From 1e42112bb983f886f389b1fa3ef4d90a4dad4f91 Mon Sep 17 00:00:00 2001 From: markus schnalke Date: Wed, 14 Jan 2015 21:22:02 +0100 Subject: [PATCH] forw: convert system() to execprog(); fix buffer check --- uip/forw.c | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/uip/forw.c b/uip/forw.c index 54b7c07..57e508f 100644 --- a/uip/forw.c +++ b/uip/forw.c @@ -257,25 +257,33 @@ static void add_forw_hdr(char *draft) { int msgnum; - char buffer[BUFSIZ]; - - snprintf(buffer, sizeof buffer, "anno -append -nodate '%s' " - "-comp '%s' -text '+%s", - draft, attach_hdr, mp->foldpath); + char buf[BUFSIZ]; + char *vec[MAXARGS]; + int vecp = 0; + + vec[vecp++] = "anno"; + vec[vecp++] = "-append"; + vec[vecp++] = "-nodate"; + vec[vecp++] = draft; + vec[vecp++] = "-comp"; + vec[vecp++] = attach_hdr; + vec[vecp++] = "-text"; + snprintf(buf, sizeof buf, "+%s", mp->foldpath); for (msgnum = mp->lowsel; msgnum <= mp->hghsel; msgnum++) { if (!is_selected(mp, msgnum)) { continue; } - /* TODO: Check for buffer length! */ - strcat(buffer, " "); - strcat(buffer, m_name(msgnum)); - } - strcat(buffer, "'"); - /* TODO: This check is bad, but better than nothing */ - if (strlen(buffer) > BUFSIZ) { - adios(NULL, "Too long attachment header line. Forward less messages."); + if (strlen(buf) + 1 + strlen(m_name(msgnum)) + 1 + > sizeof buf) { + adios(NULL, "Attachment header line too long. " + "Forward less messages."); + } + strcat(buf, " "); + strcat(buf, m_name(msgnum)); } - if (system(buffer) != 0) { + vec[vecp++] = buf; + vec[vecp] = NULL; + if (execprog(*vec, vec) != 0) { advise(NULL, "unable to add attachment header"); } } -- 1.7.10.4