Add timeout to run_command_write_fd and replace popen by execvpe
dump_systemstate runs many external commands. When one hungs,
dump_systemstate will block the crash-worker.
execvpe replaced popen because popen passes command to /bin/sh, and this
can potentially allow to run the malicious command if attacker can
modify the fragment of cmd, e.g:
void read_file(char *filename)
{
...
sprintf(buff, "cat %s", filename);
popen(buff, "r");
...
}
main()
{
char filename[] = "/etc/passwd;rm -rf /";
read_file(filename);
}
Change-Id: Id7b37c058869c27d3c4d282d9d2dd30d5b9ec80c