2017-11-18 17:09:20 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
2013-02-11 03:46:08 +01:00
|
|
|
|
2015-11-30 21:43:37 +01:00
|
|
|
#include <errno.h>
|
2013-02-11 03:46:08 +01:00
|
|
|
#include <limits.h>
|
2015-11-30 21:43:37 +01:00
|
|
|
#include <stdarg.h>
|
|
|
|
#include <stdlib.h>
|
2013-02-11 03:46:08 +01:00
|
|
|
#include <unistd.h>
|
|
|
|
|
2015-10-27 03:01:06 +01:00
|
|
|
#include "alloc-util.h"
|
|
|
|
#include "env-util.h"
|
2017-02-11 03:44:21 +01:00
|
|
|
#include "escape.h"
|
2015-11-30 21:43:37 +01:00
|
|
|
#include "extract-word.h"
|
|
|
|
#include "macro.h"
|
2015-12-01 23:22:03 +01:00
|
|
|
#include "parse-util.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
#include "string-util.h"
|
2013-02-11 03:46:08 +01:00
|
|
|
#include "strv.h"
|
|
|
|
#include "utf8.h"
|
|
|
|
|
|
|
|
#define VALID_CHARS_ENV_NAME \
|
2013-09-16 04:26:56 +02:00
|
|
|
DIGITS LETTERS \
|
2013-02-11 03:46:08 +01:00
|
|
|
"_"
|
|
|
|
|
|
|
|
static bool env_name_is_valid_n(const char *e, size_t n) {
|
|
|
|
const char *p;
|
|
|
|
|
|
|
|
if (!e)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (n <= 0)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (e[0] >= '0' && e[0] <= '9')
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* POSIX says the overall size of the environment block cannot
|
|
|
|
* be > ARG_MAX, an individual assignment hence cannot be
|
|
|
|
* either. Discounting the equal sign and trailing NUL this
|
|
|
|
* hence leaves ARG_MAX-2 as longest possible variable
|
|
|
|
* name. */
|
2018-10-17 16:27:20 +02:00
|
|
|
if (n > (size_t) sysconf(_SC_ARG_MAX) - 2)
|
2013-02-11 03:46:08 +01:00
|
|
|
return false;
|
|
|
|
|
|
|
|
for (p = e; p < e + n; p++)
|
|
|
|
if (!strchr(VALID_CHARS_ENV_NAME, *p))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool env_name_is_valid(const char *e) {
|
|
|
|
if (!e)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return env_name_is_valid_n(e, strlen(e));
|
|
|
|
}
|
|
|
|
|
|
|
|
bool env_value_is_valid(const char *e) {
|
|
|
|
if (!e)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (!utf8_is_valid(e))
|
|
|
|
return false;
|
|
|
|
|
2018-03-16 21:41:54 +01:00
|
|
|
/* bash allows tabs and newlines in environment variables, and so
|
|
|
|
* should we */
|
|
|
|
if (string_has_cc(e, "\t\n"))
|
2013-02-11 03:46:08 +01:00
|
|
|
return false;
|
|
|
|
|
|
|
|
/* POSIX says the overall size of the environment block cannot
|
|
|
|
* be > ARG_MAX, an individual assignment hence cannot be
|
|
|
|
* either. Discounting the shortest possible variable name of
|
|
|
|
* length 1, the equal sign and trailing NUL this hence leaves
|
|
|
|
* ARG_MAX-3 as longest possible variable value. */
|
2019-05-11 09:51:33 +02:00
|
|
|
if (strlen(e) > sc_arg_max() - 3)
|
2013-02-11 03:46:08 +01:00
|
|
|
return false;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool env_assignment_is_valid(const char *e) {
|
|
|
|
const char *eq;
|
|
|
|
|
|
|
|
eq = strchr(e, '=');
|
|
|
|
if (!eq)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (!env_name_is_valid_n(e, eq - e))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
if (!env_value_is_valid(eq + 1))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
/* POSIX says the overall size of the environment block cannot
|
|
|
|
* be > ARG_MAX, hence the individual variable assignments
|
2013-02-11 20:42:24 +01:00
|
|
|
* cannot be either, but let's leave room for one trailing NUL
|
2013-02-11 03:46:08 +01:00
|
|
|
* byte. */
|
2019-05-11 09:51:33 +02:00
|
|
|
if (strlen(e) > sc_arg_max() - 1)
|
2013-02-11 03:46:08 +01:00
|
|
|
return false;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool strv_env_is_valid(char **e) {
|
|
|
|
char **p, **q;
|
|
|
|
|
|
|
|
STRV_FOREACH(p, e) {
|
|
|
|
size_t k;
|
|
|
|
|
|
|
|
if (!env_assignment_is_valid(*p))
|
|
|
|
return false;
|
|
|
|
|
2018-09-30 21:20:08 +02:00
|
|
|
/* Check if there are duplicate assignments */
|
2013-02-11 03:46:08 +01:00
|
|
|
k = strcspn(*p, "=");
|
|
|
|
STRV_FOREACH(q, p + 1)
|
2013-02-12 21:47:36 +01:00
|
|
|
if (strneq(*p, *q, k) && (*q)[k] == '=')
|
2013-02-11 03:46:08 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-09-07 08:06:53 +02:00
|
|
|
bool strv_env_name_is_valid(char **l) {
|
2018-10-17 14:41:14 +02:00
|
|
|
char **p;
|
2015-09-07 08:06:53 +02:00
|
|
|
|
|
|
|
STRV_FOREACH(p, l) {
|
|
|
|
if (!env_name_is_valid(*p))
|
|
|
|
return false;
|
|
|
|
|
2018-10-17 14:41:14 +02:00
|
|
|
if (strv_contains(p + 1, *p))
|
|
|
|
return false;
|
2015-09-07 08:06:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-02-11 23:41:15 +01:00
|
|
|
bool strv_env_name_or_assignment_is_valid(char **l) {
|
2018-10-17 14:41:14 +02:00
|
|
|
char **p;
|
2013-02-11 23:41:15 +01:00
|
|
|
|
|
|
|
STRV_FOREACH(p, l) {
|
|
|
|
if (!env_assignment_is_valid(*p) && !env_name_is_valid(*p))
|
|
|
|
return false;
|
|
|
|
|
2018-10-17 14:41:14 +02:00
|
|
|
if (strv_contains(p + 1, *p))
|
|
|
|
return false;
|
2013-02-11 23:41:15 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-02-11 03:46:08 +01:00
|
|
|
static int env_append(char **r, char ***k, char **a) {
|
|
|
|
assert(r);
|
|
|
|
assert(k);
|
2018-10-17 20:08:42 +02:00
|
|
|
assert(*k >= r);
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
if (!a)
|
|
|
|
return 0;
|
|
|
|
|
2018-10-17 20:08:42 +02:00
|
|
|
/* Expects the following arguments: 'r' shall point to the beginning of an strv we are going to append to, 'k'
|
|
|
|
* to a pointer pointing to the NULL entry at the end of the same array. 'a' shall point to another strv.
|
|
|
|
*
|
|
|
|
* This call adds every entry of 'a' to 'r', either overriding an existing matching entry, or appending to it.
|
|
|
|
*
|
|
|
|
* This call assumes 'r' has enough pre-allocated space to grow by all of 'a''s items. */
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
for (; *a; a++) {
|
2018-10-17 20:08:42 +02:00
|
|
|
char **j, *c;
|
2013-02-11 03:46:08 +01:00
|
|
|
size_t n;
|
|
|
|
|
|
|
|
n = strcspn(*a, "=");
|
|
|
|
if ((*a)[n] == '=')
|
|
|
|
n++;
|
|
|
|
|
|
|
|
for (j = r; j < *k; j++)
|
2013-02-12 21:47:36 +01:00
|
|
|
if (strneq(*j, *a, n))
|
2013-02-11 03:46:08 +01:00
|
|
|
break;
|
|
|
|
|
2018-10-17 20:08:42 +02:00
|
|
|
c = strdup(*a);
|
|
|
|
if (!c)
|
2013-02-11 03:46:08 +01:00
|
|
|
return -ENOMEM;
|
2018-10-17 20:08:42 +02:00
|
|
|
|
|
|
|
if (j >= *k) { /* Append to the end? */
|
|
|
|
(*k)[0] = c;
|
|
|
|
(*k)[1] = NULL;
|
|
|
|
(*k)++;
|
|
|
|
} else
|
|
|
|
free_and_replace(*j, c); /* Override existing item */
|
2013-02-11 03:46:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
|
|
|
char **strv_env_merge(size_t n_lists, ...) {
|
2018-10-17 20:10:09 +02:00
|
|
|
_cleanup_strv_free_ char **ret = NULL;
|
|
|
|
size_t n = 0, i;
|
|
|
|
char **l, **k;
|
2013-02-11 03:46:08 +01:00
|
|
|
va_list ap;
|
|
|
|
|
|
|
|
/* Merges an arbitrary number of environment sets */
|
|
|
|
|
|
|
|
va_start(ap, n_lists);
|
|
|
|
for (i = 0; i < n_lists; i++) {
|
|
|
|
l = va_arg(ap, char**);
|
|
|
|
n += strv_length(l);
|
|
|
|
}
|
|
|
|
va_end(ap);
|
|
|
|
|
2018-10-17 20:10:09 +02:00
|
|
|
ret = new(char*, n+1);
|
|
|
|
if (!ret)
|
2013-02-11 03:46:08 +01:00
|
|
|
return NULL;
|
|
|
|
|
2018-10-17 20:10:09 +02:00
|
|
|
*ret = NULL;
|
|
|
|
k = ret;
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
va_start(ap, n_lists);
|
|
|
|
for (i = 0; i < n_lists; i++) {
|
|
|
|
l = va_arg(ap, char**);
|
2018-10-17 20:10:09 +02:00
|
|
|
if (env_append(ret, &k, l) < 0) {
|
|
|
|
va_end(ap);
|
|
|
|
return NULL;
|
|
|
|
}
|
2013-02-11 03:46:08 +01:00
|
|
|
}
|
|
|
|
va_end(ap);
|
|
|
|
|
2018-10-17 20:10:09 +02:00
|
|
|
return TAKE_PTR(ret);
|
2013-02-11 03:46:08 +01:00
|
|
|
}
|
|
|
|
|
2017-02-18 22:23:03 +01:00
|
|
|
static bool env_match(const char *t, const char *pattern) {
|
2013-02-11 03:46:08 +01:00
|
|
|
assert(t);
|
|
|
|
assert(pattern);
|
|
|
|
|
|
|
|
/* pattern a matches string a
|
|
|
|
* a matches a=
|
|
|
|
* a matches a=b
|
|
|
|
* a= matches a=
|
|
|
|
* a=b matches a=b
|
|
|
|
* a= does not match a
|
|
|
|
* a=b does not match a=
|
|
|
|
* a=b does not match a
|
|
|
|
* a=b does not match a=c */
|
|
|
|
|
|
|
|
if (streq(t, pattern))
|
|
|
|
return true;
|
|
|
|
|
|
|
|
if (!strchr(pattern, '=')) {
|
|
|
|
size_t l = strlen(pattern);
|
|
|
|
|
2013-02-12 21:47:36 +01:00
|
|
|
return strneq(t, pattern, l) && t[l] == '=';
|
2013-02-11 03:46:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
env-util,fileio: immediately replace variables in load_env_file_push()
strv_env_replace was calling env_match(), which in effect allowed multiple
values for the same key to be inserted into the environment block. That's
pointless, because APIs to access variables only return a single value (the
latest entry), so it's better to keep the block clean, i.e. with just a single
entry for each key.
Add a new helper function that simply tests if the part before '=' is equal in
two strings and use that in strv_env_replace.
In load_env_file_push, use strv_env_replace to immediately replace the previous
assignment with a matching name.
Afaict, none of the callers are materially affected by this change, but it
seems like some pointless work was being done, if the same value was set
multiple times. We'd go through parsing and assigning the value for each
entry. With this change, we handle just the last one.
2017-02-11 05:08:53 +01:00
|
|
|
static bool env_entry_has_name(const char *entry, const char *name) {
|
|
|
|
const char *t;
|
|
|
|
|
|
|
|
assert(entry);
|
|
|
|
assert(name);
|
|
|
|
|
|
|
|
t = startswith(entry, name);
|
|
|
|
if (!t)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return *t == '=';
|
|
|
|
}
|
|
|
|
|
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
|
|
|
char **strv_env_delete(char **x, size_t n_lists, ...) {
|
2013-02-11 03:46:08 +01:00
|
|
|
size_t n, i = 0;
|
|
|
|
char **k, **r;
|
|
|
|
va_list ap;
|
|
|
|
|
|
|
|
/* Deletes every entry from x that is mentioned in the other
|
|
|
|
* string lists */
|
|
|
|
|
|
|
|
n = strv_length(x);
|
|
|
|
|
|
|
|
r = new(char*, n+1);
|
|
|
|
if (!r)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
STRV_FOREACH(k, x) {
|
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
|
|
|
size_t v;
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
va_start(ap, n_lists);
|
|
|
|
for (v = 0; v < n_lists; v++) {
|
|
|
|
char **l, **j;
|
|
|
|
|
|
|
|
l = va_arg(ap, char**);
|
|
|
|
STRV_FOREACH(j, l)
|
|
|
|
if (env_match(*k, *j))
|
|
|
|
goto skip;
|
|
|
|
}
|
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
r[i] = strdup(*k);
|
|
|
|
if (!r[i]) {
|
|
|
|
strv_free(r);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
i++;
|
|
|
|
continue;
|
|
|
|
|
|
|
|
skip:
|
|
|
|
va_end(ap);
|
|
|
|
}
|
|
|
|
|
|
|
|
r[i] = NULL;
|
|
|
|
|
|
|
|
assert(i <= n);
|
|
|
|
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
char **strv_env_unset(char **l, const char *p) {
|
|
|
|
|
|
|
|
char **f, **t;
|
|
|
|
|
|
|
|
if (!l)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
assert(p);
|
|
|
|
|
|
|
|
/* Drops every occurrence of the env var setting p in the
|
2014-01-12 12:39:56 +01:00
|
|
|
* string list. Edits in-place. */
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
for (f = t = l; *f; f++) {
|
|
|
|
|
|
|
|
if (env_match(*f, p)) {
|
|
|
|
free(*f);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
*(t++) = *f;
|
|
|
|
}
|
2014-01-12 12:39:56 +01:00
|
|
|
|
|
|
|
*t = NULL;
|
|
|
|
return l;
|
|
|
|
}
|
|
|
|
|
|
|
|
char **strv_env_unset_many(char **l, ...) {
|
|
|
|
char **f, **t;
|
|
|
|
|
|
|
|
if (!l)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
/* Like strv_env_unset() but applies many at once. Edits in-place. */
|
|
|
|
|
|
|
|
for (f = t = l; *f; f++) {
|
|
|
|
bool found = false;
|
|
|
|
const char *p;
|
|
|
|
va_list ap;
|
|
|
|
|
|
|
|
va_start(ap, l);
|
|
|
|
|
|
|
|
while ((p = va_arg(ap, const char*))) {
|
|
|
|
if (env_match(*f, p)) {
|
|
|
|
found = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
if (found) {
|
|
|
|
free(*f);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
*(t++) = *f;
|
|
|
|
}
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
*t = NULL;
|
|
|
|
return l;
|
|
|
|
}
|
|
|
|
|
2016-10-28 03:15:59 +02:00
|
|
|
int strv_env_replace(char ***l, char *p) {
|
env-util,fileio: immediately replace variables in load_env_file_push()
strv_env_replace was calling env_match(), which in effect allowed multiple
values for the same key to be inserted into the environment block. That's
pointless, because APIs to access variables only return a single value (the
latest entry), so it's better to keep the block clean, i.e. with just a single
entry for each key.
Add a new helper function that simply tests if the part before '=' is equal in
two strings and use that in strv_env_replace.
In load_env_file_push, use strv_env_replace to immediately replace the previous
assignment with a matching name.
Afaict, none of the callers are materially affected by this change, but it
seems like some pointless work was being done, if the same value was set
multiple times. We'd go through parsing and assigning the value for each
entry. With this change, we handle just the last one.
2017-02-11 05:08:53 +01:00
|
|
|
const char *t, *name;
|
2018-10-17 20:11:52 +02:00
|
|
|
char **f;
|
|
|
|
int r;
|
2016-10-28 03:15:59 +02:00
|
|
|
|
|
|
|
assert(p);
|
|
|
|
|
2018-10-17 20:11:52 +02:00
|
|
|
/* Replace first occurrence of the env var or add a new one in the string list. Drop other occurrences. Edits
|
|
|
|
* in-place. Does not copy p. p must be a valid key=value assignment.
|
2016-10-28 03:15:59 +02:00
|
|
|
*/
|
|
|
|
|
env-util,fileio: immediately replace variables in load_env_file_push()
strv_env_replace was calling env_match(), which in effect allowed multiple
values for the same key to be inserted into the environment block. That's
pointless, because APIs to access variables only return a single value (the
latest entry), so it's better to keep the block clean, i.e. with just a single
entry for each key.
Add a new helper function that simply tests if the part before '=' is equal in
two strings and use that in strv_env_replace.
In load_env_file_push, use strv_env_replace to immediately replace the previous
assignment with a matching name.
Afaict, none of the callers are materially affected by this change, but it
seems like some pointless work was being done, if the same value was set
multiple times. We'd go through parsing and assigning the value for each
entry. With this change, we handle just the last one.
2017-02-11 05:08:53 +01:00
|
|
|
t = strchr(p, '=');
|
2018-10-17 20:11:52 +02:00
|
|
|
if (!t)
|
|
|
|
return -EINVAL;
|
env-util,fileio: immediately replace variables in load_env_file_push()
strv_env_replace was calling env_match(), which in effect allowed multiple
values for the same key to be inserted into the environment block. That's
pointless, because APIs to access variables only return a single value (the
latest entry), so it's better to keep the block clean, i.e. with just a single
entry for each key.
Add a new helper function that simply tests if the part before '=' is equal in
two strings and use that in strv_env_replace.
In load_env_file_push, use strv_env_replace to immediately replace the previous
assignment with a matching name.
Afaict, none of the callers are materially affected by this change, but it
seems like some pointless work was being done, if the same value was set
multiple times. We'd go through parsing and assigning the value for each
entry. With this change, we handle just the last one.
2017-02-11 05:08:53 +01:00
|
|
|
|
|
|
|
name = strndupa(p, t - p);
|
|
|
|
|
2018-10-17 20:11:52 +02:00
|
|
|
STRV_FOREACH(f, *l)
|
env-util,fileio: immediately replace variables in load_env_file_push()
strv_env_replace was calling env_match(), which in effect allowed multiple
values for the same key to be inserted into the environment block. That's
pointless, because APIs to access variables only return a single value (the
latest entry), so it's better to keep the block clean, i.e. with just a single
entry for each key.
Add a new helper function that simply tests if the part before '=' is equal in
two strings and use that in strv_env_replace.
In load_env_file_push, use strv_env_replace to immediately replace the previous
assignment with a matching name.
Afaict, none of the callers are materially affected by this change, but it
seems like some pointless work was being done, if the same value was set
multiple times. We'd go through parsing and assigning the value for each
entry. With this change, we handle just the last one.
2017-02-11 05:08:53 +01:00
|
|
|
if (env_entry_has_name(*f, name)) {
|
|
|
|
free_and_replace(*f, p);
|
|
|
|
strv_env_unset(f + 1, *f);
|
2016-10-28 03:15:59 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* We didn't find a match, we need to append p or create a new strv */
|
2018-10-17 20:11:52 +02:00
|
|
|
r = strv_push(l, p);
|
|
|
|
if (r < 0)
|
|
|
|
return r;
|
|
|
|
|
2016-10-28 03:15:59 +02:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2013-02-11 03:46:08 +01:00
|
|
|
char **strv_env_set(char **x, const char *p) {
|
2018-10-17 20:12:35 +02:00
|
|
|
_cleanup_strv_free_ char **ret = NULL;
|
|
|
|
size_t n, m;
|
2018-05-10 14:08:35 +02:00
|
|
|
char **k;
|
2013-02-11 03:46:08 +01:00
|
|
|
|
|
|
|
/* Overrides the env var setting of p, returns a new copy */
|
|
|
|
|
2018-10-17 20:12:35 +02:00
|
|
|
n = strv_length(x);
|
|
|
|
m = n + 2;
|
|
|
|
if (m < n) /* overflow? */
|
2013-02-11 03:46:08 +01:00
|
|
|
return NULL;
|
|
|
|
|
2018-10-17 20:12:35 +02:00
|
|
|
ret = new(char*, m);
|
|
|
|
if (!ret)
|
2018-05-10 14:08:35 +02:00
|
|
|
return NULL;
|
2013-02-11 03:46:08 +01:00
|
|
|
|
2018-10-17 20:12:35 +02:00
|
|
|
*ret = NULL;
|
|
|
|
k = ret;
|
|
|
|
|
|
|
|
if (env_append(ret, &k, x) < 0)
|
2018-05-10 14:08:35 +02:00
|
|
|
return NULL;
|
2013-02-11 03:46:08 +01:00
|
|
|
|
2018-10-17 20:12:35 +02:00
|
|
|
if (env_append(ret, &k, STRV_MAKE(p)) < 0)
|
|
|
|
return NULL;
|
2013-02-11 03:46:08 +01:00
|
|
|
|
2018-10-17 20:12:35 +02:00
|
|
|
return TAKE_PTR(ret);
|
2013-02-11 03:46:08 +01:00
|
|
|
}
|
|
|
|
|
2016-08-04 18:00:00 +02:00
|
|
|
char *strv_env_get_n(char **l, const char *name, size_t k, unsigned flags) {
|
2013-02-11 03:46:08 +01:00
|
|
|
char **i;
|
|
|
|
|
|
|
|
assert(name);
|
|
|
|
|
|
|
|
if (k <= 0)
|
|
|
|
return NULL;
|
|
|
|
|
2016-08-03 20:35:50 +02:00
|
|
|
STRV_FOREACH_BACKWARDS(i, l)
|
2013-02-12 21:47:36 +01:00
|
|
|
if (strneq(*i, name, k) &&
|
2013-02-11 03:46:08 +01:00
|
|
|
(*i)[k] == '=')
|
|
|
|
return *i + k + 1;
|
|
|
|
|
2016-08-04 18:00:00 +02:00
|
|
|
if (flags & REPLACE_ENV_USE_ENVIRONMENT) {
|
|
|
|
const char *t;
|
|
|
|
|
|
|
|
t = strndupa(name, k);
|
|
|
|
return getenv(t);
|
|
|
|
};
|
|
|
|
|
2013-02-11 03:46:08 +01:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
char *strv_env_get(char **l, const char *name) {
|
|
|
|
assert(name);
|
|
|
|
|
2016-08-04 18:00:00 +02:00
|
|
|
return strv_env_get_n(l, name, strlen(name), 0);
|
2013-02-11 03:46:08 +01:00
|
|
|
}
|
|
|
|
|
2014-12-23 19:04:56 +01:00
|
|
|
char **strv_env_clean_with_callback(char **e, void (*invalid_callback)(const char *p, void *userdata), void *userdata) {
|
2013-02-11 03:46:08 +01:00
|
|
|
char **p, **q;
|
|
|
|
int k = 0;
|
|
|
|
|
|
|
|
STRV_FOREACH(p, e) {
|
|
|
|
size_t n;
|
|
|
|
bool duplicate = false;
|
|
|
|
|
|
|
|
if (!env_assignment_is_valid(*p)) {
|
2014-12-23 19:04:56 +01:00
|
|
|
if (invalid_callback)
|
|
|
|
invalid_callback(*p, userdata);
|
2013-02-11 03:46:08 +01:00
|
|
|
free(*p);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
n = strcspn(*p, "=");
|
|
|
|
STRV_FOREACH(q, p + 1)
|
2013-02-12 21:47:36 +01:00
|
|
|
if (strneq(*p, *q, n) && (*q)[n] == '=') {
|
2013-02-11 03:46:08 +01:00
|
|
|
duplicate = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (duplicate) {
|
|
|
|
free(*p);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
e[k++] = *p;
|
|
|
|
}
|
|
|
|
|
2013-10-02 19:38:28 +02:00
|
|
|
if (e)
|
|
|
|
e[k] = NULL;
|
|
|
|
|
2013-02-11 03:46:08 +01:00
|
|
|
return e;
|
|
|
|
}
|
2015-04-11 00:25:43 +02:00
|
|
|
|
2016-08-09 16:20:22 +02:00
|
|
|
char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) {
|
2015-04-11 00:25:43 +02:00
|
|
|
enum {
|
|
|
|
WORD,
|
|
|
|
CURLY,
|
2017-02-11 20:05:10 +01:00
|
|
|
VARIABLE,
|
|
|
|
VARIABLE_RAW,
|
2016-08-09 16:20:22 +02:00
|
|
|
TEST,
|
|
|
|
DEFAULT_VALUE,
|
|
|
|
ALTERNATE_VALUE,
|
2015-04-11 00:25:43 +02:00
|
|
|
} state = WORD;
|
|
|
|
|
2016-08-09 16:20:22 +02:00
|
|
|
const char *e, *word = format, *test_value;
|
2017-02-11 19:22:13 +01:00
|
|
|
char *k;
|
|
|
|
_cleanup_free_ char *r = NULL;
|
2016-08-09 16:20:22 +02:00
|
|
|
size_t i, len;
|
|
|
|
int nest = 0;
|
2015-04-11 00:25:43 +02:00
|
|
|
|
|
|
|
assert(format);
|
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
for (e = format, i = 0; *e && i < n; e ++, i ++)
|
2015-04-11 00:25:43 +02:00
|
|
|
switch (state) {
|
|
|
|
|
|
|
|
case WORD:
|
|
|
|
if (*e == '$')
|
|
|
|
state = CURLY;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case CURLY:
|
|
|
|
if (*e == '{') {
|
|
|
|
k = strnappend(r, word, e-word-1);
|
|
|
|
if (!k)
|
2017-02-11 19:22:13 +01:00
|
|
|
return NULL;
|
2015-04-11 00:25:43 +02:00
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
free_and_replace(r, k);
|
2015-04-11 00:25:43 +02:00
|
|
|
|
|
|
|
word = e-1;
|
|
|
|
state = VARIABLE;
|
2016-08-09 16:20:22 +02:00
|
|
|
nest++;
|
2015-04-11 00:25:43 +02:00
|
|
|
} else if (*e == '$') {
|
|
|
|
k = strnappend(r, word, e-word);
|
|
|
|
if (!k)
|
2017-02-11 19:22:13 +01:00
|
|
|
return NULL;
|
2015-04-11 00:25:43 +02:00
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
free_and_replace(r, k);
|
2015-04-11 00:25:43 +02:00
|
|
|
|
|
|
|
word = e+1;
|
|
|
|
state = WORD;
|
2017-02-11 20:05:10 +01:00
|
|
|
|
|
|
|
} else if (flags & REPLACE_ENV_ALLOW_BRACELESS && strchr(VALID_CHARS_ENV_NAME, *e)) {
|
|
|
|
k = strnappend(r, word, e-word-1);
|
|
|
|
if (!k)
|
|
|
|
return NULL;
|
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
free_and_replace(r, k);
|
2017-02-11 20:05:10 +01:00
|
|
|
|
|
|
|
word = e-1;
|
|
|
|
state = VARIABLE_RAW;
|
|
|
|
|
2015-04-11 00:25:43 +02:00
|
|
|
} else
|
|
|
|
state = WORD;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case VARIABLE:
|
|
|
|
if (*e == '}') {
|
|
|
|
const char *t;
|
|
|
|
|
2016-08-04 18:00:00 +02:00
|
|
|
t = strv_env_get_n(env, word+2, e-word-2, flags);
|
2015-04-11 00:25:43 +02:00
|
|
|
|
2019-07-11 19:14:16 +02:00
|
|
|
k = strjoin(r, t);
|
2015-04-11 00:25:43 +02:00
|
|
|
if (!k)
|
2017-02-11 19:22:13 +01:00
|
|
|
return NULL;
|
2015-04-11 00:25:43 +02:00
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
free_and_replace(r, k);
|
2015-04-11 00:25:43 +02:00
|
|
|
|
2016-08-09 16:20:22 +02:00
|
|
|
word = e+1;
|
|
|
|
state = WORD;
|
|
|
|
} else if (*e == ':') {
|
|
|
|
if (!(flags & REPLACE_ENV_ALLOW_EXTENDED))
|
|
|
|
/* Treat this as unsupported syntax, i.e. do no replacement */
|
|
|
|
state = WORD;
|
|
|
|
else {
|
|
|
|
len = e-word-2;
|
|
|
|
state = TEST;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case TEST:
|
|
|
|
if (*e == '-')
|
|
|
|
state = DEFAULT_VALUE;
|
|
|
|
else if (*e == '+')
|
|
|
|
state = ALTERNATE_VALUE;
|
|
|
|
else {
|
|
|
|
state = WORD;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
test_value = e+1;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case DEFAULT_VALUE: /* fall through */
|
|
|
|
case ALTERNATE_VALUE:
|
|
|
|
assert(flags & REPLACE_ENV_ALLOW_EXTENDED);
|
|
|
|
|
|
|
|
if (*e == '{') {
|
|
|
|
nest++;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (*e != '}')
|
|
|
|
break;
|
|
|
|
|
|
|
|
nest--;
|
2017-02-21 16:49:22 +01:00
|
|
|
if (nest == 0) {
|
2016-08-09 16:20:22 +02:00
|
|
|
const char *t;
|
|
|
|
_cleanup_free_ char *v = NULL;
|
|
|
|
|
|
|
|
t = strv_env_get_n(env, word+2, len, flags);
|
|
|
|
|
|
|
|
if (t && state == ALTERNATE_VALUE)
|
|
|
|
t = v = replace_env_n(test_value, e-test_value, env, flags);
|
|
|
|
else if (!t && state == DEFAULT_VALUE)
|
|
|
|
t = v = replace_env_n(test_value, e-test_value, env, flags);
|
|
|
|
|
2019-07-11 19:14:16 +02:00
|
|
|
k = strjoin(r, t);
|
2016-08-09 16:20:22 +02:00
|
|
|
if (!k)
|
|
|
|
return NULL;
|
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
free_and_replace(r, k);
|
2016-08-09 16:20:22 +02:00
|
|
|
|
2015-04-11 00:25:43 +02:00
|
|
|
word = e+1;
|
|
|
|
state = WORD;
|
|
|
|
}
|
|
|
|
break;
|
2017-02-11 20:05:10 +01:00
|
|
|
|
|
|
|
case VARIABLE_RAW:
|
|
|
|
assert(flags & REPLACE_ENV_ALLOW_BRACELESS);
|
|
|
|
|
|
|
|
if (!strchr(VALID_CHARS_ENV_NAME, *e)) {
|
|
|
|
const char *t;
|
|
|
|
|
|
|
|
t = strv_env_get_n(env, word+1, e-word-1, flags);
|
|
|
|
|
2019-07-11 19:14:16 +02:00
|
|
|
k = strjoin(r, t);
|
2017-02-11 20:05:10 +01:00
|
|
|
if (!k)
|
|
|
|
return NULL;
|
|
|
|
|
2018-02-25 17:26:22 +01:00
|
|
|
free_and_replace(r, k);
|
2017-02-11 20:05:10 +01:00
|
|
|
|
|
|
|
word = e--;
|
2016-08-09 16:20:22 +02:00
|
|
|
i--;
|
2017-02-11 20:05:10 +01:00
|
|
|
state = WORD;
|
|
|
|
}
|
|
|
|
break;
|
2015-04-11 00:25:43 +02:00
|
|
|
}
|
|
|
|
|
2017-02-11 20:05:10 +01:00
|
|
|
if (state == VARIABLE_RAW) {
|
|
|
|
const char *t;
|
|
|
|
|
|
|
|
assert(flags & REPLACE_ENV_ALLOW_BRACELESS);
|
|
|
|
|
|
|
|
t = strv_env_get_n(env, word+1, e-word-1, flags);
|
2019-07-11 19:14:16 +02:00
|
|
|
return strjoin(r, t);
|
2017-02-11 20:05:10 +01:00
|
|
|
} else
|
|
|
|
return strnappend(r, word, e-word);
|
2015-04-11 00:25:43 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
char **replace_env_argv(char **argv, char **env) {
|
|
|
|
char **ret, **i;
|
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
|
|
|
size_t k = 0, l = 0;
|
2015-04-11 00:25:43 +02:00
|
|
|
|
|
|
|
l = strv_length(argv);
|
|
|
|
|
|
|
|
ret = new(char*, l+1);
|
|
|
|
if (!ret)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
STRV_FOREACH(i, argv) {
|
|
|
|
|
|
|
|
/* If $FOO appears as single word, replace it by the split up variable */
|
2017-10-04 16:01:32 +02:00
|
|
|
if ((*i)[0] == '$' && !IN_SET((*i)[1], '{', '$')) {
|
2015-04-11 00:25:43 +02:00
|
|
|
char *e;
|
|
|
|
char **w, **m = NULL;
|
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
|
|
|
size_t q;
|
2015-04-11 00:25:43 +02:00
|
|
|
|
|
|
|
e = strv_env_get(env, *i+1);
|
|
|
|
if (e) {
|
|
|
|
int r;
|
|
|
|
|
2019-06-28 11:15:05 +02:00
|
|
|
r = strv_split_extract(&m, e, WHITESPACE, EXTRACT_RELAX|EXTRACT_UNQUOTE);
|
2015-04-11 00:25:43 +02:00
|
|
|
if (r < 0) {
|
|
|
|
ret[k] = NULL;
|
|
|
|
strv_free(ret);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
m = NULL;
|
|
|
|
|
|
|
|
q = strv_length(m);
|
|
|
|
l = l + q - 1;
|
|
|
|
|
2018-02-27 19:09:22 +01:00
|
|
|
w = reallocarray(ret, l + 1, sizeof(char *));
|
2015-04-11 00:25:43 +02:00
|
|
|
if (!w) {
|
|
|
|
ret[k] = NULL;
|
|
|
|
strv_free(ret);
|
|
|
|
strv_free(m);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = w;
|
|
|
|
if (m) {
|
|
|
|
memcpy(ret + k, m, q * sizeof(char*));
|
|
|
|
free(m);
|
|
|
|
}
|
|
|
|
|
|
|
|
k += q;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If ${FOO} appears as part of a word, replace it by the variable as-is */
|
2016-08-04 18:00:00 +02:00
|
|
|
ret[k] = replace_env(*i, env, 0);
|
2015-04-11 00:25:43 +02:00
|
|
|
if (!ret[k]) {
|
|
|
|
strv_free(ret);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
k++;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret[k] = NULL;
|
|
|
|
return ret;
|
|
|
|
}
|
2015-10-08 16:15:38 +02:00
|
|
|
|
|
|
|
int getenv_bool(const char *p) {
|
|
|
|
const char *e;
|
|
|
|
|
|
|
|
e = getenv(p);
|
|
|
|
if (!e)
|
|
|
|
return -ENXIO;
|
|
|
|
|
|
|
|
return parse_boolean(e);
|
|
|
|
}
|
2017-02-11 03:44:21 +01:00
|
|
|
|
2017-09-14 09:20:27 +02:00
|
|
|
int getenv_bool_secure(const char *p) {
|
|
|
|
const char *e;
|
|
|
|
|
|
|
|
e = secure_getenv(p);
|
|
|
|
if (!e)
|
|
|
|
return -ENXIO;
|
|
|
|
|
|
|
|
return parse_boolean(e);
|
|
|
|
}
|