Allow longer commandlines in MOUNT and IMGMOUNT.
Fix crash reported by MiniMax (mount -u 0).
Fix bug reported by Tearex ("config -get" broken).
Add some protection that makes it harder to mount a directory from
within an executable.
Add some protection to make mounting from command /c much harder.
Add a securemode commandline switch to config and dosbox that should make it
impossible to mount a location when this isn't wanted by the user. (Addresses concerns of CVE-2007-6328)
Update documentation to reflect this.
Imported-from: https://svn.code.sf.net/p/dosbox/code-0/dosbox/trunk@3114
This commit is contained in:
Peter Veenstra
parent
f2c40b9407
commit
3f2e4fbd83
9 changed files with 156 additions and 38 deletions
|
|
@ -16,7 +16,7 @@
|
|||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/* $Id: programs.h,v 1.15 2008-01-19 11:02:29 qbix79 Exp $ */
|
||||
/* $Id: programs.h,v 1.16 2008-03-02 11:13:46 qbix79 Exp $ */
|
||||
|
||||
#ifndef DOSBOX_PROGRAMS_H
|
||||
#define DOSBOX_PROGRAMS_H
|
||||
|
|
@ -77,6 +77,7 @@ public:
|
|||
Bitu GetEnvCount(void);
|
||||
bool SetEnv(const char * entry,const char * new_string);
|
||||
void WriteOut(const char * format,...); /* Write to standard output */
|
||||
void ChangeToLongCmd();
|
||||
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/* $Id: setup.h,v 1.32 2008-02-10 11:14:02 qbix79 Exp $ */
|
||||
/* $Id: setup.h,v 1.33 2008-03-02 11:13:46 qbix79 Exp $ */
|
||||
|
||||
#ifndef DOSBOX_SETUP_H
|
||||
#define DOSBOX_SETUP_H
|
||||
|
|
@ -300,8 +300,9 @@ private:
|
|||
typedef std::list<Section*>::const_iterator const_it;
|
||||
typedef std::list<Section*>::const_reverse_iterator const_reverse_it;
|
||||
void (* _start_function)(void);
|
||||
bool secure_mode; //Sandbox mode
|
||||
public:
|
||||
Config(CommandLine * cmd):cmdline(cmd){}
|
||||
Config(CommandLine * cmd):cmdline(cmd),secure_mode(false){}
|
||||
~Config();
|
||||
|
||||
Section_line * AddSection_line(char const * const _name,void (*_initfunction)(Section*));
|
||||
|
|
@ -318,6 +319,8 @@ public:
|
|||
void PrintConfig(char const * const configfilename) const;
|
||||
bool ParseConfigFile(char const * const configfilename);
|
||||
void ParseEnv(char ** envp);
|
||||
bool SecureMode() const { return secure_mode; }
|
||||
void SwitchToSecureMode() { secure_mode = true; }//can't be undone
|
||||
};
|
||||
|
||||
class Module_base {
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
/* $Id: shell.h,v 1.22 2007-10-28 10:58:49 qbix79 Exp $ */
|
||||
/* $Id: shell.h,v 1.23 2008-03-02 11:13:46 qbix79 Exp $ */
|
||||
|
||||
#ifndef DOSBOX_SHELL_H
|
||||
#define DOSBOX_SHELL_H
|
||||
|
|
@ -39,8 +39,11 @@ extern Bitu call_shellstop;
|
|||
/* first_shell is used to add and delete stuff from the shell env
|
||||
* by "external" programs. (config) */
|
||||
extern Program * first_shell;
|
||||
class DOS_Shell;
|
||||
|
||||
/* command_slashc indicates that the next commands are being run from command /c. Remove parameters for internal .COM files */
|
||||
extern bool command_slashc;
|
||||
|
||||
class DOS_Shell;
|
||||
|
||||
class BatchFile {
|
||||
public:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue