From a9d990a2602fca4f217705e356b449b0f42a7760 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Mon, 28 Apr 2014 17:09:29 +0200 Subject: use new Popen() --- apt-pkg/deb/debindexfile.cc | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'apt-pkg') diff --git a/apt-pkg/deb/debindexfile.cc b/apt-pkg/deb/debindexfile.cc index f9864c67b..1cecb42cf 100644 --- a/apt-pkg/deb/debindexfile.cc +++ b/apt-pkg/deb/debindexfile.cc @@ -693,18 +693,21 @@ bool debDebPkgFileIndex::Merge(pkgCacheGenerator& Gen, OpProgress* Prog) const // get the control data out of the deb file vid dpkg -I // ... can I haz libdpkg? - string cmd; - // FIXME: shell injection - strprintf(cmd, "dpkg -I %s control", DebFile.c_str()); - FILE *p = popen(cmd.c_str(), "r"); - if (p == NULL) - return _error->Error("popen failed"); + const char *Args[5] = {"/usr/bin/dpkg", + "-I", + DebFile.c_str(), + "control", + NULL}; + FileFd PipeFd; + pid_t Child; + if(Popen(Args, PipeFd, Child, FileFd::ReadOnly) == false) + return _error->Error("Popen failed"); // FIXME: static buffer char buf[8*1024]; - size_t n = fread(buf, 1, sizeof(buf)-1, p); - if (n == 0) - return _error->Errno("popen", "Failed to read dpkg pipe"); - pclose(p); + unsigned long long n = 0; + if(PipeFd.Read(buf, sizeof(buf)-1, &n) == false) + return _error->Errno("read", "Failed to read dpkg pipe"); + ExecWait(Child, "Popen"); // now write the control data to a tempfile SPtr DebControl = GetTempFile("deb-file-" + DebFile); -- cgit v1.2.3