0);
 	return -1;
       }
@@ -462,6 +482,9 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
     }
   }
 
+  close (so_fd[0]);
+  close (se_fd[0]);
+
   /* Make sure the output buffers are \0-terminated.  Also remove any
    * trailing \n characters from the error buffer (not from stdout).
    */
@@ -497,3 +520,40 @@ commandv (char **stdoutput, char **stderror, char * const* const argv)
   } else
     return -1;
 }
+
+/* Quote 'in' for the shell, and write max len-1 bytes to out.  The
+ * result will be NUL-terminated, even if it is truncated.
+ *
+ * Returns number of bytes needed, so if result >= len then the buffer
+ * should have been longer.
+ *
+ * XXX This doesn't quote \n correctly (but is still safe).
+ */
+int
+shell_quote (char *out, int len, const char *in)
+{
+#define SAFE(c) (isalnum((c)) ||					\
+		 (c) == '/' || (c) == '-' || (c) == '_' || (c) == '.')
+  int i, j;
+  int outlen = strlen (in);
+
+  /* Calculate how much output space this really needs. */
+  for (i = 0; in[i]; ++i)
+    if (!SAFE (in[i])) outlen++;
+
+  /* Now copy the string, but only up to len-1 bytes. */
+  for (i = 0, j = 0; in[i]; ++i) {
+    int is_safe = SAFE (in[i]);
+
+    /* Enough space left to write this character? */
+    if (j >= len-1 || (!is_safe && j >= len-2))
+      break;
+
+    if (!is_safe) out[j++] = '\\';
+    out[j++] = in[i];
+  }
+
+  out[j] = '\0';
+
+  return outlen;
+}