36 lines
1.3 KiB
Diff
36 lines
1.3 KiB
Diff
--- xloadimage.4.1/zio.c 1993-10-28 17:10:02.000000000 +0000
|
|
+++ xloadimage.4.1/zio.c 2005-02-28 15:32:05.895470680 +0000
|
|
@@ -210,9 +211,30 @@
|
|
if ((strlen(name) > strlen(filter->extension)) &&
|
|
!strcmp(filter->extension,
|
|
name + (strlen(name) - strlen(filter->extension)))) {
|
|
- debug(("Filtering image through '%s'\n", filter->filter));
|
|
- zf->type= ZPIPE;
|
|
- sprintf(buf, "%s %s", filter->filter, name);
|
|
+ char *fname, *t, *s;
|
|
+
|
|
+ /* meta-char protection from xli.
|
|
+ *
|
|
+ * protect in single quotes, replacing single quotes
|
|
+ * with '"'"', so worst-case expansion is 5x
|
|
+ */
|
|
+
|
|
+ s = fname = (char *) lmalloc(1 + (5 * strlen(name)) + 1 + 1);
|
|
+ *s++ = '\'';
|
|
+ for (t = name; *t; ++t) {
|
|
+ if ('\'' == *t) {
|
|
+ /* 'foo'bar' -> 'foo'"'"'bar' */
|
|
+ strcpy(s, "'\"'\"'");
|
|
+ s += strlen(s);
|
|
+ } else {
|
|
+ *s++ = *t;
|
|
+ }
|
|
+ }
|
|
+ strcpy (s, "'");
|
|
+ debug(("Filtering image through '%s'\n", filter->filter));
|
|
+ zf->type= ZPIPE;
|
|
+ sprintf(buf, "%s %s", filter->filter, fname);
|
|
+ lfree (fname);
|
|
if (! (zf->stream= popen(buf, "r"))) {
|
|
lfree((byte *)zf->filename);
|
|
zf->filename= NULL;
|