diff options
author | davygrvy <davygrvy@pobox.com> | 2004-02-01 10:28:18 (GMT) |
---|---|---|
committer | davygrvy <davygrvy@pobox.com> | 2004-02-01 10:28:18 (GMT) |
commit | a5a88c6852d2844f65d00b330c7f7792f6e42eb4 (patch) | |
tree | 98a4642b9492579fd3e8e31643dcc9d220ba2d76 /win/nmakehlp.c | |
parent | e131c70a9234181716abcc8e7ae32a2bc3a42217 (diff) | |
download | tcl-a5a88c6852d2844f65d00b330c7f7792f6e42eb4.zip tcl-a5a88c6852d2844f65d00b330c7f7792f6e42eb4.tar.gz tcl-a5a88c6852d2844f65d00b330c7f7792f6e42eb4.tar.bz2 |
* win/nmakehlp.c: defensive techniques to avoid static buffer
overflows and a couple envars upsetting invokations of cl.exe
and link.exe.
Diffstat (limited to 'win/nmakehlp.c')
-rw-r--r-- | win/nmakehlp.c | 32 |
1 files changed, 18 insertions, 14 deletions
diff --git a/win/nmakehlp.c b/win/nmakehlp.c index eee6b75..b444696 100644 --- a/win/nmakehlp.c +++ b/win/nmakehlp.c @@ -9,7 +9,7 @@ * of this file, and for a DISCLAIMER OF ALL WARRANTIES. * * ---------------------------------------------------------------------------- - * RCS: @(#) $Id: nmakehlp.c,v 1.5 2004/01/28 00:56:26 davygrvy Exp $ + * RCS: @(#) $Id: nmakehlp.c,v 1.6 2004/02/01 10:28:18 davygrvy Exp $ * ---------------------------------------------------------------------------- */ #include <windows.h> @@ -25,9 +25,11 @@ int GrepForDefine (const char *file, const char *string); DWORD WINAPI ReadFromPipe (LPVOID args); /* globals */ +#define CHUNK 25 +#define STATICBUFFERSIZE 1000 typedef struct { HANDLE pipe; - char buffer[1000]; + char buffer[STATICBUFFERSIZE]; } pipeinfo; pipeinfo Out = {INVALID_HANDLE_VALUE, '\0'}; @@ -46,6 +48,10 @@ main (int argc, char *argv[]) /* make sure children (cl.exe and link.exe) are kept quiet. */ SetErrorMode(SEM_FAILCRITICALERRORS | SEM_NOOPENFILEERRORBOX); + /* Make sure the compiler and linker aren't effected by the outside world. */ + SetEnvironmentVariable("CL", ""); + SetEnvironmentVariable("LINK", ""); + if (argc > 1 && *argv[1] == '-') { switch (*(argv[1]+1)) { case 'c': @@ -136,11 +142,11 @@ CheckForCompilerFeature (const char *option) 0, TRUE, DUPLICATE_SAME_ACCESS | DUPLICATE_CLOSE_SOURCE); /* base command line */ - strcpy(cmdline, "cl.exe -nologo -c -TC -Fdtemp "); + strcpy(cmdline, "cl.exe -nologo -c -TC -Zs -X "); /* append our option for testing */ strcat(cmdline, option); /* filename to compile, which exists, but is nothing and empty. */ - strcat(cmdline, " .\nul"); + strcat(cmdline, " .\\nul"); ok = CreateProcess( NULL, /* Module name. */ @@ -180,10 +186,6 @@ CheckForCompilerFeature (const char *option) WaitForSingleObject(pi.hProcess, INFINITE); CloseHandle(pi.hProcess); - /* clean up temporary files before returning */ - DeleteFile("temp.idb"); - DeleteFile("temp.pdb"); - /* wait for our pipe to get done reading, should it be a little slow. */ WaitForMultipleObjects(2, pipeThreads, TRUE, 500); CloseHandle(pipeThreads[0]); @@ -234,8 +236,6 @@ CheckForLinkerFeature (const char *option) strcpy(cmdline, "link.exe -nologo "); /* append our option for testing */ strcat(cmdline, option); - /* filename to compile, which exists, but is nothing and empty. */ -// strcat(cmdline, " .\nul"); ok = CreateProcess( NULL, /* Module name. */ @@ -293,7 +293,11 @@ ReadFromPipe (LPVOID args) BOOL ok; again: - ok = ReadFile(pi->pipe, lastBuf, 25, &dwRead, 0L); + if (lastBuf - pi->buffer + CHUNK > STATICBUFFERSIZE) { + CloseHandle(pi->pipe); + return -1; + } + ok = ReadFile(pi->pipe, lastBuf, CHUNK, &dwRead, 0L); if (!ok || dwRead == 0) { CloseHandle(pi->pipe); return 0; @@ -339,9 +343,9 @@ GrepForDefine (const char *file, const char *string) /* is the first word what we're looking for? */ if (!strcmp(s2, string)) { fclose(f); - /* add 1 past double quote char. "8.5" */ - d1 = atof(s3 + 1); /* 8.5 */ - return ((int) (d1 * 10) & 0xFF); /* 85 */ + /* add 1 past first double quote char. "8.5" */ + d1 = atof(s3 + 1); /* 8.5 */ + return ((int) (d1 * 10) & 0xFF); /* 85 */ } } } while (!feof(f)); |