diff options
| author | Lennart Poettering <lennart@poettering.net> | 2012-03-12 22:22:16 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2012-03-12 22:22:21 +0100 |
| commit | 7f110ff9b8828b477e87de7b28c708cf69a3d008 (patch) | |
| tree | 651d0f8f32ce086872f1e262bb8caee795a04c67 /src/conf-parser.c | |
| parent | 669e49fe2c841e53f7f2196bbe5d614013429ecd (diff) | |
conf: enforce UTF8 validty everywhere
we need to make sure that configuration data we expose via the bus ends
up in using getting an assert(). Even though configuration data is only
parsed from trusted sources we should be more careful with what we read.
Diffstat (limited to 'src/conf-parser.c')
| -rw-r--r-- | src/conf-parser.c | 66 |
1 files changed, 51 insertions, 15 deletions
diff --git a/src/conf-parser.c b/src/conf-parser.c index c7dd01aa1d..135b175c09 100644 --- a/src/conf-parser.c +++ b/src/conf-parser.c @@ -30,6 +30,7 @@ #include "macro.h" #include "strv.h" #include "log.h" +#include "utf8.h" int config_item_table_lookup( void *table, @@ -584,14 +585,23 @@ int config_parse_string( assert(rvalue); assert(data); - if (*rvalue) { - if (!(n = strdup(rvalue))) - return -ENOMEM; - } else - n = NULL; + n = cunescape(rvalue); + if (!n) + return -ENOMEM; + + if (!utf8_is_valid(n)) { + log_error("[%s:%u] String is not UTF-8 clean, ignoring assignment: %s", filename, line, rvalue); + free(n); + return 0; + } free(*s); - *s = n; + if (*n) + *s = n; + else { + free(n); + *s = NULL; + } return 0; } @@ -614,12 +624,18 @@ int config_parse_path( assert(rvalue); assert(data); + if (!utf8_is_valid(rvalue)) { + log_error("[%s:%u] Path is not UTF-8 clean, ignoring assignment: %s", filename, line, rvalue); + return 0; + } + if (!path_is_absolute(rvalue)) { log_error("[%s:%u] Not an absolute path, ignoring: %s", filename, line, rvalue); return 0; } - if (!(n = strdup(rvalue))) + n = strdup(rvalue); + if (!n) return -ENOMEM; path_kill_slashes(n); @@ -646,6 +662,7 @@ int config_parse_strv( unsigned k; size_t l; char *state; + int r; assert(filename); assert(lvalue); @@ -656,7 +673,8 @@ int config_parse_strv( FOREACH_WORD_QUOTED(w, l, rvalue, state) k++; - if (!(n = new(char*, k+1))) + n = new(char*, k+1); + if (!n) return -ENOMEM; if (*sv) @@ -665,9 +683,21 @@ int config_parse_strv( else k = 0; - FOREACH_WORD_QUOTED(w, l, rvalue, state) - if (!(n[k++] = cunescape_length(w, l))) + FOREACH_WORD_QUOTED(w, l, rvalue, state) { + n[k] = cunescape_length(w, l); + if (!n[k]) { + r = -ENOMEM; goto fail; + } + + if (!utf8_is_valid(n[k])) { + log_error("[%s:%u] String is not UTF-8 clean, ignoring assignment: %s", filename, line, rvalue); + free(n[k]); + continue; + } + + k++; + } n[k] = NULL; free(*sv); @@ -680,7 +710,7 @@ fail: free(n[k-1]); free(n); - return -ENOMEM; + return r; } int config_parse_path_strv( @@ -710,7 +740,8 @@ int config_parse_path_strv( FOREACH_WORD_QUOTED(w, l, rvalue, state) k++; - if (!(n = new(char*, k+1))) + n = new(char*, k+1); + if (!n) return -ENOMEM; k = 0; @@ -719,11 +750,18 @@ int config_parse_path_strv( n[k] = (*sv)[k]; FOREACH_WORD_QUOTED(w, l, rvalue, state) { - if (!(n[k] = cunescape_length(w, l))) { + n[k] = strndup(w, l); + if (!n[k]) { r = -ENOMEM; goto fail; } + if (!utf8_is_valid(n[k])) { + log_error("[%s:%u] Path is not UTF-8 clean, ignoring assignment: %s", filename, line, rvalue); + free(n[k]); + continue; + } + if (!path_is_absolute(n[k])) { log_error("[%s:%u] Not an absolute path, ignoring: %s", filename, line, rvalue); free(n[k]); @@ -731,7 +769,6 @@ int config_parse_path_strv( } path_kill_slashes(n[k]); - k++; } @@ -742,7 +779,6 @@ int config_parse_path_strv( return 0; fail: - free(n[k]); for (; k > 0; k--) free(n[k-1]); free(n); |