projects / unix-history / blob
? search:
summary | tags | clone url | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix popen security hole.
[unix-history] / usr / src / libexec / fingerd / fingerd.c
#ifndef lint
static char sccsid[] = "@(#)fingerd.c 1.3 (Berkeley) %G%";
#endif
/*
* Finger server.
*/
#include <sys/types.h>
#include <netinet/in.h>
#include <stdio.h>
#include <ctype.h>
main(argc, argv)
char *argv[];
{
register char *sp;
char line[512];
struct sockaddr_in sin;
int i, p[2], pid, status;
FILE *fp;
char *av[4];
i = sizeof (sin);
if (getpeername(0, &sin, &i) < 0)
fatal(argv[0], "getpeername");
line[0] = '\0';
gets(line);
sp = line;
av[0] = "finger";
i = 1;
while (1) {
while (isspace(*sp))
sp++;
if (!*sp)
break;
if (*sp == '/' && (sp[1] == 'W' || sp[1] == 'w')) {
sp += 2;
av[i++] = "-l";
}
if (*sp && !isspace(*sp)) {
av[i++] = sp;
while (*sp && !isspace(*sp))
sp++;
*sp = '\0';
}
}
av[i] = 0;
if (pipe(p) < 0)
fatal(argv[0], "pipe");
if ((pid = fork()) == 0) {
close(p[0]);
if (p[1] != 1) {
dup2(p[1], 1);
close(p[1]);
}
execv("/usr/ucb/finger", av);
_exit(1);
}
if (pid == -1)
fatal(argv[0], "fork");
close(p[1]);
if ((fp = fdopen(p[0], "r")) == NULL)
fatal(argv[0], "fdopen");
while ((i = getc(fp)) != EOF) {
if (i == '\n')
putchar('\r');
putchar(i);
}
fclose(fp);
while ((i = wait(&status)) != pid && i != -1)
;
return(0);
}
fatal(prog, s)
char *prog, *s;
{
fprintf(stderr, "%s: ", prog);
perror(s);
exit(1);
}
Continuous source code history from original PDP-7 UNIX to FreeBSD 2, the first fully unencumbered FreeBSD release.