From fa9a6237de0e04771985fb86d6945ab0025cf7f6 Mon Sep 17 00:00:00 2001
From: Jaywalker <jwilliams@nsllc.com>
Date: Wed, 7 Feb 2018 01:52:36 -0600
Subject: Reverting to kb's gpgv version for now

---
 apt-pkg/contrib/gpgv.cc | 44 ++++++++++++++++----------------------------
 1 file changed, 16 insertions(+), 28 deletions(-)

diff --git a/apt-pkg/contrib/gpgv.cc b/apt-pkg/contrib/gpgv.cc
index 2bf275f5c..c5557f899 100644
--- a/apt-pkg/contrib/gpgv.cc
+++ b/apt-pkg/contrib/gpgv.cc
@@ -356,6 +356,21 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
 
    Args.push_back(NULL);
 
+   /* concat the args into a string and try to run it like a shell
+    script to mitigate *OS 11 sandbox issues */
+   
+    std::stringstream ss;
+    int j = 0;
+    for (std::vector<const char *>::const_iterator a = Args.begin(); *a != NULL; ++a)
+    {
+        if(j != 0)
+            ss << " ";
+        ss << *a;
+        j++;
+    }
+    
+    std::string ArgString = ss.str();
+
    if (Debug)
    {
       std::clog << "Preparing to exec: ";
@@ -393,34 +408,7 @@ void ExecGPGV(std::string const &File, std::string const &FileGPG,
    {
       if (statusfd != -1)
 	 dup2(fd[1], statusfd);
-      //I don't really C++, so I hope this is the best way to make a std::vector into a space separated C-string.
-      char *fullCmd = NULL;
-      char *tmpCmd = NULL;
-      bool firstTime = true;
-      int size = 0;
-      for (std::vector<const char *>::const_iterator a = Args.begin(); a != Args.end(); ++a) {
-	      size = strlen(*a) + 1; //Plus one for \0
-	      if (fullCmd != NULL) {
-		 size += strlen(fullCmd) + 1; //Plus one for space
-		 if (tmpCmd != NULL)
-		    free(tmpCmd);
-	         tmpCmd = (char *)malloc(sizeof(char) * (strlen(fullCmd) + 1));
-		 strcpy(tmpCmd, fullCmd);
-		 free(fullCmd);
-	      }
-	      fullCmd = (char *)malloc(sizeof(char) * size);
-	      if (tmpCmd == NULL)
-	         strcpy(fullCmd, *a);
-	      else
-	         sprintf(fullCmd, "%s %s\0", tmpCmd, *a);
-      }
-      if (tmpCmd != NULL)
-	      free(tmpCmd);
-      if (fullCmd != NULL) {
-	      RunCmd(fullCmd);
-	      free(fullCmd);
-      }
-      //execvp(Args[0], (char **) &Args[0]);
+      execlp("sh", "sh", "-c", ArgString.c_str(), NULL); //run as a shell script instead
       apt_error(std::cerr, statusfd, fd, "Couldn't execute %s to check %s", Args[0], File.c_str());
       local_exit(EINTERNAL);
    }
-- 
cgit v1.2.3