refactor meta character filtering

author: smitsohu <smitsohu@gmail.com> 2022-03-10 14:43:17 +0100
committer: smitsohu <smitsohu@gmail.com> 2022-03-10 14:43:17 +0100
commit: 4d3d3270883140535cc6ea5a190aebdf6f3dc120 (patch)
tree: 7bae03cfce71b7f13bba30fe907354d97d40df74 /src/lib/common.c
parent: RELNOTES: add warning about allow-tray (diff)
download: firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.gz
firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.zst
firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.zip
1 files changed, 60 insertions, 0 deletions
diff --git a/src/lib/common.c b/src/lib/common.c
index 91d5125b1..8e84fab26 100644
--- a/src/lib/common.c
+++ b/src/lib/common.c
@@ -321,6 +321,66 @@ const char *gnu_basename(const char *path) {
        return last_slash+1;
 }
+char *do_replace_cntrl_chars(char *str, char c) {
+        if (str) {
+                size_t i;
+                for (i = 0; str[i]; i++) {
+                        if (iscntrl((unsigned char) str[i]))
+                                str[i] = c;
+                }
+        }
+        return str;
+}
+char *replace_cntrl_chars(const char *str, char c) {
+        assert(str);
+        char *rv = strdup(str);
+        if (!rv)
+                errExit("strdup");
+        do_replace_cntrl_chars(rv, c);
+        return rv;
+}
+int has_cntrl_chars(const char *str) {
+        assert(str);
+        size_t i;
+        for (i = 0; str[i]; i++) {
+                if (iscntrl((unsigned char) str[i]))
+                        return 1;
+        }
+        return 0;
+}
+void reject_cntrl_chars(const char *fname) {
+        assert(fname);
+        if (has_cntrl_chars(fname)) {
+                char *fname_print = replace_cntrl_chars(fname, '?');
+                fprintf(stderr, "Error: \"%s\" is an invalid filename: no control characters are allowed\n", fname_print);
+                exit(1);
+        }
+}
+void reject_meta_chars(const char *fname, int globbing) {
+        assert(fname);
+        reject_cntrl_chars(fname);
+        const char *reject = "\\&!?\"<>%^{};,*[]";
+        if (globbing)
+                reject = "\\&!\"<>%^{};,"; // file globbing ('*?[]') is allowed
+        const char *c = strpbrk(fname, reject);
+        if (c) {
+                fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", fname, *c);
+                exit(1);
+        }
+}
 // takes string with comma separated int values, returns int array
 int *str_to_int_array(const char *str, size_t *sz) {
        assert(str && sz);
author	smitsohu <smitsohu@gmail.com>	2022-03-10 14:43:17 +0100
committer	smitsohu <smitsohu@gmail.com>	2022-03-10 14:43:17 +0100
commit	4d3d3270883140535cc6ea5a190aebdf6f3dc120 (patch)
tree	7bae03cfce71b7f13bba30fe907354d97d40df74 /src/lib/common.c
parent	RELNOTES: add warning about allow-tray (diff)
download	firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.gz firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.tar.zst firejail-4d3d3270883140535cc6ea5a190aebdf6f3dc120.zip

diff --git a/src/lib/common.c b/src/lib/common.c index 91d5125b1..8e84fab26 100644 --- a/src/lib/common.c +++ b/src/lib/common.c
@@ -321,6 +321,66 @@ const char gnu_basename(const char path) {
321	return last_slash+1;	321	return last_slash+1;
322	}	322	}
323		323
		324	char do_replace_cntrl_chars(char str, char c) {
		325	if (str) {
		326	size_t i;
		327	for (i = 0; str[i]; i++) {
		328	if (iscntrl((unsigned char) str[i]))
		329	str[i] = c;
		330	}
		331	}
		332	return str;
		333	}
		334
		335	char replace_cntrl_chars(const char str, char c) {
		336	assert(str);
		337
		338	char *rv = strdup(str);
		339	if (!rv)
		340	errExit("strdup");
		341
		342	do_replace_cntrl_chars(rv, c);
		343	return rv;
		344	}
		345
		346	int has_cntrl_chars(const char *str) {
		347	assert(str);
		348
		349	size_t i;
		350	for (i = 0; str[i]; i++) {
		351	if (iscntrl((unsigned char) str[i]))
		352	return 1;
		353	}
		354	return 0;
		355	}
		356
		357	void reject_cntrl_chars(const char *fname) {
		358	assert(fname);
		359
		360	if (has_cntrl_chars(fname)) {
		361	char *fname_print = replace_cntrl_chars(fname, '?');
		362
		363	fprintf(stderr, "Error: \"%s\" is an invalid filename: no control characters are allowed\n", fname_print);
		364	exit(1);
		365	}
		366	}
		367
		368	void reject_meta_chars(const char *fname, int globbing) {
		369	assert(fname);
		370
		371	reject_cntrl_chars(fname);
		372
		373	const char reject = "\\&!?\"<>%^{};,[]";
		374	if (globbing)
		375	reject = "\\&!\"<>%^{};,"; // file globbing ('*?[]') is allowed
		376
		377	const char *c = strpbrk(fname, reject);
		378	if (c) {
		379	fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", fname, *c);
		380	exit(1);
		381	}
		382	}
		383
324	// takes string with comma separated int values, returns int array	384	// takes string with comma separated int values, returns int array
325	int str_to_int_array(const char str, size_t *sz) {	385	int str_to_int_array(const char str, size_t *sz) {
326	assert(str && sz);	386	assert(str && sz);