head	1.2;
access;
symbols
	RELEASE_5_4_0:1.1
	RELEASE_4_11_0:1.1;
locks; strict;
comment	@# @;


1.2
date	2005.04.20.20.55.03;	author jylefort;	state dead;
branches;
next	1.1;

1.1
date	2004.10.13.10.17.01;	author simon;	state Exp;
branches;
next	;


desc
@@


1.2
log
@- Update to 4.3.77
- Pass maintainership to sylvioc@@gmail.com
- Enable NLS and add WITHOUT_NLS knob

PR:		ports/80123
Submitted by:	Sylvio Cesar <sylvioc@@gmail.com>
Approved by:	adamw (mentor)
@
text
@Index: src/shar.c
===================================================================
RCS file: /home/ke/cvsroot/sharutils/src/shar.c,v
retrieving revision 1.22
diff -u -r1.22 shar.c
--- src/shar.c	2 Dec 2002 20:52:10 -0000	1.22
+++ src/shar.c	15 May 2004 09:13:16 -0000
@@@@ -255,11 +255,11 @@@@
 /* Position for first file in the shar file.  */
 static off_t first_file_position;
 
-/* Base for output filename.  FIXME: No fix limit in GNU... */
-static char output_base_name[50];
+/* Base for output filename.  */
+static char *output_base_name;
 
-/* Actual output filename.  FIXME: No fix limit in GNU... */
-static char output_filename[50];
+/* Actual output filename.  */
+static char *output_filename;
 
 static char *submitter_address = NULL;
 
@@@@ -1727,7 +1727,12 @@@@
 static void
 open_output ()
 {
-  sprintf (output_filename, output_base_name, ++part_number);
+  size_t l;
+  l = strlen(output_base_name) + 128;
+  if (output_filename)
+    free(output_filename);
+  output_filename = xmalloc(l);
+  snprintf(output_filename, l, output_base_name, ++part_number);
   output = fopen (output_filename, "w");
   if (!output)
     error (EXIT_FAILURE, errno, _("Opening `%s'"), output_filename);
@@@@ -1907,6 +1912,42 @@@@
     file_size_limit = lim;
 }
 
+
+char *parse_output_base_name(char *arg)
+{
+  int c;
+  int hadarg = 0;
+  char *fmt, *p;
+
+  for (p = arg ; (c = *p++) != 0; )
+    {
+      if (c != '%')
+	continue;
+      c = *p++;
+      if (c == '%')
+	continue;
+      if (hadarg)
+	return 0;
+      while (c != 0 && strchr("#0+- 'I", c) != 0)
+	c = *p++;
+      while (c != 0 && c >= '0' && c <= '9')
+	c = *p++;
+      if (c == '.')
+	c = *p++;
+      while (c != 0 && c >= '0' && c <= '9')
+	c = *p++;
+      if (c == 0 || strchr("diouxX", c) == 0)
+	return 0;
+      hadarg = 1;
+    }
+  fmt = xmalloc(strlen(arg) + (hadarg ? 1 : 6));
+  strcpy(fmt, arg);
+  if (!hadarg)
+    strcat(fmt, ".%02d");
+  return fmt;
+}
+
+
 /*---.
 | ?  |
 `---*/
@@@@ -2047,9 +2088,14 @@@@
 	break;
 
       case 'o':
-	strcpy (output_base_name, optarg);
-	if (!strchr (output_base_name, '%'))
-	  strcat (output_base_name, ".%02d");
+	if (output_base_name)
+	  free (output_base_name);
+        output_base_name = parse_output_base_name(optarg);
+        if (!output_base_name)
+	  {
+	    fprintf (stderr, _("illegal output prefix\n"));
+	    exit (EXIT_FAILURE);
+	  }
 	part_number = 0;
 	open_output ();
 	break;
@


1.1
log
@Security update to sharutils:
- Fix two buffer overflows. [1]
- Fix format string handling problems with command line parsing
  shar -o. [2]

Obtained from:	Gentoo [1] [2]
Patch by:	Michael Schrder [2]
VuXML:		26c9e8c6-1c99-11d9-814e-0001020eed82 [1]
Approved by:	erwin
@
text
@@

