Angus Leeming wrote:
>> I don't know if playing with the file name to be converted you can
>> also execute arbitrary code. Tried a bit and didn't work... but it
>> would be nicer/safer to use execvp anyways?
>
> Agreed. There is no need to retain systemcall at all. Kill it.
This would be it, except for two cases: ControlSendTo (custom export) which
is relatively safe because is a manually entered command (and we want to
keep the flexibility of Systemcall I presume), and unzipFile which I don't
know how to solve correctly.
Of course, this can brake a lot of manually-defined converters (using > and
< for instance).
I don't know what's better. I'm inclined to apply only the first patch I've
sent (solving only the external inset problem - which is the most urgent)
because it's less likely it will brake anything else. All the others would
have to exploit some strangely crafted filename, so it would be more or
less easy to catch. Maybe.
I'll leave the decision to someone else.
Alfredo
? lib/b
? src/lyx-new
? src/lyx-old
? src/frontends/qt2/QContentPane.C-new
? src/frontends/qt2/QContentPane.h-new
? src/frontends/qt2/QWorkArea.C-new
Index: lib/lyxrc.example
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/lib/lyxrc.example,v
retrieving revision 1.39
diff -u -p -u -r1.39 lyxrc.example
--- lib/lyxrc.example 10 Jan 2002 15:14:20 -0000 1.39
+++ lib/lyxrc.example 6 Feb 2004 08:46:34 -0000
@@ -368,9 +368,10 @@
# "index.html" or "$$b.html"
# If "resultfile" is omitted, the name of this file is assumed to be
# "index.format"
-# - parselog=filtername : filtername is a name of a filter command that takes
-# the converter error log (from stderr), and converts it to a fake latex .log
-# file.
+# - parselog=filtername : filtername is a name of a command that takes
+# the converter error log (from stderr) from the file given as first
+# argument, and converts it to a fake latex .log written to the file
+# given as second argument file.
# For example:
#\converter latex html "latex2html -split 0 $$i"
# "originaldir,needaux,resultdir"
Index: src/Chktex.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/Chktex.C,v
retrieving revision 1.21
diff -u -p -u -r1.21 Chktex.C
--- src/Chktex.C 24 Nov 2002 15:19:52 -0000 1.21
+++ src/Chktex.C 6 Feb 2004 08:46:38 -0000
@@ -25,7 +25,7 @@
#include "support/FileInfo.h"
#include "support/filetools.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "support/path.h"
#include "support/lstrings.h"
@@ -51,8 +51,8 @@ int Chktex::run(TeXErrors &terr)
// run bibtex
string log = OnlyFilename(ChangeExtension(file, ".log"));
string tmp = cmd + " -q -v0 -b0 -x " + file + " -o " + log;
- Systemcall one;
- int result= one.startscript(Systemcall::Wait, tmp);
+ Forkedcall one;
+ int result= one.startscript(Forkedcall::Wait, tmp);
if (result == 0) {
result = scanLogFile(terr);
} else {
Index: src/LaTeX.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/LaTeX.C,v
retrieving revision 1.74.2.1
diff -u -p -u -r1.74.2.1 LaTeX.C
--- src/LaTeX.C 9 Mar 2003 17:41:40 -0000 1.74.2.1
+++ src/LaTeX.C 6 Feb 2004 08:46:39 -0000
@@ -27,7 +27,7 @@
#include "support/FileInfo.h"
#include "support/lstrings.h"
#include "support/lyxlib.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "support/os.h"
#include "support/path.h"
@@ -389,8 +389,8 @@ int LaTeX::operator()()
#else // cmd.exe (OS/2) causes SYS0003 error at "/dev/null"
string tmp = cmd + ' ' + file + " > nul";
#endif
- Systemcall one;
- return one.startscript(Systemcall::Wait, tmp);
+ Forkedcall one;
+ return one.startscript(Forkedcall::Wait, tmp);
}
@@ -406,8 +406,8 @@ bool LaTeX::runMakeIndex(string const &
// to come for a later time.
string tmp = "makeindex -c -q ";
tmp += f;
- Systemcall one;
- one.startscript(Systemcall::Wait, tmp);
+ Forkedcall one;
+ one.startscript(Forkedcall::Wait, tmp);
return true;
}
@@ -534,8 +534,8 @@ bool LaTeX::runBibTeX(vector<Aux_Info> c
string tmp = "bibtex ";
tmp += OnlyFilename(ChangeExtension(it->aux_file, string()));
- Systemcall one;
- one.startscript(Systemcall::Wait, tmp);
+ Forkedcall one;
+ one.startscript(Forkedcall::Wait, tmp);
}
// Return whether bibtex was run
return result;
Index: src/converter.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/converter.C,v
retrieving revision 1.62
diff -u -p -u -r1.62 converter.C
--- src/converter.C 1 Dec 2002 22:59:17 -0000 1.62
+++ src/converter.C 6 Feb 2004 08:46:42 -0000
@@ -30,7 +30,7 @@
#include "support/filetools.h"
#include "support/lyxfunctional.h"
#include "support/path.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "BoostFormat.h"
@@ -214,8 +214,8 @@ bool Formats::view(Buffer const * buffer
ShowMessage(buffer, _("Executing command:"), command);
Path p(OnlyPath(filename));
- Systemcall one;
- int const res = one.startscript(Systemcall::DontWait, command);
+ Forkedcall one;
+ int const res = one.startscript(Forkedcall::DontWait, command);
if (res) {
Alert::alert(_("Cannot view file"),
@@ -671,9 +671,9 @@ bool Converters::convert(Buffer const *
if (buffer)
ShowMessage(buffer, _("Executing command:"), command);
- Systemcall::Starttype type = (dummy)
- ? Systemcall::DontWait : Systemcall::Wait;
- Systemcall one;
+ Forkedcall::Starttype type = (dummy)
+ ? Forkedcall::DontWait : Forkedcall::Wait;
+ Forkedcall one;
int res;
if (conv.original_dir && buffer) {
Path p(buffer->filePath());
@@ -695,9 +695,9 @@ bool Converters::convert(Buffer const *
string const logfile = infile2 + ".log";
string const script = LibScriptSearch(conv.parselog);
string const command2 = script +
- " < " + QuoteName(infile2 + ".out") +
- " > " + QuoteName(logfile);
- one.startscript(Systemcall::Wait, command2);
+ " " + QuoteName(infile2 + ".out") +
+ " " + QuoteName(logfile);
+ one.startscript(Forkedcall::Wait, command2);
if (!scanLog(buffer, command, logfile))
return false;
}
Index: src/lyx_cb.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/lyx_cb.C,v
retrieving revision 1.190
diff -u -p -u -r1.190 lyx_cb.C
--- src/lyx_cb.C 23 Jan 2003 16:23:37 -0000 1.190
+++ src/lyx_cb.C 6 Feb 2004 08:46:43 -0000
@@ -33,7 +33,7 @@
#include "support/filetools.h"
#include "support/forkedcall.h"
#include "support/path.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "support/lstrings.h"
#include "BoostFormat.h"
@@ -530,8 +530,8 @@ void Reconfigure(BufferView * bv)
// Run configure in user lyx directory
Path p(user_lyxdir);
- Systemcall one;
- one.startscript(Systemcall::Wait,
+ Forkedcall one;
+ one.startscript(Forkedcall::Wait,
AddName(system_lyxdir, "configure"));
p.pop();
bv->owner()->message(_("Reloading configuration..."));
Index: src/vc-backend.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/vc-backend.C,v
retrieving revision 1.36.2.1
diff -u -p -u -r1.36.2.1 vc-backend.C
--- src/vc-backend.C 12 Mar 2003 06:25:56 -0000 1.36.2.1
+++ src/vc-backend.C 6 Feb 2004 08:46:44 -0000
@@ -15,7 +15,7 @@
#include "support/path.h"
#include "support/filetools.h"
#include "support/lstrings.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include <boost/regex.hpp>
@@ -42,9 +42,9 @@ using boost::cmatch;
int VCS::doVCCommand(string const & cmd, string const & path)
{
lyxerr[Debug::LYXVC] << "doVCCommand: " << cmd << endl;
- Systemcall one;
+ Forkedcall one;
Path p(path);
- int const ret = one.startscript(Systemcall::Wait, cmd);
+ int const ret = one.startscript(Forkedcall::Wait, cmd);
return ret;
}
Index: src/frontends/controllers/ControlPrint.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/frontends/controllers/ControlPrint.C,v
retrieving revision 1.28
diff -u -p -u -r1.28 ControlPrint.C
--- src/frontends/controllers/ControlPrint.C 27 Nov 2002 10:30:22 -0000 1.28
+++ src/frontends/controllers/ControlPrint.C 6 Feb 2004 08:46:45 -0000
@@ -31,7 +31,7 @@
#include "support/LAssert.h"
#include "support/filetools.h"
#include "support/path.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "debug.h" // for lyxerr
@@ -162,7 +162,7 @@ void ControlPrint::apply()
// 1. we print to a file
// 2. we print directly to a printer
// 3. we print using a spool command (print to file first)
- Systemcall one;
+ Forkedcall one;
int res = 0;
string const dviname = ChangeExtension(buffer()->getLatexName(true), "dvi");
switch (pp.target) {
@@ -184,13 +184,13 @@ void ControlPrint::apply()
command2 += QuoteName(psname);
// First run dvips.
// If successful, then spool command
- res = one.startscript(Systemcall::Wait, command);
+ res = one.startscript(Forkedcall::Wait, command);
if (res == 0)
- res = one.startscript(Systemcall::DontWait,
+ res = one.startscript(Forkedcall::DontWait,
command2);
} else {
// case 2: print directly to a printer
- res = one.startscript(Systemcall::DontWait,
+ res = one.startscript(Forkedcall::DontWait,
command + QuoteName(dviname));
}
break;
@@ -201,7 +201,7 @@ void ControlPrint::apply()
+ QuoteName(MakeAbsPath(pp.file_name, path))
+ ' '
+ QuoteName(dviname);
- res = one.startscript(Systemcall::DontWait, command);
+ res = one.startscript(Forkedcall::DontWait, command);
break;
}
Index: src/frontends/controllers/tex_helpers.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/frontends/controllers/tex_helpers.C,v
retrieving revision 1.7
diff -u -p -u -r1.7 tex_helpers.C
--- src/frontends/controllers/tex_helpers.C 21 Oct 2002 17:38:09 -0000 1.7
+++ src/frontends/controllers/tex_helpers.C 6 Feb 2004 08:46:45 -0000
@@ -21,7 +21,7 @@
#include "support/filetools.h"
#include "support/lstrings.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "support/path.h"
#include "support/lyxalgo.h"
@@ -55,8 +55,8 @@ void rescanTexStyles()
{
// Run rescan in user lyx directory
Path p(user_lyxdir);
- Systemcall one;
- one.startscript(Systemcall::Wait,
+ Forkedcall one;
+ one.startscript(Forkedcall::Wait,
LibFileSearch("scripts", "TeXFiles.sh"));
}
@@ -67,8 +67,8 @@ void texhash()
Path p(user_lyxdir);
//path to texhash through system
- Systemcall one;
- one.startscript(Systemcall::Wait,"texhash");
+ Forkedcall one;
+ one.startscript(Forkedcall::Wait,"texhash");
}
Index: src/frontends/qt2/qfont_loader.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/frontends/qt2/qfont_loader.C,v
retrieving revision 1.27.2.6
diff -u -p -u -r1.27.2.6 qfont_loader.C
--- src/frontends/qt2/qfont_loader.C 15 Jan 2004 15:13:39 -0000 1.27.2.6
+++ src/frontends/qt2/qfont_loader.C 6 Feb 2004 08:46:47 -0000
@@ -15,6 +15,9 @@
#pragma implementation
#endif
+
+#include "support/forkedcall.h"
+
#include "qfont_loader.h"
#include "qt_helpers.h"
#include "debug.h"
@@ -34,7 +37,9 @@
#ifdef Q_WS_X11
#include <qwidget.h>
#include <X11/Xlib.h>
-#include "support/systemcall.h"
+
+
+
#include "support/filetools.h"
#endif
@@ -62,8 +67,8 @@ void addFontPath()
lyxerr[Debug::FONT] << "Adding " << dir
<< " to the font path." << endl;
string const command = "xset fp+ " + dir;
- Systemcall s;
- if (!s.startscript(Systemcall::Wait, command))
+ Forkedcall s;
+ if (!s.startscript(Forkedcall::Wait, command))
return;
lyxerr << "Unable to add font path." << endl;
}
Index: src/frontends/xforms/xfont_loader.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/frontends/xforms/xfont_loader.C,v
retrieving revision 1.16.2.1
diff -u -p -u -r1.16.2.1 xfont_loader.C
--- src/frontends/xforms/xfont_loader.C 21 Jul 2003 13:06:37 -0000 1.16.2.1
+++ src/frontends/xforms/xfont_loader.C 6 Feb 2004 08:46:49 -0000
@@ -22,7 +22,7 @@
#include "lyxrc.h" // lyxrc.font_*
#include "BufferView.h"
#include "frontends/LyXView.h"
-#include "support/systemcall.h"
+#include "support/Forkedcall.h"
#include "support/filetools.h"
#include FORMS_H_LOCATION
@@ -148,8 +148,8 @@ bool addFontPath()
lyxerr[Debug::FONT] << "Adding " << dir
<< " to the font path." << endl;
string const command = "xset fp+ " + dir;
- Systemcall s;
- if (!s.startscript(Systemcall::Wait, command))
+ Forkedcall s;
+ if (!s.startscript(Forkedcall::Wait, command))
return true;
lyxerr << "Unable to add font path." << endl;
}
Index: src/insets/insetexternal.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/insets/insetexternal.C,v
retrieving revision 1.53
diff -u -p -u -r1.53 insetexternal.C
--- src/insets/insetexternal.C 27 Nov 2002 10:30:25 -0000 1.53
+++ src/insets/insetexternal.C 6 Feb 2004 08:46:50 -0000
@@ -30,7 +30,7 @@
#include "support/filetools.h"
#include "support/lstrings.h"
#include "support/path.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "support/FileInfo.h"
#include <cstdio>
@@ -221,12 +221,12 @@ void InsetExternal::executeCommand(strin
Buffer const * buffer) const
{
Path p(buffer->filePath());
- Systemcall one;
+ Forkedcall one;
if (lyxerr.debugging()) {
lyxerr << "Executing '" << s << "' in '"
<< buffer->filePath() << '\'' << endl;
}
- one.startscript(Systemcall::Wait, s);
+ one.startscript(Forkedcall::Wait, s);
}
Index: src/insets/insetgraphics.C
===================================================================
RCS file: /usr/local/lyx/cvsroot/lyx-devel/src/insets/insetgraphics.C,v
retrieving revision 1.146.2.2
diff -u -p -u -r1.146.2.2 insetgraphics.C
--- src/insets/insetgraphics.C 15 Sep 2003 10:11:27 -0000 1.146.2.2
+++ src/insets/insetgraphics.C 6 Feb 2004 08:46:51 -0000
@@ -86,7 +86,7 @@ TODO
#include "support/lyxalgo.h" // lyx::count
#include "support/lyxlib.h" // float_equal
#include "support/path.h"
-#include "support/systemcall.h"
+#include "support/forkedcall.h"
#include "support/os.h"
#include <boost/weak_ptr.hpp>
@@ -674,8 +674,8 @@ string const InsetGraphics::prepareFile(
lyxerr[Debug::GRAPHICS]
<< "No converter defined! I use convertDefault.sh:\n\t"
<< command << endl;
- Systemcall one;
- one.startscript(Systemcall::Wait, command);
+ Forkedcall one;
+ one.startscript(Forkedcall::Wait, command);
if (!IsFileReadable(ChangeExtension(outfile_base, to)))
#if USE_BOOST_FORMAT
Alert::alert(_("Cannot convert Image (not existing file?)"),
