Kouhei Sutou
null+****@clear*****
Wed Apr 15 21:52:04 JST 2015
Kouhei Sutou 2015-04-15 21:52:04 +0900 (Wed, 15 Apr 2015) New Revision: 6f644d22458f4253afc3a2e8276ecadb96718a07 https://github.com/groonga/groonga/commit/6f644d22458f4253afc3a2e8276ecadb96718a07 Message: windows: stop to use getenv() on Windows Because getenv() is insecure function. Modified files: include/groonga/compat.h lib/ctx.c lib/ctx_impl_mrb.c lib/db.c lib/geo.c lib/ii.c lib/io.c lib/mrb.c lib/plugin.c lib/proc.c plugins/query_expanders/tsv.c Modified: include/groonga/compat.h (+29 -0) =================================================================== --- include/groonga/compat.h 2015-04-15 20:40:28 +0900 (9dab744) +++ include/groonga/compat.h 2015-04-15 21:52:04 +0900 (393decd) @@ -32,4 +32,33 @@ # endif /* __cplusplus */ #endif /* WIN32 */ +#define GRN_ENV_BUFFER_SIZE 1024 + +#ifdef WIN32 +# define grn_getenv(name, dest, dest_size) do { \ + char *dest_ = (dest); \ + size_t dest_size_ = (dest_size); \ + if (dest_size_ > 0) { \ + DWORD env_size; \ + env_size = GetEnvironmentVariableA((name), dest_, dest_size_); \ + if (env_size == 0 || env_size > dest_size_) { \ + dest_[0] = '\0'; \ + } \ + } \ + } while (0) +#else /* WIN32 */ +# define grn_getenv(name, dest, dest_size) do { \ + const char *env_value = getenv((name)); \ + char *dest_ = (dest); \ + size_t dest_size_ = (dest_size); \ + if (dest_size_ > 0) { \ + if (env_value) { \ + strncpy(dest_, env_value, dest_size_ - 1); \ + } else { \ + dest_[0] = '\0'; \ + } \ + } \ + } while (0) +#endif /* WIN32 */ + #endif /* GROONGA_COMPAT_H */ Modified: lib/ctx.c (+53 -17) =================================================================== --- lib/ctx.c 2015-04-15 20:40:28 +0900 (4ec2aab) +++ lib/ctx.c 2015-04-15 21:52:04 +0900 (9b2859b) @@ -612,8 +612,14 @@ grn_ctx_init_internal(grn_ctx *ctx, int flags) // if (ctx->stat != GRN_CTX_FIN) { return GRN_INVALID_ARGUMENT; } ERRCLR(ctx); ctx->flags = flags; - if (getenv("GRN_CTX_PER_DB") && strcmp(getenv("GRN_CTX_PER_DB"), "yes") == 0) { - ctx->flags |= GRN_CTX_PER_DB; + { + char grn_ctx_per_db_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_CTX_PER_DB", + grn_ctx_per_db_env, + GRN_ENV_BUFFER_SIZE); + if (grn_ctx_per_db_env[0] && strcmp(grn_ctx_per_db_env, "yes") == 0) { + ctx->flags |= GRN_CTX_PER_DB; + } } if (ERRP(ctx, GRN_ERROR)) { return ctx->rc; } ctx->stat = GRN_CTX_INITED; @@ -804,10 +810,12 @@ check_overcommit_memory(grn_ctx *ctx) static void check_grn_ja_skip_same_value_put(grn_ctx *ctx) { - const char *grn_ja_skip_same_value_put_env; + char grn_ja_skip_same_value_put_env[GRN_ENV_BUFFER_SIZE]; - grn_ja_skip_same_value_put_env = getenv("GRN_JA_SKIP_SAME_VALUE_PUT"); - if (grn_ja_skip_same_value_put_env && + grn_getenv("GRN_JA_SKIP_SAME_VALUE_PUT", + grn_ja_skip_same_value_put_env, + GRN_ENV_BUFFER_SIZE); + if (grn_ja_skip_same_value_put_env[0] && strcmp(grn_ja_skip_same_value_put_env, "no") == 0) { grn_ja_skip_same_value_put = GRN_FALSE; } @@ -844,22 +852,50 @@ grn_init(void) } // expand_stack(); #ifdef USE_FAIL_MALLOC - if (getenv("GRN_FMALLOC_PROB")) { - grn_fmalloc_prob = strtod(getenv("GRN_FMALLOC_PROB"), 0) * RAND_MAX; - if (getenv("GRN_FMALLOC_SEED")) { - srand((unsigned int)atoi(getenv("GRN_FMALLOC_SEED"))); - } else { - srand((unsigned int)time(NULL)); + { + char grn_fmalloc_prob_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_FMALLOC_PROB", + grn_fmalloc_prob_env, + GRN_ENV_BUFFER_SIZE); + if (grn_fmalloc_prob_env[0]) { + char grn_fmalloc_seed_env[GRN_ENV_BUFFER_SIZE]; + grn_fmalloc_prob = strtod(grn_fmalloc_prob_env, 0) * RAND_MAX; + grn_getenv("GRN_FMALLOC_SEED", + grn_fmalloc_seed_env, + GRN_ENV_BUFFER_SIZE); + if (grn_fmalloc_seed_env[0]) { + srand((unsigned int)atoi(grn_fmalloc_seed_env)); + } else { + srand((unsigned int)time(NULL)); + } } } - if (getenv("GRN_FMALLOC_FUNC")) { - grn_fmalloc_func = getenv("GRN_FMALLOC_FUNC"); + { + static char grn_fmalloc_func_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_FMALLOC_FUNC", + grn_fmalloc_func_env, + GRN_ENV_BUFFER_SIZE); + if (grn_fmalloc_func_env[0]) { + grn_fmalloc_func = grn_fmalloc_func_env; + } } - if (getenv("GRN_FMALLOC_FILE")) { - grn_fmalloc_file = getenv("GRN_FMALLOC_FILE"); + { + static char grn_fmalloc_file_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_FMALLOC_FILE", + grn_fmalloc_file_env, + GRN_ENV_BUFFER_SIZE); + if (grn_fmalloc_file_env[0]) { + grn_fmalloc_file = grn_fmalloc_file_env; + } } - if (getenv("GRN_FMALLOC_LINE")) { - grn_fmalloc_line = atoi(getenv("GRN_FMALLOC_LINE")); + { + char grn_fmalloc_line_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_FMALLOC_LINE", + grn_fmalloc_line_env, + GRN_ENV_BUFFER_SIZE); + if (grn_fmalloc_line_env) { + grn_fmalloc_line = atoi(grn_fmalloc_line_env); + } } #endif /* USE_FAIL_MALLOC */ if ((rc = grn_com_init())) { Modified: lib/ctx_impl_mrb.c (+5 -3) =================================================================== --- lib/ctx_impl_mrb.c 2015-04-15 20:40:28 +0900 (07c2c44) +++ lib/ctx_impl_mrb.c 2015-04-15 21:52:04 +0900 (4c1a2a3) @@ -147,9 +147,11 @@ grn_ctx_impl_mrb_init_bindings(grn_ctx *ctx) void grn_ctx_impl_mrb_init(grn_ctx *ctx) { - const char *grn_mruby_enabled; - grn_mruby_enabled = getenv("GRN_MRUBY_ENABLED"); - if (grn_mruby_enabled && strcmp(grn_mruby_enabled, "no") == 0) { + char grn_mruby_enabled[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_MRUBY_ENABLED", + grn_mruby_enabled, + GRN_ENV_BUFFER_SIZE); + if (grn_mruby_enabled[0] && strcmp(grn_mruby_enabled, "no") == 0) { ctx->impl->mrb.state = NULL; ctx->impl->mrb.base_directory[0] = '\0'; ctx->impl->mrb.module = NULL; Modified: lib/db.c (+13 -5) =================================================================== --- lib/db.c 2015-04-15 20:40:28 +0900 (85a730a) +++ lib/db.c 2015-04-15 21:52:04 +0900 (268ac9b) @@ -155,11 +155,15 @@ grn_db_create(grn_ctx *ctx, const char *path, grn_db_create_optarg *optarg) if ((s = GRN_MALLOC(sizeof(grn_db)))) { grn_bool use_default_db_key = GRN_TRUE; grn_bool use_pat_as_db_keys = GRN_FALSE; - if (getenv("GRN_DB_KEY")) { - if (!strcmp(getenv("GRN_DB_KEY"), "pat")) { + char grn_db_key_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_DB_KEY", + grn_db_key_env, + GRN_ENV_BUFFER_SIZE); + if (grn_db_key_env[0]) { + if (!strcmp(grn_db_key_env, "pat")) { use_default_db_key = GRN_FALSE; use_pat_as_db_keys = GRN_TRUE; - } else if (!strcmp(getenv("GRN_DB_KEY"), "dat")) { + } else if (!strcmp(grn_db_key_env, "dat")) { use_default_db_key = GRN_FALSE; } } @@ -7213,10 +7217,14 @@ build_index(grn_ctx *ctx, grn_obj *obj) } if (use_grn_ii_build) { uint64_t sparsity = 10; - if (getenv("GRN_INDEX_SPARSITY")) { + char grn_index_sparsity_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_INDEX_SPARSITY", + grn_index_sparsity_env, + GRN_ENV_BUFFER_SIZE); + if (grn_index_sparsity_env[0]) { uint64_t v; errno = 0; - v = strtoull(getenv("GRN_INDEX_SPARSITY"), NULL, 0); + v = strtoull(grn_index_sparsity_env, NULL, 0); if (!errno) { sparsity = v; } } grn_ii_build(ctx, ii, sparsity); Modified: lib/geo.c (+5 -3) =================================================================== --- lib/geo.c 2015-04-15 20:40:28 +0900 (cea9634) +++ lib/geo.c 2015-04-15 21:52:04 +0900 (20d89b9) @@ -1494,10 +1494,12 @@ grn_geo_cursor_open_in_rectangle(grn_ctx *ctx, } } { - const char *minimum_reduce_bit_env; + char minimum_reduce_bit_env[GRN_ENV_BUFFER_SIZE]; cursor->minimum_reduce_bit = 0; - minimum_reduce_bit_env = getenv("GRN_GEO_IN_RECTANGLE_MINIMUM_REDUCE_BIT"); - if (minimum_reduce_bit_env) { + grn_getenv("GRN_GEO_IN_RECTANGLE_MINIMUM_REDUCE_BIT", + minimum_reduce_bit_env, + GRN_ENV_BUFFER_SIZE); + if (minimum_reduce_bit_env[0]) { cursor->minimum_reduce_bit = atoi(minimum_reduce_bit_env); } if (cursor->minimum_reduce_bit < 1) { Modified: lib/ii.c (+11 -4) =================================================================== --- lib/ii.c 2015-04-15 20:40:28 +0900 (7c8247f) +++ lib/ii.c 2015-04-15 21:52:04 +0900 (4e98da4) @@ -4097,11 +4097,16 @@ exit : static inline void grn_ii_cursor_set_min(grn_ctx *ctx, grn_ii_cursor *c, grn_id min) { + char grn_ii_cursor_set_min_enable_env[GRN_ENV_BUFFER_SIZE]; + if (c->min >= min) { return; } - if (getenv("GRN_II_CURSOR_SET_MIN_ENABLE")) { + grn_getenv("GRN_II_CURSOR_SET_MIN_ENABLE", + grn_ii_cursor_set_min_enable_env, + GRN_ENV_BUFFER_SIZE); + if (grn_ii_cursor_set_min_enable_env[0]) { c->min = min; if (c->buf && c->pc.rid < c->min && c->curr_chunk < c->nchunks) { uint32_t i, skip_chunk = 0; @@ -6138,9 +6143,11 @@ grn_ii_select_sequential_search(grn_ctx *ctx, { /* Disabled by default. */ double too_many_index_match_ratio = -1; - const char *too_many_index_match_ratio_env = - getenv("GRN_II_SELECT_TOO_MANY_INDEX_MATCH_RATIO"); - if (too_many_index_match_ratio_env) { + char too_many_index_match_ratio_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_II_SELECT_TOO_MANY_INDEX_MATCH_RATIO", + too_many_index_match_ratio_env, + GRN_ENV_BUFFER_SIZE); + if (too_many_index_match_ratio_env[0]) { too_many_index_match_ratio = atof(too_many_index_match_ratio_env); } Modified: lib/io.c (+5 -3) =================================================================== --- lib/io.c 2015-04-15 20:40:28 +0900 (d93e836) +++ lib/io.c 2015-04-15 21:52:04 +0900 (8b65c83) @@ -106,10 +106,12 @@ inline static grn_rc grn_pwrite(grn_ctx *ctx, fileinfo *fi, void *buf, size_t co grn_rc grn_io_init(void) { - const char *version_env; + char version_env[GRN_ENV_BUFFER_SIZE]; - version_env = getenv("GRN_IO_VERSION"); - if (version_env) { + grn_getenv("GRN_IO_VERSION", + version_env, + GRN_ENV_BUFFER_SIZE); + if (version_env[0]) { grn_io_version_default = atoi(version_env); } Modified: lib/mrb.c (+8 -6) =================================================================== --- lib/mrb.c 2015-04-15 20:40:28 +0900 (4d1e4b5) +++ lib/mrb.c 2015-04-15 21:52:04 +0900 (64df928) @@ -64,14 +64,16 @@ grn_mrb_get_default_system_ruby_scripts_dir(void) const char * grn_mrb_get_system_ruby_scripts_dir(grn_ctx *ctx) { - const char *ruby_scripts_dir; + static char ruby_scripts_dir[GRN_ENV_BUFFER_SIZE]; - ruby_scripts_dir = getenv("GRN_RUBY_SCRIPTS_DIR"); - if (!ruby_scripts_dir) { - ruby_scripts_dir = grn_mrb_get_default_system_ruby_scripts_dir(); + grn_getenv("GRN_RUBY_SCRIPTS_DIR", + ruby_scripts_dir, + GRN_ENV_BUFFER_SIZE); + if (ruby_scripts_dir[0]) { + return ruby_scripts_dir; + } else { + return grn_mrb_get_default_system_ruby_scripts_dir(); } - - return ruby_scripts_dir; } static grn_bool Modified: lib/plugin.c (+8 -6) =================================================================== --- lib/plugin.c 2015-04-15 20:40:28 +0900 (a0d119c) +++ lib/plugin.c 2015-04-15 21:52:04 +0900 (5dc66dc) @@ -513,14 +513,16 @@ grn_plugin_get_default_system_plugins_dir(void) const char * grn_plugin_get_system_plugins_dir(void) { - const char *plugins_dir; + char plugins_dir[GRN_ENV_BUFFER_SIZE]; - plugins_dir = getenv("GRN_PLUGINS_DIR"); - if (!plugins_dir) { - plugins_dir = grn_plugin_get_default_system_plugins_dir(); + grn_getenv("GRN_PLUGINS_DIR", + plugins_dir, + GRN_ENV_BUFFER_SIZE); + if (plugins_dir) { + return plugins_dir; + } else { + return grn_plugin_get_default_system_plugins_dir(); } - - return plugins_dir; } static char * Modified: lib/proc.c (+10 -6) =================================================================== --- lib/proc.c 2015-04-15 20:40:28 +0900 (dfcf010) +++ lib/proc.c 2015-04-15 21:52:04 +0900 (e923eff) @@ -5712,9 +5712,11 @@ selector_between_sequential_search(grn_ctx *ctx, double too_many_index_match_ratio = 0.01; { - const char *too_many_index_match_ratio_env = - getenv("GRN_BETWEEN_TOO_MANY_INDEX_MATCH_RATIO"); - if (too_many_index_match_ratio_env) { + char too_many_index_match_ratio_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_BETWEEN_TOO_MANY_INDEX_MATCH_RATIO", + too_many_index_match_ratio_env, + GRN_ENV_BUFFER_SIZE); + if (too_many_index_match_ratio_env[0]) { too_many_index_match_ratio = atof(too_many_index_match_ratio_env); } } @@ -6208,9 +6210,11 @@ selector_in_values_sequential_search(grn_ctx *ctx, double too_many_index_match_ratio = 0.01; { - const char *too_many_index_match_ratio_env = - getenv("GRN_IN_VALUES_TOO_MANY_INDEX_MATCH_RATIO"); - if (too_many_index_match_ratio_env) { + char too_many_index_match_ratio_env[GRN_ENV_BUFFER_SIZE]; + grn_getenv("GRN_IN_VALUES_TOO_MANY_INDEX_MATCH_RATIO", + too_many_index_match_ratio_env, + GRN_ENV_BUFFER_SIZE); + if (too_many_index_match_ratio_env[0]) { too_many_index_match_ratio = atof(too_many_index_match_ratio_env); } } Modified: plugins/query_expanders/tsv.c (+8 -3) =================================================================== --- plugins/query_expanders/tsv.c 2015-04-15 20:40:28 +0900 (ddba662) +++ plugins/query_expanders/tsv.c 2015-04-15 21:52:04 +0900 (51cb661) @@ -1,5 +1,5 @@ /* -*- c-basic-offset: 2 -*- */ -/* Copyright(C) 2012 Brazil +/* Copyright(C) 2012-2015 Brazil This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public @@ -195,14 +195,19 @@ parse_synonyms_file_line(grn_ctx *ctx, const char *line, int line_length, static void load_synonyms(grn_ctx *ctx) { + static char path_env[GRN_ENV_BUFFER_SIZE]; const char *path; FILE *file; int number_of_lines; grn_encoding encoding; grn_obj line, key, value; - path = getenv("GRN_QUERY_EXPANDER_TSV_SYNONYMS_FILE"); - if (!path) { + grn_getenv("GRN_QUERY_EXPANDER_TSV_SYNONYMS_FILE", + path_env, + GRN_ENV_BUFFER_SIZE); + if (path_env[0]) { + path = path_env; + } else { path = get_system_synonyms_file(); } file = fopen(path, "r"); -------------- next part -------------- HTML����������������������������... Descargar