+ log_error(LOG_LEVEL_ERROR,
+ "No temporary-directory configured. Can't execute filter: %s",
+ name);
+ return NULL;
+ }
+
+ external_filter = get_external_filter(csp, name);
+
+ if (sizeof(file_name) < snprintf(file_name, sizeof(file_name),
+ "%s/privoxy-XXXXXXXX", csp->config->temporary_directory))
+ {
+ log_error(LOG_LEVEL_ERROR, "temporary-directory path too long");
+ return NULL;
+ }
+
+ fd = mkstemp(file_name);
+ if (fd == -1)
+ {
+ log_error(LOG_LEVEL_ERROR, "mkstemp() failed to create %s: %E", file_name);
+ return NULL;
+ }
+
+ fp = fdopen(fd, "w");
+ if (fp == NULL)
+ {
+ log_error(LOG_LEVEL_ERROR, "fdopen() failed: %E");
+ unlink(file_name);
+ return NULL;
+ }
+
+ /*
+ * The size may be zero if a previous filter discarded everything.
+ *
+ * This isn't necessary unintentional, so we just don't try
+ * to fwrite() nothing and let the user deal with the rest.
+ */
+ if ((*size != 0) && fwrite(content, *size, 1, fp) != 1)
+ {
+ log_error(LOG_LEVEL_ERROR, "fwrite(..., %d, 1, ..) failed: %E", *size);
+ unlink(file_name);
+ fclose(fp);
+ return NULL;
+ }
+ fclose(fp);
+
+ if (sizeof(cmd) < snprintf(cmd, sizeof(cmd), "%s < %s", external_filter, file_name))
+ {
+ log_error(LOG_LEVEL_ERROR,
+ "temporary-directory or external filter path too long");
+ unlink(file_name);
+ return NULL;
+ }
+
+ log_error(LOG_LEVEL_RE_FILTER, "Executing '%s': %s", name, cmd);
+
+ /*
+ * The locking is necessary to prevent other threads
+ * from overwriting the environment variables before
+ * the popen fork. Afterwards this no longer matters.
+ */
+ privoxy_mutex_lock(&external_filter_mutex);
+ set_privoxy_variables(csp);
+ fp = popen(cmd, "r");
+ privoxy_mutex_unlock(&external_filter_mutex);
+ if (fp == NULL)
+ {
+ log_error(LOG_LEVEL_ERROR, "popen(\"%s\", \"r\") failed: %E", cmd);
+ unlink(file_name);
+ return NULL;
+ }
+
+ /* Allocate at least one byte */
+ filter_output = malloc_or_die(*size + 1);
+
+ new_size = 0;
+ while (!feof(fp) && !ferror(fp))
+ {
+ size_t len;
+ /* Could be bigger ... */
+ enum { READ_LENGTH = 2048 };
+
+ if (new_size + READ_LENGTH >= *size)