diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-10-03 13:29:20 -0400 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-10-03 13:29:20 -0400 |
commit | 0b507b17a760b21e33fc52ff377db6aa5086c680 (patch) | |
tree | 472861f8e6dd3b70752b26feded8e0246e1103d9 /src/hostname | |
parent | 07c289875fd46331a430c43e8991d3c7407cb703 (diff) |
dbus: add some more safety checks before accepting data from bus clients
Diffstat (limited to 'src/hostname')
-rw-r--r-- | src/hostname/hostnamed.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c index 8f9d5a04f5..cd3ef491ac 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c @@ -451,6 +451,14 @@ static DBusHandlerResult hostname_message_handler( } else { char *h; + /* The icon name might ultimately be + * used as file name, so better be + * safe than sorry */ + if (k == PROP_ICON_NAME && !filename_is_safe(name)) + return bus_send_error_reply(connection, message, NULL, -EINVAL); + if (k == PROP_PRETTY_HOSTNAME && !string_is_safe(name)) + return bus_send_error_reply(connection, message, NULL, -EINVAL); + h = strdup(name); if (!h) goto oom; |