Merge pull request #3156 from smitsohu/filename

print rejected character in invalid filenames
author: smitsohu <smitsohu@gmail.com> 2020-02-01 15:15:13 +0000
committer: GitHub <noreply@github.com> 2020-02-01 15:15:13 +0000
commit: c29485ff60a4aba17640167c6406c2c6027b7d03 (patch)
tree: 9c4e5fa16c57d94bb28d5089c24910a2f3a95e57
parent: profiles: whitelist /usr/share/doc in some profiles (diff)
parent: remove parentheses from set of rejected characters (diff)
download: firejail-c29485ff60a4aba17640167c6406c2c6027b7d03.tar.gz
firejail-c29485ff60a4aba17640167c6406c2c6027b7d03.tar.zst
firejail-c29485ff60a4aba17640167c6406c2c6027b7d03.zip
1 files changed, 38 insertions, 11 deletions
diff --git a/src/firejail/macros.c b/src/firejail/macros.c
index 9621b95ee..6901b7d44 100644
--- a/src/firejail/macros.c
+++ b/src/firejail/macros.c
@@ -258,6 +258,28 @@ char *expand_macros(const char *path) {
        return rv;
 }
+// replace control characters with a '?'
+static char *fix_control_chars(const char *fname) {
+        assert(fname);
+        size_t len = strlen(fname);
+        char *rv = malloc(len + 1);
+        if (!rv)
+                errExit("malloc");
+        size_t i = 0;
+        while (fname[i] != '\0') {
+                if (iscntrl((unsigned char) fname[i]))
+                        rv[i] = '?';
+                else
+                        rv[i] = fname[i];
+                i++;
+        }
+        rv[i] = '\0';
+        return rv;
+}
 void invalid_filename(const char *fname, int globbing) {
 //      EUID_ASSERT();
        assert(fname);
@@ -275,19 +297,24 @@ void invalid_filename(const char *fname, int globbing) {
                        return;
        }
-        int len = strlen(ptr);
+        size_t i = 0;
+        while (ptr[i] != '\0') {
-        if (globbing) {
+                if (iscntrl((unsigned char) ptr[i])) {
-                // file globbing ('*?[]') is allowed
+                        fprintf(stderr, "Error: \"%s\" is an invalid filename: no control characters allowed\n",
-                if (strcspn(ptr, "\\&!\"'<>%^(){};,") != (size_t)len) {
+                                fix_control_chars(fname));
-                        fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
                        exit(1);
                }
+                i++;
        }
-        else {
+        
-                if (strcspn(ptr, "\\&!?\"'<>%^(){};,*[]") != (size_t)len) {
+        char *reject;
-                        fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
+        if (globbing)
-                        exit(1);
+                reject = "\\&!\"'<>%^{};,"; // file globbing ('*?[]') is allowed
-                }
+        else
+                reject = "\\&!?\"'<>%^{};,*[]";
+        char *c = strpbrk(ptr, reject);
+        if (c) {
+                fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", fname, *c);
+                exit(1);
        }
 }
author	smitsohu <smitsohu@gmail.com>	2020-02-01 15:15:13 +0000
committer	GitHub <noreply@github.com>	2020-02-01 15:15:13 +0000
commit	c29485ff60a4aba17640167c6406c2c6027b7d03 (patch)
tree	9c4e5fa16c57d94bb28d5089c24910a2f3a95e57
parent	profiles: whitelist /usr/share/doc in some profiles (diff)
parent	remove parentheses from set of rejected characters (diff)
download	firejail-c29485ff60a4aba17640167c6406c2c6027b7d03.tar.gz firejail-c29485ff60a4aba17640167c6406c2c6027b7d03.tar.zst firejail-c29485ff60a4aba17640167c6406c2c6027b7d03.zip

diff --git a/src/firejail/macros.c b/src/firejail/macros.c index 9621b95ee..6901b7d44 100644 --- a/src/firejail/macros.c +++ b/src/firejail/macros.c
@@ -258,6 +258,28 @@ char expand_macros(const char path) {
258	return rv;	258	return rv;
259	}	259	}
260		260
		261	// replace control characters with a '?'
		262	static char fix_control_chars(const char fname) {
		263	assert(fname);
		264
		265	size_t len = strlen(fname);
		266	char *rv = malloc(len + 1);
		267	if (!rv)
		268	errExit("malloc");
		269
		270	size_t i = 0;
		271	while (fname[i] != '\0') {
		272	if (iscntrl((unsigned char) fname[i]))
		273	rv[i] = '?';
		274	else
		275	rv[i] = fname[i];
		276	i++;
		277	}
		278	rv[i] = '\0';
		279
		280	return rv;
		281	}
		282
261	void invalid_filename(const char *fname, int globbing) {	283	void invalid_filename(const char *fname, int globbing) {
262	// EUID_ASSERT();	284	// EUID_ASSERT();
263	assert(fname);	285	assert(fname);
@@ -275,19 +297,24 @@ void invalid_filename(const char *fname, int globbing) {
275	return;	297	return;
276	}	298	}
277		299
278	int len = strlen(ptr);	300	size_t i = 0;
279		301	while (ptr[i] != '\0') {
280	if (globbing) {	302	if (iscntrl((unsigned char) ptr[i])) {
281	// file globbing ('*?[]') is allowed	303	fprintf(stderr, "Error: \"%s\" is an invalid filename: no control characters allowed\n",
282	if (strcspn(ptr, "\\&!\"'<>%^(){};,") != (size_t)len) {	304	fix_control_chars(fname));
283	fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
284	exit(1);	305	exit(1);
285	}	306	}
		307	i++;
286	}	308	}
287	else {	309
288	if (strcspn(ptr, "\\&!?\"'<>%^(){};,*[]") != (size_t)len) {	310	char *reject;
289	fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);	311	if (globbing)
290	exit(1);	312	reject = "\\&!\"'<>%^{};,"; // file globbing ('*?[]') is allowed
291	}	313	else
		314	reject = "\\&!?\"'<>%^{};,*[]";
		315	char *c = strpbrk(ptr, reject);
		316	if (c) {
		317	fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", fname, *c);
		318	exit(1);
292	}	319	}
293	}	320	}