iApply patch from Debian Security Team for CAN-2004-1184. - enscript - GNU Enscript	Err	thinkerwim.openbsd.amsterdam	70
hgit clone git://thinkerwim.org/enscript.git	URL:git://thinkerwim.org/enscript.git	thinkerwim.org	70
1Log	/git/enscript/log.gph	thinkerwim.org	70
1Files	/git/enscript/files.gph	thinkerwim.org	70
1Refs	/git/enscript/refs.gph	thinkerwim.org	70
1README	/git/enscript/file/README.gph	thinkerwim.org	70
1LICENSE	/git/enscript/file/COPYING.gph	thinkerwim.org	70
i---	Err	thinkerwim.openbsd.amsterdam	70
1commit 9510e4315705329e51b27fa2f3f688989b9fb37f	/git/enscript/commit/9510e4315705329e51b27fa2f3f688989b9fb37f.gph	thinkerwim.org	70
1parent 0acc7b63a1be9f5d02f1a21d6df52cb5a9ce7e58	/git/enscript/commit/0acc7b63a1be9f5d02f1a21d6df52cb5a9ce7e58.gph	thinkerwim.org	70
hAuthor: Tim Retout <diocles@gnu.org>	URL:mailto:diocles@gnu.org	thinkerwim.org	70
iDate:   Sun, 27 Dec 2009 14:50:37 +0000	Err	thinkerwim.openbsd.amsterdam	70
i	Err	thinkerwim.openbsd.amsterdam	70
iApply patch from Debian Security Team for CAN-2004-1184.	Err	thinkerwim.openbsd.amsterdam	70
i	Err	thinkerwim.openbsd.amsterdam	70
iDiffstat:	Err	thinkerwim.openbsd.amsterdam	70
i  M src/ChangeLog                       |      14 ++++++++++++++	Err	thinkerwim.openbsd.amsterdam	70
i  M src/gsint.h                         |       5 +++++	Err	thinkerwim.openbsd.amsterdam	70
i  M src/main.c                          |      22 ++++++++++++++++------	Err	thinkerwim.openbsd.amsterdam	70
i  M src/util.c                          |      50 ++++++++++++++++++++++++++++----	Err	thinkerwim.openbsd.amsterdam	70
i	Err	thinkerwim.openbsd.amsterdam	70
i4 files changed, 80 insertions(+), 11 deletions(-)	Err	thinkerwim.openbsd.amsterdam	70
i---	Err	thinkerwim.openbsd.amsterdam	70
1diff --git a/src/ChangeLog b/src/ChangeLog	/git/enscript/file/src/ChangeLog.gph	thinkerwim.org	70
i@@ -1,3 +1,17 @@	Err	thinkerwim.openbsd.amsterdam	70
i+2009-12-27  Tim Retout  <diocles@gnu.org>	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+        Apply patch from Debian Security Team for CAN-2004-1184.	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+        * gsint.h: Add shell_escape prototype.	Err	thinkerwim.openbsd.amsterdam	70
i+        * util.c (shell_escape): New function to escape filenames for	Err	thinkerwim.openbsd.amsterdam	70
i+        shell usage.	Err	thinkerwim.openbsd.amsterdam	70
i+        * util.c (is_open): Use shell_escape to expand command buffer.	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+        * main.c (main): Use single quotes when building command string,	Err	thinkerwim.openbsd.amsterdam	70
i+        and use shell_escape to quote contents.	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+        * util.c (escape_string): Check return code of xmalloc.	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i 2009-03-28  Tim Retout  <diocles@gnu.org>	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i         * psgen.c (recognize_eps_file): Remove ability to read EPS data	Err	thinkerwim.openbsd.amsterdam	70
1diff --git a/src/gsint.h b/src/gsint.h	/git/enscript/file/src/gsint.h.gph	thinkerwim.org	70
i@@ -699,4 +699,9 @@ FILE *printer_open ___P ((char *cmd, char *options, char *queue_param,	Err	thinkerwim.openbsd.amsterdam	70
i  */	Err	thinkerwim.openbsd.amsterdam	70
i void printer_close ___P ((void *context));	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i+/*	Err	thinkerwim.openbsd.amsterdam	70
i+ * Escape filenames for shell usage	Err	thinkerwim.openbsd.amsterdam	70
i+ */	Err	thinkerwim.openbsd.amsterdam	70
i+char *shell_escape ___P ((const char *fn));	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i #endif /* not GSINT_H */	Err	thinkerwim.openbsd.amsterdam	70
1diff --git a/src/main.c b/src/main.c	/git/enscript/file/src/main.c.gph	thinkerwim.org	70
i@@ -1544,9 +1544,13 @@ name             width\theight\tllx\tlly\turx\tury\n\	Err	thinkerwim.openbsd.amsterdam	70
i       buffer_append (&cmd, intbuf);	Err	thinkerwim.openbsd.amsterdam	70
i       buffer_append (&cmd, " ");	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i-      buffer_append (&cmd, "-Ddocument_title=\"");	Err	thinkerwim.openbsd.amsterdam	70
i-      buffer_append (&cmd, title);	Err	thinkerwim.openbsd.amsterdam	70
i-      buffer_append (&cmd, "\" ");	Err	thinkerwim.openbsd.amsterdam	70
i+      buffer_append (&cmd, "-Ddocument_title=\'");	Err	thinkerwim.openbsd.amsterdam	70
i+      if ((cp = shell_escape (title)) != NULL)	Err	thinkerwim.openbsd.amsterdam	70
i+        {	Err	thinkerwim.openbsd.amsterdam	70
i+          buffer_append (&cmd, cp);	Err	thinkerwim.openbsd.amsterdam	70
i+          free (cp);	Err	thinkerwim.openbsd.amsterdam	70
i+        }	Err	thinkerwim.openbsd.amsterdam	70
i+      buffer_append (&cmd, "\' ");	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i       buffer_append (&cmd, "-Dtoc=");	Err	thinkerwim.openbsd.amsterdam	70
i       buffer_append (&cmd, toc ? "1" : "0");	Err	thinkerwim.openbsd.amsterdam	70
i@@ -1563,8 +1567,14 @@ name             width\theight\tllx\tlly\turx\tury\n\	Err	thinkerwim.openbsd.amsterdam	70
i       /* Append input files. */	Err	thinkerwim.openbsd.amsterdam	70
i       for (i = optind; i < argc; i++)	Err	thinkerwim.openbsd.amsterdam	70
i         {	Err	thinkerwim.openbsd.amsterdam	70
i-          buffer_append (&cmd, " ");	Err	thinkerwim.openbsd.amsterdam	70
i-          buffer_append (&cmd, argv[i]);	Err	thinkerwim.openbsd.amsterdam	70
i+          char *cp;	Err	thinkerwim.openbsd.amsterdam	70
i+          if ((cp = shell_escape (argv[i])) != NULL)	Err	thinkerwim.openbsd.amsterdam	70
i+            {	Err	thinkerwim.openbsd.amsterdam	70
i+              buffer_append (&cmd, " \'");	Err	thinkerwim.openbsd.amsterdam	70
i+              buffer_append (&cmd, cp);	Err	thinkerwim.openbsd.amsterdam	70
i+              buffer_append (&cmd, "\'");	Err	thinkerwim.openbsd.amsterdam	70
i+              free (cp);	Err	thinkerwim.openbsd.amsterdam	70
i+            }	Err	thinkerwim.openbsd.amsterdam	70
i         }	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i       /* And do the job. */	Err	thinkerwim.openbsd.amsterdam	70
i@@ -1625,7 +1635,7 @@ name             width\theight\tllx\tlly\turx\tury\n\	Err	thinkerwim.openbsd.amsterdam	70
i                                  buffer_ptr (opts), buffer_len (opts));	Err	thinkerwim.openbsd.amsterdam	70
i             }	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i-          buffer_append (&buffer, " \"%s\"");	Err	thinkerwim.openbsd.amsterdam	70
i+          buffer_append (&buffer, " \'%s\'");	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i           input_filter = buffer_copy (&buffer);	Err	thinkerwim.openbsd.amsterdam	70
i           input_filter_stdin = "-";	Err	thinkerwim.openbsd.amsterdam	70
1diff --git a/src/util.c b/src/util.c	/git/enscript/file/src/util.c.gph	thinkerwim.org	70
i@@ -1237,6 +1237,8 @@ escape_string (char *string)	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i   /* Create result. */	Err	thinkerwim.openbsd.amsterdam	70
i   cp = xmalloc (len + 1);	Err	thinkerwim.openbsd.amsterdam	70
i+  if (cp == NULL)	Err	thinkerwim.openbsd.amsterdam	70
i+      return NULL;	Err	thinkerwim.openbsd.amsterdam	70
i   for (i = 0, j = 0; string[i]; i++)	Err	thinkerwim.openbsd.amsterdam	70
i     switch (string[i])	Err	thinkerwim.openbsd.amsterdam	70
i       {	Err	thinkerwim.openbsd.amsterdam	70
i@@ -1877,6 +1879,7 @@ is_open (InputStream *is, FILE *fp, char *fname, char *input_filter)	Err	thinkerwim.openbsd.amsterdam	70
i       char *cmd = NULL;	Err	thinkerwim.openbsd.amsterdam	70
i       int cmdlen;	Err	thinkerwim.openbsd.amsterdam	70
i       int i, pos;	Err	thinkerwim.openbsd.amsterdam	70
i+      char *cp;	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i       is->is_pipe = 1;	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i@@ -1900,12 +1903,16 @@ is_open (InputStream *is, FILE *fp, char *fname, char *input_filter)	Err	thinkerwim.openbsd.amsterdam	70
i                 {	Err	thinkerwim.openbsd.amsterdam	70
i                 case 's':	Err	thinkerwim.openbsd.amsterdam	70
i                   /* Expand cmd-buffer. */	Err	thinkerwim.openbsd.amsterdam	70
i-                  cmdlen += strlen (fname);	Err	thinkerwim.openbsd.amsterdam	70
i-                  cmd = xrealloc (cmd, cmdlen);	Err	thinkerwim.openbsd.amsterdam	70
i+                  if ((cp = shell_escape (fname)) != NULL)	Err	thinkerwim.openbsd.amsterdam	70
i+                    {	Err	thinkerwim.openbsd.amsterdam	70
i+                      cmdlen += strlen (cp);	Err	thinkerwim.openbsd.amsterdam	70
i+                      cmd = xrealloc (cmd, cmdlen);	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i-                  /* Paste filename. */	Err	thinkerwim.openbsd.amsterdam	70
i-                  strcpy (cmd + pos, fname);	Err	thinkerwim.openbsd.amsterdam	70
i-                  pos += strlen (fname);	Err	thinkerwim.openbsd.amsterdam	70
i+                      /* Paste filename. */	Err	thinkerwim.openbsd.amsterdam	70
i+                      strcpy (cmd + pos, cp);	Err	thinkerwim.openbsd.amsterdam	70
i+                      pos += strlen (cp);	Err	thinkerwim.openbsd.amsterdam	70
i+                      free (cp);	Err	thinkerwim.openbsd.amsterdam	70
i+                    }	Err	thinkerwim.openbsd.amsterdam	70
i 	Err	thinkerwim.openbsd.amsterdam	70
i                   i++;	Err	thinkerwim.openbsd.amsterdam	70
i                   break;	Err	thinkerwim.openbsd.amsterdam	70
i@@ -2114,3 +2121,36 @@ buffer_len (Buffer *buffer)	Err	thinkerwim.openbsd.amsterdam	70
i {	Err	thinkerwim.openbsd.amsterdam	70
i   return buffer->len;	Err	thinkerwim.openbsd.amsterdam	70
i }	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+/*	Err	thinkerwim.openbsd.amsterdam	70
i+ * Escapes the name of a file so that the shell groks it in 'single'	Err	thinkerwim.openbsd.amsterdam	70
i+ * quotation marks.  The resulting pointer has to be free()ed when not	Err	thinkerwim.openbsd.amsterdam	70
i+ * longer used.	Err	thinkerwim.openbsd.amsterdam	70
i+*/	Err	thinkerwim.openbsd.amsterdam	70
i+char *	Err	thinkerwim.openbsd.amsterdam	70
i+shell_escape(const char *fn)	Err	thinkerwim.openbsd.amsterdam	70
i+{	Err	thinkerwim.openbsd.amsterdam	70
i+  size_t len = 0;	Err	thinkerwim.openbsd.amsterdam	70
i+  const char *inp;	Err	thinkerwim.openbsd.amsterdam	70
i+  char *retval, *outp;	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+  for(inp = fn; *inp; ++inp)	Err	thinkerwim.openbsd.amsterdam	70
i+    switch(*inp)	Err	thinkerwim.openbsd.amsterdam	70
i+    {	Err	thinkerwim.openbsd.amsterdam	70
i+      case '\'': len += 4; break;	Err	thinkerwim.openbsd.amsterdam	70
i+      default:   len += 1; break;	Err	thinkerwim.openbsd.amsterdam	70
i+    }	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+  outp = retval = malloc(len + 1);	Err	thinkerwim.openbsd.amsterdam	70
i+  if(!outp)	Err	thinkerwim.openbsd.amsterdam	70
i+    return NULL; /* perhaps one should do better error handling here */	Err	thinkerwim.openbsd.amsterdam	70
i+  for(inp = fn; *inp; ++inp)	Err	thinkerwim.openbsd.amsterdam	70
i+    switch(*inp)	Err	thinkerwim.openbsd.amsterdam	70
i+    {	Err	thinkerwim.openbsd.amsterdam	70
i+      case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break;	Err	thinkerwim.openbsd.amsterdam	70
i+      default:   *outp++ = *inp; break;	Err	thinkerwim.openbsd.amsterdam	70
i+    }	Err	thinkerwim.openbsd.amsterdam	70
i+  *outp = 0;	Err	thinkerwim.openbsd.amsterdam	70
i+	Err	thinkerwim.openbsd.amsterdam	70
i+  return retval;	Err	thinkerwim.openbsd.amsterdam	70
i+}	Err	thinkerwim.openbsd.amsterdam	70
.