summaryrefslogtreecommitdiffstats
path: root/src/veritysetup
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2022-03-31 11:03:06 +0200
committerLennart Poettering <lennart@poettering.net>2022-03-31 11:44:46 +0200
commit9959d7828010d2a26de95509309587162770960d (patch)
tree5023f12818d5c336e15413c2b76b203b66de5d42 /src/veritysetup
parentveritysetup: mangle option strings like in cryptsetup (diff)
downloadsystemd-9959d7828010d2a26de95509309587162770960d.tar.xz
systemd-9959d7828010d2a26de95509309587162770960d.zip
veritysetup: do some superficial checking on volume name
cryptsetup does this too, so let's better be safe here, too.
Diffstat (limited to 'src/veritysetup')
-rw-r--r--src/veritysetup/veritysetup.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/veritysetup/veritysetup.c b/src/veritysetup/veritysetup.c
index 3551ed4f3a..a81e93cb75 100644
--- a/src/veritysetup/veritysetup.c
+++ b/src/veritysetup/veritysetup.c
@@ -146,6 +146,9 @@ static int run(int argc, char *argv[]) {
root_hash = argv[5];
options = mangle_none(argc > 6 ? argv[6] : NULL);
+ if (!filename_is_valid(volume))
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
+
r = unhexmem(root_hash, SIZE_MAX, &m, &l);
if (r < 0)
return log_error_errno(r, "Failed to parse root hash: %m");
@@ -210,6 +213,9 @@ static int run(int argc, char *argv[]) {
volume = argv[2];
+ if (!filename_is_valid(volume))
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
+
r = crypt_init_by_name(&cd, volume);
if (r == -ENODEV) {
log_info("Volume %s already inactive.", volume);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 20:01:26 +0100