From ae6c3cc009a21df4b51851fb8fe3fde0b7d6d8f0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 12 Dec 2014 02:32:33 +0100
Subject: util: when using basename() for creating temporary files, verify the
 resulting name is actually valid

Also, rename filename_is_safe() to filename_is_valid(), since it
actually does a full validation for what the kernel will accept as file
name, it's not just a heuristic.
---
 src/locale/localed.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/locale')

diff --git a/src/locale/localed.c b/src/locale/localed.c
index 8d60d0ff13..0aaa63de85 100644
--- a/src/locale/localed.c
+++ b/src/locale/localed.c
@@ -965,8 +965,8 @@ static int method_set_vc_keyboard(sd_bus *bus, sd_bus_message *m, void *userdata
         if (!streq_ptr(keymap, c->vc_keymap) ||
             !streq_ptr(keymap_toggle, c->vc_keymap_toggle)) {
 
-                if ((keymap && (!filename_is_safe(keymap) || !string_is_safe(keymap))) ||
-                    (keymap_toggle && (!filename_is_safe(keymap_toggle) || !string_is_safe(keymap_toggle))))
+                if ((keymap && (!filename_is_valid(keymap) || !string_is_safe(keymap))) ||
+                    (keymap_toggle && (!filename_is_valid(keymap_toggle) || !string_is_safe(keymap_toggle))))
                         return sd_bus_error_set_errnof(error, -EINVAL, "Received invalid keymap data");
 
                 r = bus_verify_polkit_async(m, CAP_SYS_ADMIN, "org.freedesktop.locale1.set-keyboard", interactive, &c->polkit_registry, error);
-- 
cgit v1.2.3-54-g00ecf