diff options
| author | Lennart Poettering <lennart@poettering.net> | 2013-02-11 03:46:08 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2013-02-11 03:54:50 +0100 |
| commit | 4d1a69043862ed979642f5688097160355d4cc81 (patch) | |
| tree | deac099c3b4da6740cedac9af10913981303f78b /src/shared/util.c | |
| parent | c62c294fd521e5b65bb52f831773916bbc4cd90a (diff) | |
env: considerably beef up environment cleaning logic
Now, actually check if the environment variable names and values used
are valid, before accepting them. With this in place are at some places
more rigid than POSIX, and less rigid at others. For example, this code
allows lower-case environment variables (which POSIX suggests not to
use), but it will not allow non-UTF8 variable values.
All in all this should be a good middle ground of what to allow and what
not to allow as environment variables.
(This also splits out all environment related calls into env-util.[ch])
Diffstat (limited to 'src/shared/util.c')
| -rw-r--r-- | src/shared/util.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/src/shared/util.c b/src/shared/util.c index 969ef2bb90..5b795d4a24 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -70,6 +70,7 @@ #include "path-util.h" #include "exit-status.h" #include "hashmap.h" +#include "env-util.h" int saved_argc = 0; char **saved_argv = NULL; @@ -3341,10 +3342,10 @@ char *replace_env(const char *format, char **env) { if (*e == '}') { const char *t; - if (!(t = strv_env_get_with_length(env, word+2, e-word-2))) - t = ""; + t = strempty(strv_env_get_n(env, word+2, e-word-2)); - if (!(k = strappend(r, t))) + k = strappend(r, t); + if (!k) goto fail; free(r); @@ -3385,7 +3386,8 @@ char **replace_env_argv(char **argv, char **env) { char **w, **m; unsigned q; - if ((e = strv_env_get(env, *i+1))) { + e = strv_env_get(env, *i+1); + if (e) { if (!(m = strv_split_quoted(e))) { r[k] = NULL; @@ -5608,6 +5610,18 @@ bool string_is_safe(const char *p) { return true; } +bool string_has_cc(const char *p) { + const char *t; + + assert(p); + + for (t = p; *t; t++) + if (*t > 0 && *t < ' ') + return true; + + return false; +} + bool path_is_safe(const char *p) { if (isempty(p)) |