[SATLUG] San Antonio's Daily WTF

R. Tyler Ballance tyler at bleepsoft.com
Thu Nov 30 17:05:12 CST 2006 

Nate, I see your machine-generated WTF, and raise you yet another C++  
human-generated WTF

I can go on like this all day, ain't no thang ;)


Anyways, this application runs as a system daemon (as root, no less)   
and receives un-authenticated plaintext XML from the network.

The stage is set, the actors are ready, lights up, and....ACTION!


	//  <SCRIPT>...</SCRIPT>

	int res = 0;

	std::string str = scew_element_name(root);
	if(0 != str.compare("SCRIPT")) {
		return false;
	}

	char CWD[PATH_MAX];
	char COMMAND[PATH_MAX];
	char ENVIRONMENT_VAR[PATH_MAX];

	getcwd( CWD, PATH_MAX );

	str = scew_element_contents( root );
	if( path[0] == '/' )
	{
		snprintf( COMMAND, PATH_MAX, "%s/%s", path.c_str(), str.c_str() );
	}
	else
	{
		snprintf( COMMAND, PATH_MAX, "%s/%s/%s", CWD, path.c_str(),  
str.c_str() );
	}

	if( package::_root[0] == '/' )
	{
		snprintf( ENVIRONMENT_VAR, sizeof( ENVIRONMENT_VAR), "PKGROOT=%s",  
package::_root.c_str() );
	}
	else
	{
		snprintf( ENVIRONMENT_VAR, sizeof( ENVIRONMENT_VAR), "PKGROOT=%s/% 
s", CWD, package::_root.c_str() );
	}
	putenv( ENVIRONMENT_VAR );

	if ((str.find("xml")) != std::string::npos)
		// we have an xml file, don't need to execute
		//return false; /* XXX: returning false prevents inf. loop, but  
"failure" to inst. scandef*/
		return true; /* XXX: returning true causes 'success' but inf. loops */

// execute the command here
	if (!system(str.c_str()))
		return true;
	else
		return false;


	// TO DO: validate the retun code with something in the xml
//	return( WEXITSTATUS( status ) == 0 );

	// TO DO: validate the retun code with... something (in the xml?)
	//return(0 == res);
	return true;


I've made the code a bit more anonymous. My comments and changes are  
centered around the "XXX:" bits, where I discovered one of the bugs  
was that it was trying to literally execute an XML file that it was  
being sent with data. It was around this point in time I started  
drafting a C# rewrite proposal :)


So, who wants to buy me a beer out of pity tomorrow afternoon? :)

Cheers

R. Tyler Ballance: Lead Mac Developer at bleep. software
contact: tyler at bleepsoft.com | jabber: tyler at jabber.geekisp.com

More information about the SATLUG mailing list