summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--apt-pkg/contrib/gpgv.cc44
1 files changed, 16 insertions, 28 deletions
diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc
index 2bf275f5c..c5557f899 100644
--- a/apt-pkg/contrib/gpgv.cc
+++ b/apt-pkg/contrib/gpgv.cc
@@ -356,6 +356,21 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
Args.push_back(NULL);
+ /* concat the args into a string and try to run it like a shell
+ script to mitigate *OS 11 sandbox issues */
+
+ std::stringstream ss;
+ int j = 0;
+ for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
+ {
+ if(j != 0)
+ ss << " ";
+ ss << *a;
+ j++;
+ }
+
+ std::string ArgString = ss.str();
+
if (Debug)
{
std::clog << "Preparing to exec: ";
@@ -393,34 +408,7 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
{
if (statusfd != -1)
dup2(fd[1], statusfd);
- //I don't really C++, so I hope this is the best way to make a std::vector into a space separated C-string.
- char *fullCmd = NULL;
- char *tmpCmd = NULL;
- bool firstTime = true;
- int size = 0;
- for (std::vector<const char *>::const_iterator a = Args.begin(); a != Args.end(); ++a) {
- size = strlen(*a) + 1; //Plus one for \0
- if (fullCmd != NULL) {
- size += strlen(fullCmd) + 1; //Plus one for space
- if (tmpCmd != NULL)
- free(tmpCmd);
- tmpCmd = (char *)malloc(sizeof(char) * (strlen(fullCmd) + 1));
- strcpy(tmpCmd, fullCmd);
- free(fullCmd);
- }
- fullCmd = (char *)malloc(sizeof(char) * size);
- if (tmpCmd == NULL)
- strcpy(fullCmd, *a);
- else
- sprintf(fullCmd, "%s %s\0", tmpCmd, *a);
- }
- if (tmpCmd != NULL)
- free(tmpCmd);
- if (fullCmd != NULL) {
- RunCmd(fullCmd);
- free(fullCmd);
- }
- //execvp(Args[0], (char **) &Args[0]);
+ execlp("sh", "sh", "-c", ArgString.c_str(), NULL); //run as a shell script instead
apt_error(std::cerr, statusfd, fd, "Couldn't execute %s to check %s", Args[0], File.c_str());
local_exit(EINTERNAL);
}