util.c: check first/last char and allow extra chars

In `invalid_name`.
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2023-06-13 18:21:22 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2023-06-13 21:25:32 -0300
commit: 94738819b17cd03adbce6284a87f5fd0bb28d077 (patch)
tree: 02e65fa2cea4cc0ed5eb1ff2d75d2879e7b3cadc
parent: util.c: increase name max length from 64 to 253 (diff)
download: firejail-94738819b17cd03adbce6284a87f5fd0bb28d077.tar.gz
firejail-94738819b17cd03adbce6284a87f5fd0bb28d077.tar.zst
firejail-94738819b17cd03adbce6284a87f5fd0bb28d077.zip
1 files changed, 26 insertions, 4 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 78704fa64..6c79c050e 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -1476,7 +1476,8 @@ int ascii_isxdigit(unsigned char c) {
        return ret;
 }
-// allow strict ASCII letters and numbers; names with only numbers are rejected; spaces are rejected
+// Allow only ASCII letters, digits and a few special characters; names with
+// only numbers are rejected; spaces and control characters are rejected.
 int invalid_name(const char *name) {
        const char *c = name;
        int only_numbers = 1;
@@ -1484,13 +1485,34 @@ int invalid_name(const char *name) {
        if (strlen(name) > 253)
                return 1;
+        // must start with alnum
+        if (!ascii_isalnum(*c))
+                return 1;
+        if (!ascii_isdigit(*c))
+                only_numbers = 0;
+        ++c;
        while (*c) {
-                if (!ascii_isalnum(*c))
+                switch (*c) {
-                        return 1;
+                case '-':
-                if (!ascii_isdigit(*c))
+                case '.':
+                case '_':
                        only_numbers = 0;
+                        break;
+                default:
+                        if (!ascii_isalnum(*c))
+                                return 1;
+                        if (!ascii_isdigit(*c))
+                                only_numbers = 0;
+                }
                ++c;
        }
+        // must end with alnum
+        --c;
+        if (!ascii_isalnum(*c))
+                return 1;
        if (only_numbers)
                return 1;
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2023-06-13 18:21:22 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2023-06-13 21:25:32 -0300
commit	94738819b17cd03adbce6284a87f5fd0bb28d077 (patch)
tree	02e65fa2cea4cc0ed5eb1ff2d75d2879e7b3cadc
parent	util.c: increase name max length from 64 to 253 (diff)
download	firejail-94738819b17cd03adbce6284a87f5fd0bb28d077.tar.gz firejail-94738819b17cd03adbce6284a87f5fd0bb28d077.tar.zst firejail-94738819b17cd03adbce6284a87f5fd0bb28d077.zip

diff --git a/src/firejail/util.c b/src/firejail/util.c index 78704fa64..6c79c050e 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c
@@ -1476,7 +1476,8 @@ int ascii_isxdigit(unsigned char c) {
1476	return ret;	1476	return ret;
1477	}	1477	}
1478		1478
1479	// allow strict ASCII letters and numbers; names with only numbers are rejected; spaces are rejected	1479	// Allow only ASCII letters, digits and a few special characters; names with
		1480	// only numbers are rejected; spaces and control characters are rejected.
1480	int invalid_name(const char *name) {	1481	int invalid_name(const char *name) {
1481	const char *c = name;	1482	const char *c = name;
1482	int only_numbers = 1;	1483	int only_numbers = 1;
@@ -1484,13 +1485,34 @@ int invalid_name(const char *name) {
1484	if (strlen(name) > 253)	1485	if (strlen(name) > 253)
1485	return 1;	1486	return 1;
1486		1487
		1488	// must start with alnum
		1489	if (!ascii_isalnum(*c))
		1490	return 1;
		1491	if (!ascii_isdigit(*c))
		1492	only_numbers = 0;
		1493	++c;
		1494
1487	while (*c) {	1495	while (*c) {
1488	if (!ascii_isalnum(*c))	1496	switch (*c) {
1489	return 1;	1497	case '-':
1490	if (!ascii_isdigit(*c))	1498	case '.':
		1499	case '_':
1491	only_numbers = 0;	1500	only_numbers = 0;
		1501	break;
		1502	default:
		1503	if (!ascii_isalnum(*c))
		1504	return 1;
		1505	if (!ascii_isdigit(*c))
		1506	only_numbers = 0;
		1507	}
1492	++c;	1508	++c;
1493	}	1509	}
		1510
		1511	// must end with alnum
		1512	--c;
		1513	if (!ascii_isalnum(*c))
		1514	return 1;
		1515
1494	if (only_numbers)	1516	if (only_numbers)
1495	return 1;	1517	return 1;
1496		1518