* Copyright (c) 1980 Regents of the University of California.
* All rights reserved.
*
- * %sccs.include.redist.c%
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
#ifndef lint
#endif /* not lint */
#ifndef lint
-static char sccsid[] = "@(#)sccs.c 5.11 (Berkeley) %G%";
+static char sccsid[] = "@(#)sccs.c 5.11 (Berkeley) 3/4/91";
#endif /* not lint */
#include <sys/cdefs.h>
char buf[3*FBUFSIZ];
extern char *malloc();
extern char *rindex();
+ extern bool safepath();
extern bool isdir();
register char *q;
p++;
/*
- ** See if the name can be used as-is.
+ ** Check to see that the path is "safe", i.e., that we
+ ** are not letting some nasty person use the setuid part
+ ** of this program to look at or munge some presumably
+ ** hidden files.
*/
- if (SccsPath[0] != '/' || name[0] == '/' || strncmp(name, "./", 2) == 0)
- {
- if (strncmp(p, "s.", 2) == 0)
- return (name);
- if (isdir(name))
- return (name);
- }
+ if (SccsDir[0] == '/' && !safepath(name))
+ return (NULL);
/*
- ** Create the actual pathname.
+ ** Create the base pathname.
*/
/* first the directory part */
- if (name[0] != '/')
+ if (SccsDir[0] != '\0' && name[0] != '/' && strncmp(name, "./", 2) != 0)
{
gstrcpy(buf, SccsDir, sizeof(buf));
gstrcat(buf, "/", sizeof(buf));
gstrcpy(buf, "", sizeof(buf));
/* then the head of the pathname */
- strncat(buf, name, p - name);
+ gstrncat(buf, name, p - name, sizeof(buf));
q = &buf[strlen(buf)];
- strcpy(q, p);
+
+ /* now copy the final part of the name, in case useful */
+ gstrcpy(q, p, sizeof(buf));
+
+ /* so is it useful? */
if (strncmp(p, "s.", 2) != 0 && !isdir(buf))
{
/* sorry, no; copy the SCCS pathname & the "s." */
/* if i haven't changed it, why did I do all this? */
if (strcmp(buf, name) == 0)
p = name;
+ else
+ {
+ /* but if I have, squirrel it away */
+ p = malloc(strlen(buf) + 1);
+ if (p == NULL)
+ {
+ perror("Sccs: no mem");
+ exit(EX_OSERR);
+ }
+ strcpy(p, buf);
+ }
- return (stat(name, &stbuf) >= 0 && (stbuf.st_mode & S_IFMT) == S_IFDIR);
+ return (p);
}
-\f/*
+\f
+/*
** ISDIR -- return true if the argument is a directory.
**
** Parameters:
auto int st;
extern int errno;
sig_t osig;
- register char *p;
- register char **ap;
- bool makescript = FALSE;
- for (ap = getv; *ap != NULL; ap++)
- {
- p = *ap;
- if (p[0] == '-')
- {
- switch (p[1])
- {
- case 'E':
- p[1] = 'e';
- makescript = TRUE;
- break;
- }
- }
- }
-
- if (makescript)
- {
- printf("sccs edit %s\n", gfile);
- printf("ed - %s << 'xxEOFxx'\n", gfile);
- }
- else
- printf("\n------- %s -------\n", gfile);
+ printf("\n------- %s -------\n", gfile);
fflush(stdout);
/* create context for diff to run in */
}
command(&getv[1], FALSE, "-diff:elsfhbC");
}
-
- if (makescript)
- {
- printf("w\n");
- printf("q\n");
- printf("'xxEOFxx'\n");
- printf("sccs delta %s\n", gfile);
- }
-
return (rval);
}
\f