From 057ae3dfa5c8ea1be69e6146f4a4e43f9401f3fd Mon Sep 17 00:00:00 2001 From: tsauerbeck Date: Wed, 16 Mar 2005 18:39:39 +0000 Subject: [PATCH] Decompiler improvements: Edjes now contain a 'compiler' entry, which is set to the executable that's used to compile an Edje. edje_decc does some sanity checking on this string, to prevent exploitation. SVN revision: 13754 --- legacy/edje/AUTHORS | 2 +- legacy/edje/src/bin/edje_cc.c | 1 + legacy/edje/src/bin/edje_decc.c | 35 +++++++++++++++++++++++++++++- legacy/edje/src/lib/edje_data.c | 1 + legacy/edje/src/lib/edje_private.h | 1 + 5 files changed, 38 insertions(+), 2 deletions(-) diff --git a/legacy/edje/AUTHORS b/legacy/edje/AUTHORS index 7bf31c1234..8000783fe1 100644 --- a/legacy/edje/AUTHORS +++ b/legacy/edje/AUTHORS @@ -1,2 +1,2 @@ The Rasterman (Carsten Haitzler) - +Tilman Sauerbeck (tilman at code-monkey de) diff --git a/legacy/edje/src/bin/edje_cc.c b/legacy/edje/src/bin/edje_cc.c index 421e5cb52d..912222efa6 100644 --- a/legacy/edje/src/bin/edje_cc.c +++ b/legacy/edje/src/bin/edje_cc.c @@ -193,6 +193,7 @@ main(int argc, char **argv) edje_init(); edje_file = mem_alloc(SZ(Edje_File)); + edje_file->compiler = strdup("edje_cc"); edje_file->version = EDJE_FILE_VERSION; edje_file->feature_ver = 1; /* increment this every time we add a field * or feature to the edje file format that diff --git a/legacy/edje/src/bin/edje_decc.c b/legacy/edje/src/bin/edje_decc.c index 0799e4d357..00c951cb35 100644 --- a/legacy/edje/src/bin/edje_decc.c +++ b/legacy/edje/src/bin/edje_decc.c @@ -23,6 +23,7 @@ void output(void); int e_file_is_dir(char *file); int e_file_mkdir(char *dir); int e_file_mkpath(char *path); +static int compiler_cmd_is_sane(); static void main_help(void) @@ -90,6 +91,16 @@ decomp(void) eet_close(ef); return 0; } + if (!edje_file->compiler) + { + edje_file->compiler = strdup("edje_cc"); + } + else if (!compiler_cmd_is_sane()) + { + printf("ERROR: invalid compiler executable: '%s'\n", edje_file->compiler); + eet_close(ef); + return 0; + } fontlist = source_fontmap_load(ef); eet_close(ef); return 1; @@ -263,7 +274,7 @@ output(void) } f = fopen(out, "w"); fprintf(f, "#!/bin/sh\n"); - fprintf(f, "edje_cc $@ -id . -fd . main_edje_source.edc -o %s.eet\n", outdir); + fprintf(f, "%s $@ -id . -fd . main_edje_source.edc -o %s.eet\n", edje_file->compiler, outdir); fclose(f); #ifndef WIN32 @@ -321,3 +332,25 @@ e_file_mkpath(char *path) else if (!e_file_is_dir(ss)) return 0; return 1; } + +static int +compiler_cmd_is_sane() +{ + char *c = edje_file->compiler, *ptr; + + if (!c || !*c) + { + return 0; + } + + for (ptr = c; ptr && *ptr; ptr++) + { + /* only allow [a-z][A-Z][0-9]_- */ + if (!isalnum(*ptr) && *ptr != '_' && *ptr != '-') + { + return 0; + } + } + + return 1; +} diff --git a/legacy/edje/src/lib/edje_data.c b/legacy/edje/src/lib/edje_data.c index 9afc4cdc50..9ecddacb69 100644 --- a/legacy/edje/src/lib/edje_data.c +++ b/legacy/edje/src/lib/edje_data.c @@ -105,6 +105,7 @@ _edje_edd_setup(void) _edje_edd_edje_file = NEWD("Edje_File", Edje_File); + EET_DATA_DESCRIPTOR_ADD_BASIC(_edje_edd_edje_file, Edje_File, "compiler", compiler, EET_T_STRING); EET_DATA_DESCRIPTOR_ADD_BASIC(_edje_edd_edje_file, Edje_File, "version", version, EET_T_INT); EET_DATA_DESCRIPTOR_ADD_BASIC(_edje_edd_edje_file, Edje_File, "feature_ver", feature_ver, EET_T_INT); EET_DATA_DESCRIPTOR_ADD_SUB(_edje_edd_edje_file, Edje_File, "font_dir", font_dir, _edje_edd_edje_font_directory); diff --git a/legacy/edje/src/lib/edje_private.h b/legacy/edje/src/lib/edje_private.h index 91ace256a4..1694564ab5 100644 --- a/legacy/edje/src/lib/edje_private.h +++ b/legacy/edje/src/lib/edje_private.h @@ -151,6 +151,7 @@ struct _Edje_File Evas_Hash *collection_hash; int references; + char *compiler; int version; int feature_ver; };