mirror of https://github.com/moparisthebest/curl
HAVE_WRITABLE_ARGV is set if argv[] is writable on the system, and then
we attempt to hide some of the more sensitive command line arguments
This commit is contained in:
parent
30a46e1135
commit
7f67a28c2a
16
configure.in
16
configure.in
|
@ -318,6 +318,22 @@ if test -n "$RANDOM_FILE" ; then
|
||||||
[a suitable file to read random data from])
|
[a suitable file to read random data from])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
dnl **********************************************************************
|
||||||
|
dnl Check if the operating system allows programs to write to their own argv[]
|
||||||
|
dnl **********************************************************************
|
||||||
|
|
||||||
|
AC_MSG_CHECKING([if argv can be written to])
|
||||||
|
AC_TRY_RUN([
|
||||||
|
int main(int argc, char ** argv) {
|
||||||
|
argv[0][0] = ' ';
|
||||||
|
return (argv[0][0] == ' ')?0:1;
|
||||||
|
}
|
||||||
|
],
|
||||||
|
AC_DEFINE(HAVE_WRITABLE_ARGV, 1, [Define this symbol if your OS supports changing the contents of argv])
|
||||||
|
AC_MSG_RESULT(yes),
|
||||||
|
AC_MSG_RESULT(no)
|
||||||
|
)
|
||||||
|
|
||||||
dnl **********************************************************************
|
dnl **********************************************************************
|
||||||
dnl Check for the presence of Kerberos4 libraries and headers
|
dnl Check for the presence of Kerberos4 libraries and headers
|
||||||
dnl **********************************************************************
|
dnl **********************************************************************
|
||||||
|
|
|
@ -35,3 +35,6 @@
|
||||||
/* Define if you have the `poll' function. */
|
/* Define if you have the `poll' function. */
|
||||||
#undef HAVE_POLL
|
#undef HAVE_POLL
|
||||||
|
|
||||||
|
/* Define if you can write to argc[] strings */
|
||||||
|
#undef HAVE_WRITABLE_ARGV
|
||||||
|
|
||||||
|
|
19
src/main.c
19
src/main.c
|
@ -970,6 +970,21 @@ typedef enum {
|
||||||
PARAM_LAST
|
PARAM_LAST
|
||||||
} ParameterError;
|
} ParameterError;
|
||||||
|
|
||||||
|
static void cleanarg(char *str)
|
||||||
|
{
|
||||||
|
#ifdef HAVE_WRITABLE_ARGV
|
||||||
|
/* now that GetStr has copied the contents of nextarg, wipe the next
|
||||||
|
* argument out so that the username:password isn't displayed in the
|
||||||
|
* system process list */
|
||||||
|
if (str) {
|
||||||
|
size_t len = strlen(str);
|
||||||
|
memset(str, ' ', len);
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
(void)str;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
static ParameterError getparameter(char *flag, /* f or -long-flag */
|
static ParameterError getparameter(char *flag, /* f or -long-flag */
|
||||||
char *nextarg, /* NULL if unset */
|
char *nextarg, /* NULL if unset */
|
||||||
bool *usedarg, /* set to TRUE if the arg
|
bool *usedarg, /* set to TRUE if the arg
|
||||||
|
@ -1398,6 +1413,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
|
||||||
break;
|
break;
|
||||||
case 'e': /* private key passphrase */
|
case 'e': /* private key passphrase */
|
||||||
GetStr(&config->key_passwd, nextarg);
|
GetStr(&config->key_passwd, nextarg);
|
||||||
|
cleanarg(nextarg);
|
||||||
break;
|
break;
|
||||||
case 'f': /* crypto engine */
|
case 'f': /* crypto engine */
|
||||||
GetStr(&config->engine, nextarg);
|
GetStr(&config->engine, nextarg);
|
||||||
|
@ -1432,6 +1448,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
|
||||||
GetStr(&config->key_passwd, ptr);
|
GetStr(&config->key_passwd, ptr);
|
||||||
}
|
}
|
||||||
GetStr(&config->cert, nextarg);
|
GetStr(&config->cert, nextarg);
|
||||||
|
cleanarg(nextarg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
@ -1627,10 +1644,12 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
|
||||||
case 'u':
|
case 'u':
|
||||||
/* user:password */
|
/* user:password */
|
||||||
GetStr(&config->userpwd, nextarg);
|
GetStr(&config->userpwd, nextarg);
|
||||||
|
cleanarg(nextarg);
|
||||||
break;
|
break;
|
||||||
case 'U':
|
case 'U':
|
||||||
/* Proxy user:password */
|
/* Proxy user:password */
|
||||||
GetStr(&config->proxyuserpwd, nextarg);
|
GetStr(&config->proxyuserpwd, nextarg);
|
||||||
|
cleanarg(nextarg);
|
||||||
break;
|
break;
|
||||||
case 'v':
|
case 'v':
|
||||||
config->conf ^= CONF_VERBOSE; /* talk a lot */
|
config->conf ^= CONF_VERBOSE; /* talk a lot */
|
||||||
|
|
Loading…
Reference in New Issue