From db5c0122853a9ecf1cc92e6593461932df2fa866 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 24 Apr 2013 19:53:16 -0300 Subject: conf-parser: restrict .include usage Disallow recursive .include, and make it unavailable in anything but unit files. --- src/shared/conf-parser.c | 17 +++++++++++++---- src/shared/conf-parser.h | 1 + src/shared/install.c | 2 +- 3 files changed, 15 insertions(+), 5 deletions(-) (limited to 'src/shared') diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c index 3d14c58d13..2303d9a50b 100644 --- a/src/shared/conf-parser.c +++ b/src/shared/conf-parser.c @@ -70,7 +70,7 @@ int log_syntax_internal(const char *unit, int level, "ERRNO=%d", error > 0 ? error : EINVAL, "MESSAGE=[%s:%u] %s", config_file, config_line, msg, NULL); - log_info("logged here: '%s': %d", msg, r); + return r; } @@ -199,6 +199,7 @@ static int parse_line(const char* unit, ConfigItemLookup lookup, void *table, bool relaxed, + bool allow_include, char **section, char *l, void *userdata) { @@ -219,13 +220,19 @@ static int parse_line(const char* unit, return 0; if (startswith(l, ".include ")) { - _cleanup_free_ char *fn; + _cleanup_free_ char *fn = NULL; + + if (!allow_include) { + log_syntax(unit, LOG_ERR, filename, line, EBADMSG, + ".include not allowed here. Ignoring."); + return 0; + } fn = file_in_same_dir(filename, strstrip(l+9)); if (!fn) return -ENOMEM; - return config_parse(unit, fn, NULL, sections, lookup, table, relaxed, userdata); + return config_parse(unit, fn, NULL, sections, lookup, table, relaxed, false, userdata); } if (*l == '[') { @@ -299,11 +306,12 @@ int config_parse(const char *unit, ConfigItemLookup lookup, void *table, bool relaxed, + bool allow_include, void *userdata) { - unsigned line = 0; _cleanup_free_ char *section = NULL, *continuation = NULL; _cleanup_fclose_ FILE *ours = NULL; + unsigned line = 0; int r; assert(filename); @@ -370,6 +378,7 @@ int config_parse(const char *unit, lookup, table, relaxed, + allow_include, §ion, p, userdata); diff --git a/src/shared/conf-parser.h b/src/shared/conf-parser.h index 9ea84e652b..08428a514a 100644 --- a/src/shared/conf-parser.h +++ b/src/shared/conf-parser.h @@ -87,6 +87,7 @@ int config_parse(const char *unit, ConfigItemLookup lookup, void *table, bool relaxed, + bool allow_include, void *userdata); /* Generic parsers */ diff --git a/src/shared/install.c b/src/shared/install.c index b22019d7b5..edf4d2a9fe 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -1015,7 +1015,7 @@ static int unit_file_load( } r = config_parse(NULL, path, f, NULL, - config_item_table_lookup, (void*) items, true, info); + config_item_table_lookup, (void*) items, true, true, info); if (r < 0) return r; -- cgit v1.2.3-54-g00ecf