Now, tell me what havoc a buffer overflow would do in that particular situation, The program consisting of one singlel system call, that performs an osascript, no setuid, or anything. It serves no purpose of doing so intentionally, and since the buffer should be large enough, to hold any filename you can conjure up on OS X, it is hard to so accidentally as well.
( I actually did ponder it, while I went for sprintf, instsead of snprintf. )
Edit
I firmly believe that no one would create that buffer overflow for any other reason, than wreak havoc, but I still changed it to using snprintf, though I believe someone wanting to do something malignant, would rather replace the whole âcommandâ with something else.
Someone would probably go for something like this, as quick and dirty, and yet safer:
[code]/***********************************************************************
Name: isalis
Created: 05-21-2013
Author: McUsr
Usage:
Returns posix path of original item for file argument to stdout,
and sets exit code to zero, exits with 1 as exit code if it wasnât an
alias.
Source:
http://jongampark.wordpress.com/2008/12/23/resolving-aliases-using-cocoa/
Command line to compile:
gcc -O3 -I/System/Library/Frameworks/CoreFoundation.framework/Versions/A/Headers/ -o isalis isalis.m -lobjc -framework CoreFoundation -framework Cocoa
DISCLAIMER
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
fileURLWithPath: bruke denne, men encode any blanks first.
Then there is the toll-free bridging,
And I have to return the bookmark data that is a path, as a posix path.
*/
#import <Foundation/Foundation.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <CFNumber.h>
#include <CFURL.h>
static void usage(void) ;
int main (int argc, const char * argv[]) {
UInt8 *buf=NULL ;
char *orig_path;
Boolean notFound=YES;
if (argc < 2) {
usage() ;
exit(2) ;
}
size_t slen, max_path = (size_t) pathconf(".",_PC_PATH_MAX) ;
if ((slen=strlen(argv[1])) >= max_path )
exit(2) ;
orig_path=CFAllocatorAllocate(CFAllocatorGetDefault(), slen+1, 0);
orig_path=strcpy(orig_path,argv[1]) ;
CFStringRef pstr = CFStringCreateWithCStringNoCopy(NULL, orig_path,
kCFStringEncodingUTF8, kCFAllocatorNull);
CFURLRef url = CFURLCreateWithFileSystemPath( kCFAllocatorDefault,
(CFStringRef)pstr,
kCFURLPOSIXPathStyle, FALSE);
if (url != NULL) {
CFBooleanRef isalias=kCFBooleanFalse ;
CFErrorRef err=noErr ;
if ( CFURLCopyResourcePropertyForKey ( url,kCFURLIsAliasFileKey , &isalias, &err)) {
if (isalias == kCFBooleanTrue && err == noErr) {
Boolean isStale=NO;
CFDataRef bkMrk = CFURLCreateBookmarkDataFromFile(kCFAllocatorDefault , url, &err );
CFURLRef resolvedUrl = NULL ;
if ( err == noErr ) {
resolvedUrl =CFURLCreateByResolvingBookmarkData(kCFAllocatorDefault, bkMrk,
(CFURLBookmarkResolutionOptions)0, NULL, NULL, &isStale, &err) ;
}
CFRelease(bkMrk) ;
if (err == noErr && isalias == kCFBooleanTrue && resolvedUrl != NULL ) {
if (isStale == YES )
goto cleanup ;
else if (resolvedUrl != NULL) {
buf = calloc(max_path+1,1) ;
Boolean oktrans =CFURLGetFileSystemRepresentation(resolvedUrl, YES, buf,max_path) ;
if (oktrans ) {
fprintf(stdout,"%s\n",(char *)buf) ;
notFound=NO;
free(buf) ;
}
CFRelease(resolvedUrl);
}
}
CFRelease(url);
}
}
}
cleanup:
CFRelease(pstr) ;
return notFound;
}
static void usage(void) {
fprintf(stderr,âUsage: isalis [posix/path/to/file]\nâ);
fprintf(stderr,âPrints the path of the file to stdout, and exits with zero if the path given was an alias.\nâ);
}[/code]
It does take some more time, than figure out the osascript, but it is more satisfiable, and faster too. (Code originally snagged from a NSFileManager category I found here.)
Last changed 2013-5-24: It should not contain any code deprecated in Mountain Lion.