Merge pull request #10438 from poettering/path-is-valid
be a bit more carful when processing transient socket paths via the bus
This commit is contained in:
Yu Watanabe
GitHub
commit
103341f9f8
|
|
@ -38,9 +38,9 @@
|
|||
/* Append an item to the list */
|
||||
#define LIST_APPEND(name,head,item) \
|
||||
do { \
|
||||
typeof(*(head)) *_tail; \
|
||||
LIST_FIND_TAIL(name,head,_tail); \
|
||||
LIST_INSERT_AFTER(name,head,_tail,item); \
|
||||
typeof(*(head)) **_hhead = &(head), *_tail; \
|
||||
LIST_FIND_TAIL(name, *_hhead, _tail); \
|
||||
LIST_INSERT_AFTER(name, *_hhead, _tail, item); \
|
||||
} while (false)
|
||||
|
||||
/* Remove an item from the list */
|
||||
|
|
|
|||
|
|
@ -779,7 +779,18 @@ bool filename_is_valid(const char *p) {
|
|||
if (*e != 0)
|
||||
return false;
|
||||
|
||||
if (e - p > FILENAME_MAX)
|
||||
if (e - p > FILENAME_MAX) /* FILENAME_MAX is counted *without* the trailing NUL byte */
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool path_is_valid(const char *p) {
|
||||
|
||||
if (isempty(p))
|
||||
return false;
|
||||
|
||||
if (strlen(p) >= PATH_MAX) /* PATH_MAX is counted *with* the trailing NUL byte */
|
||||
return false;
|
||||
|
||||
return true;
|
||||
|
|
@ -787,7 +798,7 @@ bool filename_is_valid(const char *p) {
|
|||
|
||||
bool path_is_normalized(const char *p) {
|
||||
|
||||
if (isempty(p))
|
||||
if (!path_is_valid(p))
|
||||
return false;
|
||||
|
||||
if (dot_or_dot_dot(p))
|
||||
|
|
@ -796,9 +807,6 @@ bool path_is_normalized(const char *p) {
|
|||
if (startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../"))
|
||||
return false;
|
||||
|
||||
if (strlen(p)+1 > PATH_MAX)
|
||||
return false;
|
||||
|
||||
if (startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./"))
|
||||
return false;
|
||||
|
||||
|
|
|
|||
|
|
@ -134,6 +134,7 @@ char* dirname_malloc(const char *path);
|
|||
const char *last_path_component(const char *path);
|
||||
|
||||
bool filename_is_valid(const char *p) _pure_;
|
||||
bool path_is_valid(const char *p) _pure_;
|
||||
bool path_is_normalized(const char *p) _pure_;
|
||||
|
||||
char *file_in_same_dir(const char *path, const char *filename);
|
||||
|
|
|
|||
|
|
@ -351,16 +351,27 @@ static int bus_socket_set_transient_property(
|
|||
while ((r = sd_bus_message_read(message, "(ss)", &t, &a)) > 0) {
|
||||
_cleanup_free_ SocketPort *p = NULL;
|
||||
|
||||
p = new0(SocketPort, 1);
|
||||
p = new(SocketPort, 1);
|
||||
if (!p)
|
||||
return log_oom();
|
||||
|
||||
*p = (SocketPort) {
|
||||
.fd = -1,
|
||||
.socket = s,
|
||||
};
|
||||
|
||||
p->type = socket_port_type_from_string(t);
|
||||
if (p->type < 0)
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unknown Socket type: %s", t);
|
||||
|
||||
if (p->type != SOCKET_SOCKET) {
|
||||
if (!path_is_valid(p->path))
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid socket path: %s", t);
|
||||
|
||||
p->path = strdup(a);
|
||||
if (!p->path)
|
||||
return log_oom();
|
||||
|
||||
path_simplify(p->path, false);
|
||||
|
||||
} else if (streq(t, "Netlink")) {
|
||||
|
|
@ -381,21 +392,10 @@ static int bus_socket_set_transient_property(
|
|||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Address family not supported: %s", a);
|
||||
}
|
||||
|
||||
p->fd = -1;
|
||||
p->auxiliary_fds = NULL;
|
||||
p->n_auxiliary_fds = 0;
|
||||
p->socket = s;
|
||||
|
||||
empty = false;
|
||||
|
||||
if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
|
||||
SocketPort *tail;
|
||||
|
||||
LIST_FIND_TAIL(port, s->ports, tail);
|
||||
LIST_INSERT_AFTER(port, s->ports, tail, p);
|
||||
|
||||
p = NULL;
|
||||
|
||||
LIST_APPEND(port, s->ports, TAKE_PTR(p));
|
||||
unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "Listen%s=%s", t, a);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue