Bug Summary

File:OMOptim/ParadisEO-2.0.1/eo/src/utils/pipecom.cpp
Warning:line 70, column 23
Call to function 'vfork' is insecure as it can lead to denial of service situations in the parent process. Replace calls to vfork with calls to the safer 'posix_spawn' function

Annotated Source Code

[?] Use j/k keys for keyboard navigation

1/* ----------------------------------------------------------------------
2 * Where........: CMAP - Polytechnique
3 * File.........: pipecom.c
4 * Author.......: Bertrand Lamy (Equipe genetique)
5 * Created......: Mon Mar 13 13:50:11 1995
6 * Description..: Communication par pipe bidirectionnel avec un autre process
7 * ----------------------------------------------------------------------
8 */
9
10// MSC equivalent must be written and tested or some #idef instructions added
11// with a clear message at compile time that this is for Unix only ???
12
13#ifdef HAVE_CONFIG_H
14#include <config.h>
15#endif
16
17#ifndef _WINDOWS
18
19#include <cstdlib>
20#include <cstring>
21#include <stdio.h>
22#include <signal.h>
23#include <unistd.h>
24
25#include "pipecom.h"
26
27
28
29int Check( PCom *com )
30{
31 if( ! com ) {
32 fprintf( stderrstderr, "PipeCom: Null pointer.\n" );
33 fflush( stderrstderr );
34 return 0;
35 }
36 if( kill( com->pid, 0 ) != 0 ) {
37 fprintf( stderrstderr, "PipeCom: process doesn't exists.\n" );
38 fflush( stderrstderr );
39 return 0;
40 }
41 return 1;
42}
43
44
45PCom * PipeComOpen( char *prog )
46{
47 char *args[2];
48 args[0] = prog;
49 args[1] = NULL__null;
50 return PipeComOpenArgv( prog, args );
51}
52
53
54PCom * PipeComOpenArgv( char *prog, char *argv[] )
55{
56 int toFils[2];
57 int toPere[2];
58 int sonPid;
59 PCom * ret = NULL__null;
60
61 if( pipe( toFils ) < 0 ) {
62 perror( "PipeComOpen: Creating pipes" );
63 return ret;
64 }
65 if( pipe( toPere ) < 0 ) {
66 perror( "PipeComOpen: Creating pipes" );
67 return ret;
68 }
69
70 switch( (sonPid = vfork()) ) {
Call to function 'vfork' is insecure as it can lead to denial of service situations in the parent process. Replace calls to vfork with calls to the safer 'posix_spawn' function
71 case -1:
72 perror("PipeComOpen: fork failed" );
73 return ret;
74 break;
75
76 case 0:
77 /* --- Here's the son --- */
78 /* --- replace old stdin --- */
79 if( dup2( toFils[0], fileno(stdinstdin) ) < 0 ) {
80 perror( "PipeComOpen(son): could not connect" );
81 exit( -1 );
82 /* --- AVOIR: kill my father --- */
83 }
84 if( dup2( toPere[1], fileno(stdoutstdout) ) < 0 ) {
85 perror( "PipeComOpen(son): could not connect" );
86 exit( -1 );
87 }
88 if( execvp( prog, argv ) < 0 ) {
89 perror( prog );
90 perror( "PipeComOpen: can't exec" );
91 exit(1);
92 }
93 break;
94 default:
95 ret = (PCom *) malloc( sizeof(PCom) );
96 if( ! ret )
97 return NULL__null;
98
99 ret->fWrit = (FILE *)fdopen( toFils[1], "w" );
100 ret->fRead = (FILE *)fdopen( toPere[0], "r" );
101 ret->pid = sonPid;
102 }
103 return ret;
104}
105
106
107int PipeComSend( PCom *to, const char *line )
108{
109 int nb = 0;
110 if( ! Check(to ) )
111 return nb;
112 nb = fprintf( to->fWrit, line, 0 );
113 fflush( to->fWrit );
114 return nb;
115}
116
117
118int PipeComSendn( PCom *to, const char *data, int n )
119{
120 int nb = 0;
121 if( ! Check(to) )
122 return nb;
123
124 nb = fwrite( data, 1, n, to->fWrit );
125 fflush( to->fWrit );
126 return nb;
127}
128
129
130int PipeComReceive( PCom *from, char *data, int max )
131{
132 if( ! Check(from) )
133 return 0;
134 if( ! data ) {
135 fprintf( stderrstderr, "PipeComReceive: Invalid data pointer\n" );
136 fflush( stderrstderr );
137 return 0;
138 }
139 if( fgets( data, max, from->fRead ) )
140 return strlen(data);
141 return 0;
142}
143
144
145
146int PipeComClose( PCom *to )
147{
148 if( ! Check(to) )
149 return 0;
150 fclose( to->fRead );
151 fclose( to->fWrit );
152 free( to );
153 return 1;
154}
155
156
157
158int PipeComWaitFor( PCom *from, char *what )
159{
160 char buffer[256];
161 do {
162 if( ! PipeComReceive( from, buffer, 256 ) )
163 return 0;
164 } while( strcmp( buffer, what ) );
165 return 1;
166}
167
168#endif /*_MSC_VER*/
169
170
171// Local Variables:
172// coding: iso-8859-1
173// c-file-style: "Stroustrup"
174// fill-column: 80
175// End: