summaryrefslogtreecommitdiff
path: root/src/shared/cgroup-util.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-01-19 00:59:19 +0100
committerLennart Poettering <lennart@poettering.net>2013-01-19 01:02:30 +0100
commite884315e3d28df0d5f4e7d4590730e9760b8f447 (patch)
treeea794f1ccbc81cd45982d36ee1996ed28e265c7a /src/shared/cgroup-util.c
parentadf36dd0aec564a00a7445e328c3e27f44938629 (diff)
cgroup: additional validity checks for cgroup attribute names
Diffstat (limited to 'src/shared/cgroup-util.c')
-rw-r--r--src/shared/cgroup-util.c64
1 files changed, 50 insertions, 14 deletions
diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c
index f0d0d4855b..acace52bc8 100644
--- a/src/shared/cgroup-util.c
+++ b/src/shared/cgroup-util.c
@@ -990,6 +990,8 @@ int cg_split_spec(const char *spec, char **controller, char **path) {
assert(spec);
if (*spec == '/') {
+ if (!path_is_safe(spec))
+ return -EINVAL;
if (path) {
t = strdup(spec);
@@ -1007,7 +1009,7 @@ int cg_split_spec(const char *spec, char **controller, char **path) {
e = strchr(spec, ':');
if (!e) {
- if (strchr(spec, '/') || spec[0] == 0)
+ if (!filename_is_safe(spec))
return -EINVAL;
if (controller) {
@@ -1024,29 +1026,34 @@ int cg_split_spec(const char *spec, char **controller, char **path) {
return 0;
}
- if (e[1] != '/' || e == spec || memchr(spec, '/', e-spec))
+ t = strndup(spec, e-spec);
+ if (!t)
+ return -ENOMEM;
+ if (!filename_is_safe(t)) {
+ free(t);
return -EINVAL;
-
- if (controller) {
- t = strndup(spec, e-spec);
- if (!t)
- return -ENOMEM;
-
}
- if (path) {
- u = strdup(e+1);
- if (!u) {
- free(t);
- return -ENOMEM;
- }
+ u = strdup(e+1);
+ if (!u) {
+ free(t);
+ return -ENOMEM;
+ }
+ if (!path_is_safe(u)) {
+ free(t);
+ free(u);
+ return -EINVAL;
}
if (controller)
*controller = t;
+ else
+ free(t);
if (path)
*path = u;
+ else
+ free(u);
return 0;
}
@@ -1290,3 +1297,32 @@ int cg_pid_get_unit(pid_t pid, char **unit) {
int cg_pid_get_user_unit(pid_t pid, char **unit) {
return cg_pid_get("/user/", pid, unit);
}
+
+int cg_controller_from_attr(const char *attr, char **controller) {
+ const char *dot;
+ char *c;
+
+ assert(attr);
+ assert(controller);
+
+ if (!filename_is_safe(attr))
+ return -EINVAL;
+
+ dot = strchr(attr, '.');
+ if (!dot) {
+ *controller = NULL;
+ return 0;
+ }
+
+ c = strndup(attr, dot - attr);
+ if (!c)
+ return -ENOMEM;
+
+ if (!filename_is_safe(c)) {
+ free(c);
+ return -EINVAL;
+ }
+
+ *controller = c;
+ return 1;
+}