Fix command name parsing so that program paths with spaces do not cause the wrong or no profile to be detected.

author: Glenn Washburn <development@efficientek.com> 2018-10-01 16:10:12 -0500
committer: Glenn Washburn <development@efficientek.com> 2018-10-01 16:15:00 -0500
commit: b4b972aeb56d04fb100661a29223f3df9b27fda0 (patch)
tree: 0fbc0005f5805b30d9bbf76dd05fb3885e7353e7
parent: mount empty home if macro can't be whitelisted (diff)
download: firejail-b4b972aeb56d04fb100661a29223f3df9b27fda0.tar.gz
firejail-b4b972aeb56d04fb100661a29223f3df9b27fda0.tar.zst
firejail-b4b972aeb56d04fb100661a29223f3df9b27fda0.zip
1 files changed, 17 insertions, 17 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 4a164901d..ae07a42b0 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -636,33 +636,33 @@ void extract_command_name(int index, char **argv) {
        if (!cfg.command_name)
                errExit("strdup");
-        // restrict the command name to the first word
-        char *ptr = cfg.command_name;
-        while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0')
-                ptr++;
-        *ptr = '\0';
        // remove the path: /usr/bin/firefox becomes firefox
-        ptr = strrchr(cfg.command_name, '/');
+        char *basename = cfg.command_name;
+        char *ptr = strrchr(cfg.command_name, '/');
        if (ptr) {
-                ptr++;
+                basename = ++ptr;
                if (*ptr == '\0') {
                        fprintf(stderr, "Error: invalid command name\n");
                        exit(1);
                }
+        }
+        else
+                ptr = basename;
-                char *tmp = strdup(ptr);
+        // restrict the command name to the first word
-                if (!tmp)
+        while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0')
-                        errExit("strdup");
+                ptr++;
-                // limit the command to the first ' '
+        // command name is a substring of cfg.command_name
-                char *ptr2 = tmp;
+        if (basename != cfg.command_name || *ptr != '\0') {
-                while (*ptr2 != ' ' && *ptr2 != '\0')
+                *ptr = '\0';
-                        ptr2++;
+                
-                *ptr2 = '\0';
+                basename = strdup(basename);
+                if (!basename)
+                        errExit("strdup");
                free(cfg.command_name);
-                cfg.command_name = tmp;
+                cfg.command_name = basename;
        }
 }
author	Glenn Washburn <development@efficientek.com>	2018-10-01 16:10:12 -0500
committer	Glenn Washburn <development@efficientek.com>	2018-10-01 16:15:00 -0500
commit	b4b972aeb56d04fb100661a29223f3df9b27fda0 (patch)
tree	0fbc0005f5805b30d9bbf76dd05fb3885e7353e7
parent	mount empty home if macro can't be whitelisted (diff)
download	firejail-b4b972aeb56d04fb100661a29223f3df9b27fda0.tar.gz firejail-b4b972aeb56d04fb100661a29223f3df9b27fda0.tar.zst firejail-b4b972aeb56d04fb100661a29223f3df9b27fda0.zip

diff --git a/src/firejail/util.c b/src/firejail/util.c index 4a164901d..ae07a42b0 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c
@@ -636,33 +636,33 @@ void extract_command_name(int index, char **argv) {
636	if (!cfg.command_name)	636	if (!cfg.command_name)
637	errExit("strdup");	637	errExit("strdup");
638		638
639	// restrict the command name to the first word
640	char *ptr = cfg.command_name;
641	while (ptr != ' ' && ptr != '\t' && *ptr != '\0')
642	ptr++;
643	*ptr = '\0';
644
645	// remove the path: /usr/bin/firefox becomes firefox	639	// remove the path: /usr/bin/firefox becomes firefox
646	ptr = strrchr(cfg.command_name, '/');	640	char *basename = cfg.command_name;
		641	char *ptr = strrchr(cfg.command_name, '/');
647	if (ptr) {	642	if (ptr) {
648	ptr++;	643	basename = ++ptr;
649	if (*ptr == '\0') {	644	if (*ptr == '\0') {
650	fprintf(stderr, "Error: invalid command name\n");	645	fprintf(stderr, "Error: invalid command name\n");
651	exit(1);	646	exit(1);
652	}	647	}
		648	}
		649	else
		650	ptr = basename;
653		651
654	char *tmp = strdup(ptr);	652	// restrict the command name to the first word
655	if (!tmp)	653	while (ptr != ' ' && ptr != '\t' && *ptr != '\0')
656	errExit("strdup");	654	ptr++;
657		655
658	// limit the command to the first ' '	656	// command name is a substring of cfg.command_name
659	char *ptr2 = tmp;	657	if (basename != cfg.command_name \|\| *ptr != '\0') {
660	while (ptr2 != ' ' && ptr2 != '\0')	658	*ptr = '\0';
661	ptr2++;	659
662	*ptr2 = '\0';	660	basename = strdup(basename);
		661	if (!basename)
		662	errExit("strdup");
663		663
664	free(cfg.command_name);	664	free(cfg.command_name);
665	cfg.command_name = tmp;	665	cfg.command_name = basename;
666	}	666	}
667	}	667	}
668		668