void lts_file_set_table(lts_file_t lts,int type_no,value_table_t table){
if (SYSTEM(lts)->set_table) {
SYSTEM(lts)->values[type_no]=SYSTEM(lts)->set_table(lts,type_no,table);
} else {
SYSTEM(lts)->values[type_no]=table;
}
}
BOOL util_RemNamedObject(pUtility UtilBase, struct NamedObject *object, struct Message *message)
{
Forbid();
struct NameSpace *ns = SYSTEM(object)->no_Nos.nos_NameSpace;
if (ns == NULL)
{
if (message != NULL)
{
message->mn_Node.ln_Name = NULL;
ReplyMsg(message);
}
Permit();
return TRUE;
}
if (message == NULL)
{
if (SYSTEM(object)->no_Non.non_UseCount != 1)
{
Permit();
return TRUE;
}
}
SYSTEM(object)->no_Nos.nos_NameSpace = NULL;
ObtainSemaphore(&ns->ns_Semaphore);
Remove(&SYSTEM(object)->no_Non.non_Node);
if (message != NULL)
{
SYSTEM(object)->no_Nos.nos_RemoveMsg = message;
message->mn_Node.ln_Name = (STRPTR)object;
}
ReleaseSemaphore(&ns->ns_Semaphore);
Permit();
return ReleaseNamedObject(object);
}
void util_spawn(void)
{
char *cmd;
int rc;
DCL_THREADGBL_ACCESS;
SETUP_THREADGBL_ACCESS;
assert(1 >= TREF(parms_cnt));
if (0 == TREF(parms_cnt))
{
cmd = GETENV("SHELL");
if (!cmd)
cmd = "/bin/sh";
rc = SYSTEM(cmd);
if (-1 == rc)
PERROR("system : ");
} else
{
assert(TAREF1(parm_ary, TREF(parms_cnt) - 1));
assert((char *)-1L != (TAREF1(parm_ary, TREF(parms_cnt) - 1)));
rc = SYSTEM((TAREF1(parm_ary, TREF(parms_cnt) - 1)));
if (-1 == rc)
PERROR("system : ");
}
}
static struct NameSpace *getNameSpace(pUtility UtilBase, struct NamedObject *nameSpace)
{
struct NameSpace *ns = SYSTEM(UtilBase->RootSpace)->no_Nos.nos_NameSpace;
if (nameSpace)
{
ns = SYSTEM(nameSpace)->no_Nos.nos_NameSpace;
}
return ns;
}
void lts_file_complete(lts_file_t lts){
assert(!SYSTEM(lts)->fixed);
lts=SYSTEM(lts);
if (lts->read_init && !lts->push){
lts->push=default_push;
}
if (lts->write_init && !lts->pull){
lts->pull=default_pull;
}
lts->fixed=1;
}
BOOL util_ReleaseNamedObject(pUtility UtilBase, struct NamedObject *object)
{
if (!object) return TRUE;
Forbid();
SYSTEM(object)->no_Non.non_UseCount--;
if (SYSTEM(object)->no_Non.non_UseCount == 0)
{
if (SYSTEM(object)->no_Nos.nos_RemoveMsg != NULL) ReplyMsg(SYSTEM(object)->no_Nos.nos_RemoveMsg);
}
Permit();
return TRUE;
}
struct NamedObject *util_AllocNamedObjectA(pUtility UtilBase, STRPTR name, struct TagItem *tagList)
{
if (name == NULL) return NULL;
UINT32 ns = GetTagData(ANO_NameSpace, FALSE, tagList);
if (ns == TRUE) ns = sizeof(struct NameSpace);
UINT32 us = GetTagData(ANO_UserSpace, 0, tagList);
if (us != 0) us +=3;
UINT32 nameSize = Strlen((const char*)name);
UINT32 allocSize = ns + us + sizeof(struct NamedObj) + nameSize + 1;
UINT8 *mem = AllocVec(allocSize, MEMF_PUBLIC|MEMF_CLEAR);
if (mem == NULL) return NULL;
struct NamedObj *object = (struct NamedObj *) mem;
mem += sizeof(struct NamedObj);
if (ns) {
object->no_Nos.nos_NameSpace = (struct NameSpace *)mem;
mem += ns;
}
object->no_Non.non_Node.ln_Name = (STRPTR)mem;
Strcpy((char *)mem, (const char *)name);
mem += nameSize+1;
struct NamedObject *ret = (struct NamedObject *)BASEOBJECT(object); //&object->no_Nos;
if (us)
{
UINT32 align = (UINT32)mem;
align = (align+3) & ~0x03;
SYSTEM(ret)->no_Nos.nos_Object = (UINT8*)align;
}
UINT32 flags = GetTagData(ANO_Flags, 0, tagList);
struct NameSpace *namSp = SYSTEM(ret)->no_Nos.nos_NameSpace;
if (namSp != NULL)
{
namSp->ns_Flags = flags;
NewList((struct List *)&namSp->ns_Entries);
InitSemaphore(&namSp->ns_Semaphore);
}
INT8 prio = GetTagData(ANO_Priority, 0, tagList);
SYSTEM(ret)->no_Non.non_Node.ln_Pri = prio;
SYSTEM(ret)->no_Non.non_UseCount = 1;
return ret;
}
void *execute(char *exe) {
SYSTEM(dvorak);
SYSTEM(qwerty);
SYSTEM(videorun);
SYSTEM(ls);
SYSTEM(si);
SYSTEM(sanders_sweeper);
SYSTEM(communism);
SYSTEM(bs);
SYSTEM(the_iowa_caucus);
return NULL;
}
void set_mode(int new_mode)
{
object conn;
ACCESS_CHECK(previous_program() == LIB_CONN || SYSTEM() ||
calling_object() == this_object());
if (!this_object() || !query_conn() || new_mode == MODE_NOCHANGE) {
return;
}
/* we have to do it this way because set_mode is also called to handle return values for hooks in the user object */
/* this can happen more than once in a connection chain, so we need to intercept disconnects and do them */
/* in a 0 callout to avoid double destruction */
/* since network events are asynchronous anyway we aren't causing any actual harm */
if (new_mode == MODE_DISCONNECT) {
query_conn()->set_mode(MODE_BLOCK);
conn::close(nil, 1);
call_out("self_disconnect", 0);
return;
}
query_conn()->set_mode(new_mode);
}
object compile_object(string path, string code ...) {
argcheck(path, 1, "string");
if (!KERNEL() && !SYSTEM() ) {
#ifdef SECURITY_COMPILER_RW
if (!valid_write(path)) {
error("Permission denied.");
}
#endif
if (code && sizeof(code)) {
if (!valid_write(path)) {
error("Permission denied");
}
} else {
if (!valid_read(path)) {
error("Permission denied");
}
}
}
if (strlen(path) > 2) {
if (path[strlen(path) - 2] == '.' && path[strlen(path) - 1] == 'c')
path = path[..strlen(path) - 3];
}
if (find_object(COMPILER_D)) {
path = COMPILER_D->allow_object(path);
}
if (code && sizeof(code)) {
return driver->compile_object(path, code...);
} else {
return driver->compile_object(path);
}
}
void set_user(object new_user) {
if (!SYSTEM() && !COMMON() && !GAME()) {
error("Tylko autoryzowany kod może zmieniać użytkownika!");
}
user = new_user;
}
void CWE78_OS_Command_Injection__char_environment_system_31_bad()
{
char * data;
char data_buf[100] = FULL_COMMAND;
data = data_buf;
{
/* Append input from an environment variable to data */
size_t dataLen = strlen(data);
char * environment = GETENV(ENV_VARIABLE);
/* If there is data in the environment variable */
if (environment != NULL)
{
/* POTENTIAL FLAW: Read data from an environment variable */
strncat(data+dataLen, environment, 100-dataLen-1);
}
}
{
char * dataCopy = data;
char * data = dataCopy;
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
}
void util_help(void)
{
int rc;
char *help_option;
char help_cmd_string[HELP_CMD_STRING_SIZE];
DCL_THREADGBL_ACCESS;
SETUP_THREADGBL_ACCESS;
assert(1 >= TREF(parms_cnt));
assert(GTM_IMAGE < image_type && UTIL_HELP_IMAGES > image_type);
if (0 == TREF(parms_cnt))
help_option = utilImageGLDs[INVALID_IMAGE];
else
{
assert(TAREF1(parm_ary, TREF(parms_cnt) - 1));
assert((char *)-1L != (TAREF1(parm_ary, TREF(parms_cnt) - 1)));
help_option = (TAREF1(parm_ary, TREF(parms_cnt) - 1));
}
SNPRINTF(help_cmd_string, SIZEOF(help_cmd_string),
"$gtm_dist/mumps -run %%XCMD 'do ^GTMHELP(\"%s\",\"$gtm_dist/%shelp.gld\")'",
help_option, utilImageGLDs[image_type]);
rc = SYSTEM(help_cmd_string);
if (0 != rc)
rts_error_csa(NULL, VARLSTCNT(5) ERR_TEXT, 2, RTS_ERROR_TEXT("HELP command error"), rc);
}
void CWE78_OS_Command_Injection__char_environment_system_12_bad()
{
char * data;
char data_buf[100] = FULL_COMMAND;
data = data_buf;
if(globalReturnsTrueOrFalse())
{
{
/* Append input from an environment variable to data */
size_t dataLen = strlen(data);
char * environment = GETENV(ENV_VARIABLE);
/* If there is data in the environment variable */
if (environment != NULL)
{
/* POTENTIAL FLAW: Read data from an environment variable */
strncat(data+dataLen, environment, 100-dataLen-1);
}
}
}
else
{
/* FIX: Append a fixed string to data (not user / external input) */
strcat(data, "*.*");
}
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
void CWE78_OS_Command_Injection__wchar_t_file_system_01_bad()
{
wchar_t * data;
wchar_t data_buf[100] = FULL_COMMAND;
data = data_buf;
{
/* Read input from a file */
size_t dataLen = wcslen(data);
FILE * pFile;
/* if there is room in data, attempt to read the input from a file */
if (100-dataLen > 1)
{
pFile = fopen(FILENAME, "r");
if (pFile != NULL)
{
/* POTENTIAL FLAW: Read data from a file */
if (fgetws(data+dataLen, (int)(100-dataLen), pFile) == NULL)
{
printLine("fgetws() failed");
/* Restore NUL terminator if fgetws fails */
data[dataLen] = L'\0';
}
fclose(pFile);
}
}
}
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
lts_file_t lts_file_bare(const char* name,lts_type_t ltstype,int segments,lts_file_t settings,size_t user_size){
lts_file_t lts=(lts_file_t)HREmallocZero(hre_heap,system_size+user_size);
lts->states=(uint32_t*)HREmallocZero(hre_heap,segments*sizeof(uint32_t));
lts->edges=(uint64_t*)HREmallocZero(hre_heap,segments*sizeof(uint64_t));
lts->max_src_p1=(uint32_t*)HREmallocZero(hre_heap,segments*sizeof(uint32_t));
lts->max_dst_p1=(uint32_t*)HREmallocZero(hre_heap,segments*sizeof(uint32_t));
lts->expected_values=(uint32_t*)HREmallocZero(hre_heap,segments*sizeof(uint32_t));
lts->ctx=lts_file_context(settings) ? lts_file_context(settings) : HREglobal();
lts->name=strdup(name);
lts->user_size=user_size;
lts->ltstype=ltstype;
int N=lts_type_get_type_count(ltstype);
lts->values=(value_table_t*)HREmallocZero(hre_heap,N*sizeof(value_table_t));
lts->segments=segments;
if (settings){
settings=SYSTEM(settings);
lts->edge_owner=settings->edge_owner;
lts->init_mode=settings->init_mode;
lts->src_mode=settings->src_mode;
lts->dst_mode=settings->dst_mode;
}
lts->write_init=no_write_init;
lts->write_state=no_write_state;
lts->write_edge=no_write_edge;
return USER(lts);
}
void CWE78_OS_Command_Injection__wchar_t_environment_system_14_bad()
{
wchar_t * data;
wchar_t data_buf[100] = FULL_COMMAND;
data = data_buf;
if(globalFive==5)
{
{
/* Append input from an environment variable to data */
size_t dataLen = wcslen(data);
wchar_t * environment = GETENV(ENV_VARIABLE);
/* If there is data in the environment variable */
if (environment != NULL)
{
/* POTENTIAL FLAW: Read data from an environment variable */
wcsncat(data+dataLen, environment, 100-dataLen-1);
}
}
}
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
void set_toucher(string new_patcher)
{
ACCESS_CHECK(SYSTEM());
LOGD->post_message("system", LOG_WARN, previous_program() + " is using obsolete set_toucher.");
patcher = new_patcher;
}
static void default_push(lts_file_t src,lts_file_t dst){
if (SYSTEM(src)->ctx != SYSTEM(dst)->ctx) Abort("cannot copy between different contexts");
int me=HREme(SYSTEM(src)->ctx);
lts_type_t ltstype=lts_file_get_type(src);
int N1=lts_type_get_state_length(ltstype);
int N2=lts_type_get_state_label_count(ltstype);
int K=lts_type_get_edge_label_count(ltstype);
int do_state;
if (N1){
Print(infoLong,"vector length is %d",N1);
do_state=1;
} else {
do_state=N2?1:0;
N1=1;
}
int src_seg;
uint32_t src_state[N1];
int dst_seg;
uint32_t dst_state[N1];
uint32_t edge_labels[K];
if (me==0) {
Print(infoLong,"copying initial states");
int count=0;
while(lts_read_init(src,&src_seg,src_state)){
count++;
lts_write_init(dst,src_seg,src_state);
}
Print(infoLong,"%d initial state(s)",count);
}
for(int i=0;i<lts_file_owned_count(src);i++){
src_seg=lts_file_owned(src,i);
dst_seg=lts_file_owned(src,i);
if (do_state) {
Print(infoLong,"copying states of segment %d",src_seg);
uint32_t state_labels[N2];
while(lts_read_state(src,&src_seg,src_state,state_labels)){
lts_write_state(dst,src_seg,src_state,state_labels);
}
}
Print(infoLong,"copying edges of segment %d",src_seg);
while(lts_read_edge(src,&src_seg,src_state,&dst_seg,dst_state,edge_labels)){
lts_write_edge(dst,src_seg,src_state,dst_seg,dst_state,edge_labels);
}
}
Print(infoLong,"done");
}
CWE78_OS_Command_Injection__char_environment_system_83_goodG2B::~CWE78_OS_Command_Injection__char_environment_system_83_goodG2B()
{
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
STRPTR util_NamedObjectName(pUtility UtilBase, struct NamedObject *nos)
{
if (nos)
{
struct NamedObj *tmp = SYSTEM(nos);
return tmp->no_Non.non_Node.ln_Name;
}
return NULL;
}
/* goodG2B uses the GoodSource with the BadSink */
void CWE78_OS_Command_Injection__char_listen_socket_system_54e_goodG2BSink(char * data)
{
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
void destructed(int clone) {
int i, n;
if(SYSTEM() && clone) {
if(children) {
for(i = 0, n = sizeof(children); i < n; i++)
destruct_object(children[i]);
}
}
}
void lts_file_sync(lts_file_t lts){
lts=SYSTEM(lts);
int peers=HREpeers(lts->ctx);
HREreduce(lts->ctx,1,<s->roots,<s->roots,UInt32,Sum);
HREreduce(lts->ctx,peers,lts->states,lts->states,UInt32,Sum);
HREreduce(lts->ctx,peers,lts->edges,lts->edges,UInt64,Sum);
HREreduce(lts->ctx,peers,lts->max_src_p1,lts->max_src_p1,UInt32,Max);
HREreduce(lts->ctx,peers,lts->max_dst_p1,lts->max_dst_p1,UInt32,Max);
}
void CWE78_OS_Command_Injection__char_file_system_82_goodG2B::action(char * data)
{
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
void CWE78_OS_Command_Injection__wchar_t_console_system_41_goodG2BSink(wchar_t * data)
{
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
void USING() // USING
{
Push(Read16(cc_DOS_dash_FILE)); // DOS-FILE
UNMOUNT(); // UNMOUNT
SYSTEM(); // SYSTEM
SETFCB(); // SETFCB
W43C1(); // W43C1
DR2(); // DR2
}
CWE78_OS_Command_Injection__wchar_t_listen_socket_system_83_bad::~CWE78_OS_Command_Injection__wchar_t_listen_socket_system_83_bad()
{
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
void CWE78_OS_Command_Injection__char_environment_system_53d_badSink(char * data)
{
/* POTENTIAL FLAW: Execute command in data possibly leading to command injection */
if (SYSTEM(data) <= 0)
{
printLine("command execution failed!");
exit(1);
}
}
lts_file_t lts_get_template(lts_file_t file){
file=SYSTEM(file);
lts_file_t lts=(lts_file_t)HREmallocZero(hre_heap,system_size);
lts->init_mode=file->init_mode;
lts->edge_owner=file->edge_owner;
lts->src_mode=file->src_mode;
lts->dst_mode=file->dst_mode;
return USER(lts);
}
