diff options
author | 2023-02-14 09:27:50 -0500 | |
---|---|---|
committer | 2023-02-14 09:27:50 -0500 | |
commit | 31d0c32be58413897780606b55b2e60026f9a47c (patch) | |
tree | 195c459f44637f963c792d95161e528c18106133 | |
parent | merges, disable sort.py in profile checks temporarely, two more private-etc p... (diff) | |
parent | Style changes (diff) | |
download | firejail-31d0c32be58413897780606b55b2e60026f9a47c.tar.gz firejail-31d0c32be58413897780606b55b2e60026f9a47c.tar.zst firejail-31d0c32be58413897780606b55b2e60026f9a47c.zip |
Merge pull request #5613 from layderv/escape-cntrl-sequences
modif: Escape control characters of the command line
-rw-r--r-- | src/include/common.h | 1 | ||||
-rw-r--r-- | src/lib/common.c | 58 | ||||
-rw-r--r-- | src/lib/pid.c | 16 |
3 files changed, 74 insertions, 1 deletions
diff --git a/src/include/common.h b/src/include/common.h index ed6560701..dc80e678d 100644 --- a/src/include/common.h +++ b/src/include/common.h | |||
@@ -143,6 +143,7 @@ int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid); | |||
143 | int pid_hidepid(void); | 143 | int pid_hidepid(void); |
144 | char *do_replace_cntrl_chars(char *str, char c); | 144 | char *do_replace_cntrl_chars(char *str, char c); |
145 | char *replace_cntrl_chars(const char *str, char c); | 145 | char *replace_cntrl_chars(const char *str, char c); |
146 | char *escape_cntrl_chars(const char *str); | ||
146 | int has_cntrl_chars(const char *str); | 147 | int has_cntrl_chars(const char *str); |
147 | void reject_cntrl_chars(const char *fname); | 148 | void reject_cntrl_chars(const char *fname); |
148 | void reject_meta_chars(const char *fname, int globbing); | 149 | void reject_meta_chars(const char *fname, int globbing); |
diff --git a/src/lib/common.c b/src/lib/common.c index 111366782..44ff2ab98 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -404,6 +404,64 @@ char *replace_cntrl_chars(const char *str, char c) { | |||
404 | return rv; | 404 | return rv; |
405 | } | 405 | } |
406 | 406 | ||
407 | // Replaces each control character in str with an escape sequence, such as by | ||
408 | // replacing '\n' (0x0a) with "\\n" (0x5c6e). | ||
409 | char *escape_cntrl_chars(const char *str) { | ||
410 | if (str == NULL) | ||
411 | return NULL; | ||
412 | |||
413 | unsigned int cntrl_chars = 0; | ||
414 | const char *c = str; | ||
415 | while (*c) { | ||
416 | switch (*c++) { | ||
417 | case '\b': | ||
418 | case '\a': | ||
419 | case '\e': | ||
420 | case '\f': | ||
421 | case '\n': | ||
422 | case '\r': | ||
423 | case '\t': | ||
424 | case '\v': | ||
425 | case '\"': | ||
426 | case '\'': | ||
427 | case '\?': | ||
428 | case '\\': | ||
429 | ++cntrl_chars; | ||
430 | default: | ||
431 | break; | ||
432 | } | ||
433 | } | ||
434 | char *ptr, *rv = malloc(strlen(str) + cntrl_chars + 1); | ||
435 | if (!rv) | ||
436 | errExit("malloc"); | ||
437 | ptr = rv; | ||
438 | c = str; | ||
439 | while (*c) { | ||
440 | if (iscntrl(*c)) { | ||
441 | *ptr++ = '\\'; | ||
442 | switch (*c) { | ||
443 | case '\b': *ptr++ = 'b'; break; | ||
444 | case '\a': *ptr++ = 'a'; break; | ||
445 | case '\e': *ptr++ = 'e'; break; | ||
446 | case '\f': *ptr++ = 'f'; break; | ||
447 | case '\n': *ptr++ = 'n'; break; | ||
448 | case '\r': *ptr++ = 'r'; break; | ||
449 | case '\t': *ptr++ = 't'; break; | ||
450 | case '\v': *ptr++ = 'v'; break; | ||
451 | case '\"': *ptr++ = '\"'; break; | ||
452 | case '\'': *ptr++ = '\''; break; | ||
453 | case '\?': *ptr++ = '?'; break; | ||
454 | case '\\': *ptr++ = '\\'; break; | ||
455 | } | ||
456 | } else { | ||
457 | *ptr++ = *c; | ||
458 | } | ||
459 | c++; | ||
460 | } | ||
461 | *ptr = '\0'; | ||
462 | return rv; | ||
463 | } | ||
464 | |||
407 | int has_cntrl_chars(const char *str) { | 465 | int has_cntrl_chars(const char *str) { |
408 | assert(str); | 466 | assert(str); |
409 | 467 | ||
diff --git a/src/lib/pid.c b/src/lib/pid.c index 5e9b20c94..2e73e85f6 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
@@ -197,6 +197,12 @@ static void print_elem(unsigned index, int nowrap) { | |||
197 | char *user = pid_get_user_name(uid); | 197 | char *user = pid_get_user_name(uid); |
198 | char *user_allocated = user; | 198 | char *user_allocated = user; |
199 | 199 | ||
200 | char *cmd_escaped = escape_cntrl_chars(cmd); | ||
201 | if (cmd_escaped) { | ||
202 | free(cmd); | ||
203 | cmd = cmd_escaped; | ||
204 | } | ||
205 | |||
200 | // extract sandbox name - pid == index | 206 | // extract sandbox name - pid == index |
201 | char *sandbox_name = ""; | 207 | char *sandbox_name = ""; |
202 | char *sandbox_name_allocated = NULL; | 208 | char *sandbox_name_allocated = NULL; |
@@ -224,7 +230,15 @@ static void print_elem(unsigned index, int nowrap) { | |||
224 | } | 230 | } |
225 | free(fname); | 231 | free(fname); |
226 | 232 | ||
227 | if (user ==NULL) | 233 | char *sandbox_name_escaped = escape_cntrl_chars(sandbox_name); |
234 | if (sandbox_name_escaped) { | ||
235 | if (sandbox_name_allocated) | ||
236 | free(sandbox_name_allocated); | ||
237 | sandbox_name = sandbox_name_escaped; | ||
238 | sandbox_name_allocated = sandbox_name; | ||
239 | } | ||
240 | |||
241 | if (user == NULL) | ||
228 | user = ""; | 242 | user = ""; |
229 | if (cmd) { | 243 | if (cmd) { |
230 | if (col < 4 || nowrap) | 244 | if (col < 4 || nowrap) |