refactor meta character filtering

author: smitsohu <smitsohu@gmail.com> 2022-03-10 14:43:17 +0100
committer: smitsohu <smitsohu@gmail.com> 2022-03-10 14:43:17 +0100
commit: 4d3d3270883140535cc6ea5a190aebdf6f3dc120 (patch)
tree: 7bae03cfce71b7f13bba30fe907354d97d40df74 /src/firejail
parent: RELNOTES: add warning about allow-tray (diff)
download: firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.gz
firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.zst
firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.zip
2 files changed, 4 insertions, 45 deletions
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c
index 194a980f4..848691a56 100644
--- a/src/firejail/fs_lib.c
+++ b/src/firejail/fs_lib.c
@@ -276,9 +276,9 @@ static void install_list_entry(const char *lib) {
        assert(lib);
        // filename check
-        int len = strlen(lib);
+        reject_meta_chars(lib, 1);
-        if (strcspn(lib, "\\&!?\"'<>%^(){}[];,") != (size_t)len ||
-        strstr(lib, "..")) {
+        if (strstr(lib, "..")) {
                fprintf(stderr, "Error: \"%s\" is an invalid library\n", lib);
                exit(1);
        }
diff --git a/src/firejail/macros.c b/src/firejail/macros.c
index 74d529504..3f9460041 100644
--- a/src/firejail/macros.c
+++ b/src/firejail/macros.c
@@ -265,28 +265,6 @@ char *expand_macros(const char *path) {
        return rv;
 }
-// replace control characters with a '?'
-static char *fix_control_chars(const char *fname) {
-        assert(fname);
-        size_t len = strlen(fname);
-        char *rv = malloc(len + 1);
-        if (!rv)
-                errExit("malloc");
-        size_t i = 0;
-        while (fname[i] != '\0') {
-                if (iscntrl((unsigned char) fname[i]))
-                        rv[i] = '?';
-                else
-                        rv[i] = fname[i];
-                i++;
-        }
-        rv[i] = '\0';
-        return rv;
-}
 void invalid_filename(const char *fname, int globbing) {
 //      EUID_ASSERT();
        assert(fname);
@@ -304,24 +282,5 @@ void invalid_filename(const char *fname, int globbing) {
                        return;
        }
-        size_t i = 0;
+        reject_meta_chars(ptr, globbing);
-        while (ptr[i] != '\0') {
-                if (iscntrl((unsigned char) ptr[i])) {
-                        char *new = fix_control_chars(fname);
-                        fprintf(stderr, "Error: \"%s\" is an invalid filename: no control characters allowed\n", new);
-                        exit(1);
-                }
-                i++;
-        }
-        char *reject;
-        if (globbing)
-                reject = "\\&!\"<>%^{};,"; // file globbing ('*?[]') is allowed
-        else
-                reject = "\\&!?\"<>%^{};,*[]";
-        char *c = strpbrk(ptr, reject);
-        if (c) {
-                fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", fname, *c);
-                exit(1);
-        }
 }
author	smitsohu <smitsohu@gmail.com>	2022-03-10 14:43:17 +0100
committer	smitsohu <smitsohu@gmail.com>	2022-03-10 14:43:17 +0100
commit	4d3d3270883140535cc6ea5a190aebdf6f3dc120 (patch)
tree	7bae03cfce71b7f13bba30fe907354d97d40df74 /src/firejail
parent	RELNOTES: add warning about allow-tray (diff)
download	firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.gz firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.zst firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.zip

diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 194a980f4..848691a56 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c
@@ -276,9 +276,9 @@ static void install_list_entry(const char *lib) {
276	assert(lib);	276	assert(lib);
277		277
278	// filename check	278	// filename check
279	int len = strlen(lib);	279	reject_meta_chars(lib, 1);
280	if (strcspn(lib, "\\&!?\"'<>%^(){}[];,") != (size_t)len \|\|	280
281	strstr(lib, "..")) {	281	if (strstr(lib, "..")) {
282	fprintf(stderr, "Error: \"%s\" is an invalid library\n", lib);	282	fprintf(stderr, "Error: \"%s\" is an invalid library\n", lib);
283	exit(1);	283	exit(1);
284	}	284	}


diff --git a/src/firejail/macros.c b/src/firejail/macros.c index 74d529504..3f9460041 100644 --- a/src/firejail/macros.c +++ b/src/firejail/macros.c
@@ -265,28 +265,6 @@ char expand_macros(const char path) {
265	return rv;	265	return rv;
266	}	266	}
267		267
268	// replace control characters with a '?'
269	static char fix_control_chars(const char fname) {
270	assert(fname);
271
272	size_t len = strlen(fname);
273	char *rv = malloc(len + 1);
274	if (!rv)
275	errExit("malloc");
276
277	size_t i = 0;
278	while (fname[i] != '\0') {
279	if (iscntrl((unsigned char) fname[i]))
280	rv[i] = '?';
281	else
282	rv[i] = fname[i];
283	i++;
284	}
285	rv[i] = '\0';
286
287	return rv;
288	}
289
290	void invalid_filename(const char *fname, int globbing) {	268	void invalid_filename(const char *fname, int globbing) {
291	// EUID_ASSERT();	269	// EUID_ASSERT();
292	assert(fname);	270	assert(fname);
@@ -304,24 +282,5 @@ void invalid_filename(const char *fname, int globbing) {
304	return;	282	return;
305	}	283	}
306		284
307	size_t i = 0;	285	reject_meta_chars(ptr, globbing);
308	while (ptr[i] != '\0') {
309	if (iscntrl((unsigned char) ptr[i])) {
310	char *new = fix_control_chars(fname);
311	fprintf(stderr, "Error: \"%s\" is an invalid filename: no control characters allowed\n", new);
312	exit(1);
313	}
314	i++;
315	}
316
317	char *reject;
318	if (globbing)
319	reject = "\\&!\"<>%^{};,"; // file globbing ('*?[]') is allowed
320	else
321	reject = "\\&!?\"<>%^{};,*[]";
322	char *c = strpbrk(ptr, reject);
323	if (c) {
324	fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", fname, *c);
325	exit(1);
326	}
327	}	286	}