Rewrite globbing code to fix various minor issues

* Plug a memory leak.
* Remove the short-circuit.  (This breaks when someone uses [] or ?
  patterns without using *.  I figure it's best to use the principle of
  least surprise and just let the system glob() implementation do what
  it does.)
* Stop sorting results.

I've also replaced a lot of disable-history.inc with a glob pattern.
Now it catches files like .sqlite_history and whatever the user runs
under rlwrap.

2 files changed, 19 insertions, 22 deletions

diff --git a/etc/disable-history.inc b/etc/disable-history.inc
index 66261c1cf..7a91df828 100644
--- a/etc/disable-history.inc
+++ b/etc/disable-history.inc
@@ -1,10 +1,3 @@
 # History files in $HOME
 blacklist ${HOME}/.history
-blacklist ${HOME}/.bash_history
-blacklist ${HOME}/.zsh_history
-blacklist ${HOME}/.ksh_history
-blacklist ${HOME}/.sh_history
-blacklist ${HOME}/.nano_history
-blacklist ${HOME}/.python_history
-blacklist ${HOME}/.mysql_history
-blacklist ${HOME}/.pgsql_history
\ No newline at end of file
+blacklist ${HOME}/.*_history
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 1e74257eb..14b7c1f01 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -197,24 +197,28 @@ static void disable_file(OPERATION op, const char *filename, const char *emptydi
         free(fname);
 }
 
-static void globbing(OPERATION op, const char *fname, const char *emptydir, const char *emptyfile) {
-        assert(fname);
+// Treat pattern as a shell glob pattern and blacklist matching files
+static void globbing(OPERATION op, const char *pattern, const char *emptydir, const char *emptyfile) {
+        assert(pattern);
         assert(emptydir);
         assert(emptyfile);
 
-        // filename globbing: expand * macro and continue processing for every single file
-        if (strchr(fname, '*')) {
-                glob_t globbuf;
-                globbuf.gl_offs = 0;
-                glob(fname, GLOB_DOOFFS, NULL, &globbuf);
-                unsigned int i;
-                for (i = 0; i < globbuf.gl_pathc; i++) {
-                        assert(globbuf.gl_pathv[i]);
-                        disable_file(op, globbuf.gl_pathv[i], emptydir, emptyfile);
-                }
+        glob_t globbuf;
+        // Profiles contain blacklists for files that might not exist on a user's machine.
+        // GLOB_NOCHECK makes that okay.
+        int globerr = glob(pattern, GLOB_NOCHECK | GLOB_NOSORT, NULL, &globbuf);
+        if (globerr) {
+                fprintf(stderr, "Error: failed to glob pattern %s\n", pattern);
+                return;
         }
-        else
-                disable_file(op, fname, emptydir, emptyfile);
+
+        size_t i;
+        for (i = 0; i < globbuf.gl_pathc; i++) {
+                char* match = globbuf.gl_pathv[i];
+                assert(match);
+                disable_file(op, match, emptydir, emptyfile);
+        }
+        globfree(&globbuf);
 }
 
 static void expand_path(OPERATION op, const char *path, const char *fname, const char *emptydir, const char *emptyfile) {