summaryrefslogtreecommitdiffstats
path: root/src/binfmt
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2018-10-18 13:33:00 +0200
committerLennart Poettering <lennart@poettering.net>2018-10-18 13:33:00 +0200
commit7452c3ff525d23baf6dc723ad3342d289a3d5932 (patch)
treeaf5504fe762ab8c7ac4d95b3ca61ea02a549fc08 /src/binfmt
parentterminal-util: use fgetc() carefully instead of fread() (diff)
downloadsystemd-7452c3ff525d23baf6dc723ad3342d289a3d5932.tar.xz
systemd-7452c3ff525d23baf6dc723ad3342d289a3d5932.zip
binfmt: validate rule file name before using it
Diffstat (limited to 'src/binfmt')
-rw-r--r--src/binfmt/binfmt.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
index 55f700c089..0e5ca1a7e8 100644
--- a/src/binfmt/binfmt.c
+++ b/src/binfmt/binfmt.c
@@ -15,6 +15,7 @@
#include "fileio.h"
#include "log.h"
#include "pager.h"
+#include "path-util.h"
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
@@ -27,6 +28,7 @@ static int delete_rule(const char *rule) {
_cleanup_free_ char *x = NULL, *fn = NULL;
char *e;
+ assert(rule);
assert(rule[0]);
x = strdup(rule);
@@ -36,6 +38,11 @@ static int delete_rule(const char *rule) {
e = strchrnul(x+1, x[0]);
*e = 0;
+ if (!filename_is_valid(x + 1)) {
+ log_error("Rule file name '%s' is not valid, refusing.", x+1);
+ return -EINVAL;
+ }
+
fn = strappend("/proc/sys/fs/binfmt_misc/", x+1);
if (!fn)
return log_oom();
@@ -46,7 +53,7 @@ static int delete_rule(const char *rule) {
static int apply_rule(const char *rule) {
int r;
- delete_rule(rule);
+ (void) delete_rule(rule);
r = write_string_file("/proc/sys/fs/binfmt_misc/register", rule, 0);
if (r < 0)