summaryrefslogtreecommitdiff
path: root/src/shared/util.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-02-11 03:46:08 +0100
committerLennart Poettering <lennart@poettering.net>2013-02-11 03:54:50 +0100
commit4d1a69043862ed979642f5688097160355d4cc81 (patch)
treedeac099c3b4da6740cedac9af10913981303f78b /src/shared/util.c
parentc62c294fd521e5b65bb52f831773916bbc4cd90a (diff)
env: considerably beef up environment cleaning logic
Now, actually check if the environment variable names and values used are valid, before accepting them. With this in place are at some places more rigid than POSIX, and less rigid at others. For example, this code allows lower-case environment variables (which POSIX suggests not to use), but it will not allow non-UTF8 variable values. All in all this should be a good middle ground of what to allow and what not to allow as environment variables. (This also splits out all environment related calls into env-util.[ch])
Diffstat (limited to 'src/shared/util.c')
-rw-r--r--src/shared/util.c22
1 files changed, 18 insertions, 4 deletions
diff --git a/src/shared/util.c b/src/shared/util.c
index 969ef2bb90..5b795d4a24 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -70,6 +70,7 @@
#include "path-util.h"
#include "exit-status.h"
#include "hashmap.h"
+#include "env-util.h"
int saved_argc = 0;
char **saved_argv = NULL;
@@ -3341,10 +3342,10 @@ char *replace_env(const char *format, char **env) {
if (*e == '}') {
const char *t;
- if (!(t = strv_env_get_with_length(env, word+2, e-word-2)))
- t = "";
+ t = strempty(strv_env_get_n(env, word+2, e-word-2));
- if (!(k = strappend(r, t)))
+ k = strappend(r, t);
+ if (!k)
goto fail;
free(r);
@@ -3385,7 +3386,8 @@ char **replace_env_argv(char **argv, char **env) {
char **w, **m;
unsigned q;
- if ((e = strv_env_get(env, *i+1))) {
+ e = strv_env_get(env, *i+1);
+ if (e) {
if (!(m = strv_split_quoted(e))) {
r[k] = NULL;
@@ -5608,6 +5610,18 @@ bool string_is_safe(const char *p) {
return true;
}
+bool string_has_cc(const char *p) {
+ const char *t;
+
+ assert(p);
+
+ for (t = p; *t; t++)
+ if (*t > 0 && *t < ' ')
+ return true;
+
+ return false;
+}
+
bool path_is_safe(const char *p) {
if (isempty(p))