--- bluez-utils-2.15.orig/hcid/security.c 2005-08-18 21:33:49.000000000 +0100 +++ bluez-utils-2.15/hcid/security.c 2005-08-18 21:42:31.000000000 +0100 @@ -41,8 +41,8 @@ #include <syslog.h> #include <errno.h> #include <time.h> -#include <fcntl.h> -#include <time.h> +#include <malloc.h> +#include <ctype.h> #include <sys/ioctl.h> #include <sys/socket.h> @@ -236,9 +236,9 @@ { pin_code_reply_cp pr; struct sigaction sa; - char addr[18], str[255], *pin, name[20]; + char addr[18], str[512], *pin, name[249], tmp[497], *ptr; FILE *pipe; - int ret, len; + int i, ret, len; /* Run PIN helper in the separate process */ switch (fork()) { @@ -260,9 +260,25 @@ name[0] = 0; //hci_remote_name(dev, &ci->bdaddr, sizeof(name), name, 0); + memset(tmp, 0, sizeof(tmp)); + ptr = tmp; + + for (i = 0; i < 248 && name[i]; i++) + if (isprint(name[i])) { + switch (name[i]) { + case '"': + case '`': + case '$': + case '\\': + *ptr++ = '\\'; + } + *ptr++ = name[i]; + } else + *ptr++ = '.'; + ba2str(&ci->bdaddr, addr); - sprintf(str, "%s %s %s \'%s\'", hcid.pin_helper, - ci->out ? "out" : "in", addr, name); + snprintf(str, sizeof(str), "%s %s %s \"%s\"", hcid.pin_helper, + ci->out ? "out" : "in", addr, tmp); setenv("PATH", "/bin:/usr/bin:/usr/local/bin", 1);