diff options
-rw-r--r-- | main.c | 4 | ||||
-rw-r--r-- | mandoc.h | 4 | ||||
-rw-r--r-- | roff.c | 29 |
3 files changed, 34 insertions, 3 deletions
@@ -1,4 +1,4 @@ -/* $Id: main.c,v 1.112 2010/12/01 16:28:23 kristaps Exp $ */ +/* $Id: main.c,v 1.113 2010/12/01 16:54:25 kristaps Exp $ */ /* * Copyright (c) 2008, 2009, 2010 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2010 Ingo Schwarze <schwarze@openbsd.org> @@ -122,6 +122,7 @@ static const char * const mandocerrs[MANDOCERR_MAX] = { "generic warning", + ".so is fragile, better use ln(1)", "text should be uppercase", "sections out of conventional order", "section name repeats", @@ -190,6 +191,7 @@ static const char * const mandocerrs[MANDOCERR_MAX] = { "argument count wrong, violates syntax", "child violates parent syntax", "argument count wrong, violates syntax", + "NOT IMPLEMENTED: .so with absolute path or \"..\"", "no document body", "no document prologue", "utsname system call failed", @@ -1,4 +1,4 @@ -/* $Id: mandoc.h,v 1.25 2010/12/01 10:31:35 kristaps Exp $ */ +/* $Id: mandoc.h,v 1.26 2010/12/01 16:54:25 kristaps Exp $ */ /* * Copyright (c) 2010 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -45,6 +45,7 @@ enum mandocerr { MANDOCERR_OK, MANDOCERR_WARNING, /* ===== start of warnings ===== */ + MANDOCERR_SO, /* .so is fragile, better use ln(1) */ MANDOCERR_UPPERCASE, /* text should be uppercase */ MANDOCERR_SECOOO, /* sections out of conventional order */ MANDOCERR_SECREP, /* section name repeats */ @@ -114,6 +115,7 @@ enum mandocerr { MANDOCERR_SYNTARGVCOUNT, /* argument count wrong, violates syntax */ MANDOCERR_SYNTCHILD, /* child violates parent syntax */ MANDOCERR_SYNTARGCOUNT, /* argument count wrong, violates syntax */ + MANDOCERR_SOPATH, /* NOT IMPLEMENTED: .so with absolute path or ".." */ MANDOCERR_NODOCBODY, /* no document body */ MANDOCERR_NODOCPROLOG, /* no document prologue */ MANDOCERR_UTSNAME, /* utsname system call failed */ @@ -1,4 +1,4 @@ -/* $Id: roff.c,v 1.104 2010/12/01 10:31:35 kristaps Exp $ */ +/* $Id: roff.c,v 1.105 2010/12/01 16:54:25 kristaps Exp $ */ /* * Copyright (c) 2010 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2010 Ingo Schwarze <schwarze@openbsd.org> @@ -62,6 +62,7 @@ enum rofft { ROFF_nh, ROFF_nr, ROFF_rm, + ROFF_so, ROFF_tr, ROFF_cblock, ROFF_ccond, /* FIXME: remove this. */ @@ -141,6 +142,7 @@ static int roff_res(struct roff *, char **, size_t *, int); static void roff_setstr(struct roff *, const char *, const char *); +static enum rofferr roff_so(ROFF_ARGS); static char *roff_strdup(const char *); /* See roff_hash_find() */ @@ -169,6 +171,7 @@ static struct roffmac roffs[ROFF_MAX] = { { "nh", roff_line_ignore, NULL, NULL, 0, NULL }, { "nr", roff_nr, NULL, NULL, 0, NULL }, { "rm", roff_line_error, NULL, NULL, 0, NULL }, + { "so", roff_so, NULL, NULL, 0, NULL }, { "tr", roff_line_ignore, NULL, NULL, 0, NULL }, { ".", roff_cblock, NULL, NULL, 0, NULL }, { "\\}", roff_ccond, NULL, NULL, 0, NULL }, @@ -1054,6 +1057,30 @@ roff_nr(ROFF_ARGS) return(ROFF_IGN); } +/* ARGSUSED */ +static enum rofferr +roff_so(ROFF_ARGS) +{ + char *name; + + (*r->msg)(MANDOCERR_SO, r->data, ln, ppos, NULL); + + /* + * Handle `so'. Be EXTREMELY careful, as we shouldn't be + * opening anything that's not in our cwd or anything beneath + * it. Thus, explicitly disallow traversing up the file-system + * or using absolute paths. + */ + + name = *bufp + pos; + if ('/' == *name || strstr(name, "../") || strstr(name, "/..")) { + (*r->msg)(MANDOCERR_SOPATH, r->data, ln, pos, NULL); + return(ROFF_ERR); + } + + *offs = pos; + return(ROFF_SO); +} static char * roff_strdup(const char *name) |