diff options
author | ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com> | 2018-08-02 11:43:06 -0400 |
---|---|---|
committer | ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com> | 2018-08-02 11:43:06 -0400 |
commit | 75e0172d409b99eaa9a4d2584e0bf64f1d55aa50 (patch) | |
tree | d94d5938a318a949ef4e45b9358a2823c4c6cf01 | |
parent | Fixed Documents handling (consume trailing /) and hide XDG warnings unless --... (diff) | |
download | firejail-75e0172d409b99eaa9a4d2584e0bf64f1d55aa50.tar.gz firejail-75e0172d409b99eaa9a4d2584e0bf64f1d55aa50.tar.zst firejail-75e0172d409b99eaa9a4d2584e0bf64f1d55aa50.zip |
Check tmp1 and tmp2 for NULL before passing to parse_nowhitelist (thanks @smitsohu!)
-rw-r--r-- | src/firejail/fs_whitelist.c | 48 |
1 files changed, 36 insertions, 12 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index 0178e3c5b..3cc116c78 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -329,9 +329,13 @@ void fs_whitelist(void) { | |||
329 | // resolve ${DOWNLOADS} | 329 | // resolve ${DOWNLOADS} |
330 | if (strcmp(dataptr, "${DOWNLOADS}") == 0) { | 330 | if (strcmp(dataptr, "${DOWNLOADS}") == 0) { |
331 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOWNLOAD_DIR=\"$HOME/", 24, "Downloads"); | 331 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOWNLOAD_DIR=\"$HOME/", 24, "Downloads"); |
332 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 332 | char *tmpw1 = NULL; |
333 | if (tmp1 != NULL) | ||
334 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
333 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, dentry, "Downloads"); | 335 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, dentry, "Downloads"); |
334 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 336 | char *tmpw2 = NULL; |
337 | if (tmp2 != NULL) | ||
338 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
335 | if (tmp1 && tmpw1) { | 339 | if (tmp1 && tmpw1) { |
336 | entry->data = tmpw1; | 340 | entry->data = tmpw1; |
337 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 341 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -356,9 +360,13 @@ void fs_whitelist(void) { | |||
356 | // resolve ${MUSIC} | 360 | // resolve ${MUSIC} |
357 | if (strcmp(dataptr, "${MUSIC}") == 0) { | 361 | if (strcmp(dataptr, "${MUSIC}") == 0) { |
358 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_MUSIC_DIR=\"$HOME/", 21, "Music"); | 362 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_MUSIC_DIR=\"$HOME/", 21, "Music"); |
359 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 363 | char *tmpw1 = NULL; |
364 | if (tmp1 != NULL) | ||
365 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
360 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, mentry, "Music"); | 366 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, mentry, "Music"); |
361 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 367 | char *tmpw2 = NULL; |
368 | if (tmp2 != NULL) | ||
369 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
362 | if (tmp1 && tmpw1) { | 370 | if (tmp1 && tmpw1) { |
363 | entry->data = tmpw1; | 371 | entry->data = tmpw1; |
364 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 372 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -383,9 +391,13 @@ void fs_whitelist(void) { | |||
383 | // resolve ${VIDEOS} | 391 | // resolve ${VIDEOS} |
384 | if (strcmp(dataptr, "${VIDEOS}") == 0) { | 392 | if (strcmp(dataptr, "${VIDEOS}") == 0) { |
385 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_VIDEOS_DIR=\"$HOME/", 22, "Videos"); | 393 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_VIDEOS_DIR=\"$HOME/", 22, "Videos"); |
386 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 394 | char *tmpw1 = NULL; |
395 | if (tmp1 != NULL) | ||
396 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
387 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, ventry, "Videos"); | 397 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, ventry, "Videos"); |
388 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 398 | char *tmpw2 = NULL; |
399 | if (tmp2 != NULL) | ||
400 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
389 | if (tmp1 && tmpw1) { | 401 | if (tmp1 && tmpw1) { |
390 | entry->data = tmpw1; | 402 | entry->data = tmpw1; |
391 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 403 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -410,9 +422,13 @@ void fs_whitelist(void) { | |||
410 | // resolve ${PICTURES} | 422 | // resolve ${PICTURES} |
411 | if (strcmp(dataptr, "${PICTURES}") == 0) { | 423 | if (strcmp(dataptr, "${PICTURES}") == 0) { |
412 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_PICTURES_DIR=\"$HOME/", 24, "Pictures"); | 424 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_PICTURES_DIR=\"$HOME/", 24, "Pictures"); |
413 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 425 | char *tmpw1 = NULL; |
426 | if (tmp1 != NULL) | ||
427 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
414 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, pentry, "Pictures"); | 428 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, pentry, "Pictures"); |
415 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 429 | char *tmpw2 = NULL; |
430 | if (tmp2 != NULL) | ||
431 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
416 | if (tmp1 && tmpw1) { | 432 | if (tmp1 && tmpw1) { |
417 | entry->data = tmpw1; | 433 | entry->data = tmpw1; |
418 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 434 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -437,9 +453,13 @@ void fs_whitelist(void) { | |||
437 | // resolve ${DESKTOP} | 453 | // resolve ${DESKTOP} |
438 | if (strcmp(dataptr, "${DESKTOP}") == 0) { | 454 | if (strcmp(dataptr, "${DESKTOP}") == 0) { |
439 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DESKTOP_DIR=\"$HOME/", 24, "Desktop"); | 455 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DESKTOP_DIR=\"$HOME/", 24, "Desktop"); |
440 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 456 | char *tmpw1 = NULL; |
457 | if (tmp1 != NULL) | ||
458 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
441 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, deentry, "Desktop"); | 459 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, deentry, "Desktop"); |
442 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 460 | char *tmpw2 = NULL; |
461 | if (tmp2 != NULL) | ||
462 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
443 | if (tmp1 && tmpw1) { | 463 | if (tmp1 && tmpw1) { |
444 | entry->data = tmpw1; | 464 | entry->data = tmpw1; |
445 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 465 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -464,9 +484,13 @@ void fs_whitelist(void) { | |||
464 | // resolve ${DOCUMENTS} | 484 | // resolve ${DOCUMENTS} |
465 | if (strcmp(dataptr, "${DOCUMENTS}") == 0) { | 485 | if (strcmp(dataptr, "${DOCUMENTS}") == 0) { |
466 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOCUMENTS_DIR=\"$HOME/", 25, "Documents"); | 486 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOCUMENTS_DIR=\"$HOME/", 25, "Documents"); |
467 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 487 | char *tmpw1 = NULL; |
488 | if (tmp1 != NULL) | ||
489 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
468 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, doentry, "Documents"); | 490 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, doentry, "Documents"); |
469 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 491 | char *tmpw2 = NULL; |
492 | if (tmp2 != NULL) | ||
493 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
470 | if (tmp1 && tmpw1) { | 494 | if (tmp1 && tmpw1) { |
471 | entry->data = tmpw1; | 495 | entry->data = tmpw1; |
472 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 496 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |