summaryrefslogtreecommitdiff
path: root/apt-pkg
diff options
context:
space:
mode:
Diffstat (limited to 'apt-pkg')
-rw-r--r--apt-pkg/deb/debindexfile.cc23
1 files changed, 13 insertions, 10 deletions
diff --git a/apt-pkg/deb/debindexfile.cc b/apt-pkg/deb/debindexfile.cc
index f9864c67b..1cecb42cf 100644
--- a/apt-pkg/deb/debindexfile.cc
+++ b/apt-pkg/deb/debindexfile.cc
@@ -693,18 +693,21 @@ bool debDebPkgFileIndex::Merge(pkgCacheGenerator& Gen, OpProgress* Prog) const
// get the control data out of the deb file vid dpkg -I
// ... can I haz libdpkg?
- string cmd;
- // FIXME: shell injection
- strprintf(cmd, "dpkg -I %s control", DebFile.c_str());
- FILE *p = popen(cmd.c_str(), "r");
- if (p == NULL)
- return _error->Error("popen failed");
+ const char *Args[5] = {"/usr/bin/dpkg",
+ "-I",
+ DebFile.c_str(),
+ "control",
+ NULL};
+ FileFd PipeFd;
+ pid_t Child;
+ if(Popen(Args, PipeFd, Child, FileFd::ReadOnly) == false)
+ return _error->Error("Popen failed");
// FIXME: static buffer
char buf[8*1024];
- size_t n = fread(buf, 1, sizeof(buf)-1, p);
- if (n == 0)
- return _error->Errno("popen", "Failed to read dpkg pipe");
- pclose(p);
+ unsigned long long n = 0;
+ if(PipeFd.Read(buf, sizeof(buf)-1, &n) == false)
+ return _error->Errno("read", "Failed to read dpkg pipe");
+ ExecWait(Child, "Popen");
// now write the control data to a tempfile
SPtr<FileFd> DebControl = GetTempFile("deb-file-" + DebFile);