Verify validity of session name when received from outside
Only ASCII letters and digits are allowed.
This commit is contained in:
parent
1244d8d640
commit
4b549144d8
14
Makefile.am
14
Makefile.am
|
@ -2324,7 +2324,10 @@ if HAVE_ACL
|
||||||
libudev_core_la_SOURCES += \
|
libudev_core_la_SOURCES += \
|
||||||
src/udev/udev-builtin-uaccess.c \
|
src/udev/udev-builtin-uaccess.c \
|
||||||
src/login/logind-acl.c \
|
src/login/logind-acl.c \
|
||||||
src/login/sd-login.c
|
src/login/sd-login.c \
|
||||||
|
src/systemd/sd-login.h \
|
||||||
|
src/login/login-shared.c \
|
||||||
|
src/login/login-shared.h
|
||||||
|
|
||||||
libudev_core_la_LIBADD += \
|
libudev_core_la_LIBADD += \
|
||||||
libsystemd-acl.la
|
libsystemd-acl.la
|
||||||
|
@ -3759,7 +3762,9 @@ libsystemd_logind_core_la_SOURCES = \
|
||||||
src/login/logind-session-dbus.c \
|
src/login/logind-session-dbus.c \
|
||||||
src/login/logind-seat-dbus.c \
|
src/login/logind-seat-dbus.c \
|
||||||
src/login/logind-user-dbus.c \
|
src/login/logind-user-dbus.c \
|
||||||
src/login/logind-acl.h
|
src/login/logind-acl.h \
|
||||||
|
src/login/login-shared.c \
|
||||||
|
src/login/login-shared.h
|
||||||
|
|
||||||
libsystemd_logind_core_la_CFLAGS = \
|
libsystemd_logind_core_la_CFLAGS = \
|
||||||
$(AM_CFLAGS) \
|
$(AM_CFLAGS) \
|
||||||
|
@ -3860,7 +3865,10 @@ tests += \
|
||||||
test-login-tables
|
test-login-tables
|
||||||
|
|
||||||
libsystemd_login_la_SOURCES = \
|
libsystemd_login_la_SOURCES = \
|
||||||
src/login/sd-login.c
|
src/login/sd-login.c \
|
||||||
|
src/systemd/sd-login.h \
|
||||||
|
src/login/login-shared.c \
|
||||||
|
src/login/login-shared.h
|
||||||
|
|
||||||
libsystemd_login_la_CFLAGS = \
|
libsystemd_login_la_CFLAGS = \
|
||||||
$(AM_CFLAGS) \
|
$(AM_CFLAGS) \
|
||||||
|
|
3
TODO
3
TODO
|
@ -142,9 +142,6 @@ Features:
|
||||||
|
|
||||||
* journald: make sure ratelimit is actually really per-service with the new cgroup changes
|
* journald: make sure ratelimit is actually really per-service with the new cgroup changes
|
||||||
|
|
||||||
* libsystemd-logind: sd_session_is_active() and friends: verify
|
|
||||||
validity of session name before appending it to a path
|
|
||||||
|
|
||||||
* gparted needs to disable auto-activation of mount units somehow, or
|
* gparted needs to disable auto-activation of mount units somehow, or
|
||||||
maybe we should stop doing auto-activation of this after boot
|
maybe we should stop doing auto-activation of this after boot
|
||||||
entirely. https://bugzilla.gnome.org/show_bug.cgi?id=701676
|
entirely. https://bugzilla.gnome.org/show_bug.cgi?id=701676
|
||||||
|
|
8
src/login/login-shared.c
Normal file
8
src/login/login-shared.c
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
#include "login-shared.h"
|
||||||
|
#include "def.h"
|
||||||
|
|
||||||
|
bool session_id_valid(const char *id) {
|
||||||
|
assert(id);
|
||||||
|
|
||||||
|
return id + strspn(id, LETTERS DIGITS) == '\0';
|
||||||
|
}
|
3
src/login/login-shared.h
Normal file
3
src/login/login-shared.h
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
#include <stdbool.h>
|
||||||
|
|
||||||
|
bool session_id_valid(const char *id);
|
|
@ -554,6 +554,7 @@ static int bus_manager_create_session(Manager *m, DBusMessage *message) {
|
||||||
* the audit data and let's better register a new
|
* the audit data and let's better register a new
|
||||||
* ID */
|
* ID */
|
||||||
if (hashmap_get(m->sessions, id)) {
|
if (hashmap_get(m->sessions, id)) {
|
||||||
|
log_warning("Existing logind session ID %s used by new audit session, ignoring", id);
|
||||||
audit_id = 0;
|
audit_id = 0;
|
||||||
|
|
||||||
free(id);
|
free(id);
|
||||||
|
|
|
@ -41,6 +41,7 @@ Session* session_new(Manager *m, const char *id) {
|
||||||
|
|
||||||
assert(m);
|
assert(m);
|
||||||
assert(id);
|
assert(id);
|
||||||
|
assert(session_id_valid(id));
|
||||||
|
|
||||||
s = new0(Session, 1);
|
s = new0(Session, 1);
|
||||||
if (!s)
|
if (!s)
|
||||||
|
|
|
@ -29,6 +29,7 @@ typedef enum KillWho KillWho;
|
||||||
#include "logind.h"
|
#include "logind.h"
|
||||||
#include "logind-seat.h"
|
#include "logind-seat.h"
|
||||||
#include "logind-user.h"
|
#include "logind-user.h"
|
||||||
|
#include "login-shared.h"
|
||||||
|
|
||||||
typedef enum SessionState {
|
typedef enum SessionState {
|
||||||
SESSION_OPENING, /* Session scope is being created */
|
SESSION_OPENING, /* Session scope is being created */
|
||||||
|
|
|
@ -684,6 +684,12 @@ int manager_enumerate_sessions(Manager *m) {
|
||||||
if (!dirent_is_file(de))
|
if (!dirent_is_file(de))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
if (!session_id_valid(de->d_name)) {
|
||||||
|
log_warning("Invalid session file name '%s', ignoring.", de->d_name);
|
||||||
|
r = -EINVAL;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
k = manager_add_session(m, de->d_name, &s);
|
k = manager_add_session(m, de->d_name, &s);
|
||||||
if (k < 0) {
|
if (k < 0) {
|
||||||
log_error("Failed to add session by file name %s: %s", de->d_name, strerror(-k));
|
log_error("Failed to add session by file name %s: %s", de->d_name, strerror(-k));
|
||||||
|
|
|
@ -31,6 +31,7 @@
|
||||||
#include "sd-login.h"
|
#include "sd-login.h"
|
||||||
#include "strv.h"
|
#include "strv.h"
|
||||||
#include "fileio.h"
|
#include "fileio.h"
|
||||||
|
#include "login-shared.h"
|
||||||
|
|
||||||
_public_ int sd_pid_get_session(pid_t pid, char **session) {
|
_public_ int sd_pid_get_session(pid_t pid, char **session) {
|
||||||
if (pid < 0)
|
if (pid < 0)
|
||||||
|
@ -226,17 +227,19 @@ static int file_of_session(const char *session, char **_p) {
|
||||||
|
|
||||||
assert(_p);
|
assert(_p);
|
||||||
|
|
||||||
if (session)
|
if (session) {
|
||||||
|
if (!session_id_valid(session))
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
p = strappend("/run/systemd/sessions/", session);
|
p = strappend("/run/systemd/sessions/", session);
|
||||||
else {
|
} else {
|
||||||
char *buf;
|
_cleanup_free_ char *buf = NULL;
|
||||||
|
|
||||||
r = sd_pid_get_session(0, &buf);
|
r = sd_pid_get_session(0, &buf);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
p = strappend("/run/systemd/sessions/", buf);
|
p = strappend("/run/systemd/sessions/", buf);
|
||||||
free(buf);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!p)
|
if (!p)
|
||||||
|
@ -255,7 +258,6 @@ _public_ int sd_session_is_active(const char *session) {
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
r = parse_env_file(p, NEWLINE, "ACTIVE", &s, NULL);
|
r = parse_env_file(p, NEWLINE, "ACTIVE", &s, NULL);
|
||||||
|
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
|
|
@ -1511,9 +1511,7 @@ char *cg_unescape(const char *p) {
|
||||||
}
|
}
|
||||||
|
|
||||||
#define CONTROLLER_VALID \
|
#define CONTROLLER_VALID \
|
||||||
"0123456789" \
|
DIGITS LETTERS \
|
||||||
"abcdefghijklmnopqrstuvwxyz" \
|
|
||||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
|
|
||||||
"_"
|
"_"
|
||||||
|
|
||||||
bool cg_controller_is_valid(const char *p, bool allow_named) {
|
bool cg_controller_is_valid(const char *p, bool allow_named) {
|
||||||
|
|
|
@ -33,3 +33,8 @@
|
||||||
|
|
||||||
#define SIGNALS_CRASH_HANDLER SIGSEGV,SIGILL,SIGFPE,SIGBUS,SIGQUIT,SIGABRT
|
#define SIGNALS_CRASH_HANDLER SIGSEGV,SIGILL,SIGFPE,SIGBUS,SIGQUIT,SIGABRT
|
||||||
#define SIGNALS_IGNORE SIGPIPE
|
#define SIGNALS_IGNORE SIGPIPE
|
||||||
|
|
||||||
|
#define DIGITS "0123456789"
|
||||||
|
#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz"
|
||||||
|
#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||||
|
#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS
|
||||||
|
|
|
@ -27,11 +27,10 @@
|
||||||
#include "utf8.h"
|
#include "utf8.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "env-util.h"
|
#include "env-util.h"
|
||||||
|
#include "def.h"
|
||||||
|
|
||||||
#define VALID_CHARS_ENV_NAME \
|
#define VALID_CHARS_ENV_NAME \
|
||||||
"0123456789" \
|
DIGITS LETTERS \
|
||||||
"abcdefghijklmnopqrstuvwxyz" \
|
|
||||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
|
|
||||||
"_"
|
"_"
|
||||||
|
|
||||||
#ifndef ARG_MAX
|
#ifndef ARG_MAX
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "replace-var.h"
|
#include "replace-var.h"
|
||||||
|
#include "def.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generic infrastructure for replacing @FOO@ style variables in
|
* Generic infrastructure for replacing @FOO@ style variables in
|
||||||
|
@ -40,7 +41,7 @@ static int get_variable(const char *b, char **r) {
|
||||||
if (*b != '@')
|
if (*b != '@')
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
k = strspn(b + 1, "ABCDEFGHIJKLMNOPQRSTUVWXYZ_");
|
k = strspn(b + 1, UPPERCASE_LETTERS "_");
|
||||||
if (k <= 0 || b[k+1] != '@')
|
if (k <= 0 || b[k+1] != '@')
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
|
|
@ -26,11 +26,10 @@
|
||||||
#include "path-util.h"
|
#include "path-util.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "unit-name.h"
|
#include "unit-name.h"
|
||||||
|
#include "def.h"
|
||||||
|
|
||||||
#define VALID_CHARS \
|
#define VALID_CHARS \
|
||||||
"0123456789" \
|
DIGITS LETTERS \
|
||||||
"abcdefghijklmnopqrstuvwxyz" \
|
|
||||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
|
|
||||||
":-_.\\"
|
":-_.\\"
|
||||||
|
|
||||||
static const char* const unit_type_table[_UNIT_TYPE_MAX] = {
|
static const char* const unit_type_table[_UNIT_TYPE_MAX] = {
|
||||||
|
|
Loading…
Reference in a new issue