diff options
author | 2023-01-15 05:50:31 -0500 | |
---|---|---|
committer | 2023-01-15 05:50:31 -0500 | |
commit | ab4bd9c707cd3e872039abd00b3274a01d7dd1c2 (patch) | |
tree | 157e46011a126ef194595350dd5efe743c8d2c4a /src/lib/pid.c | |
parent | RELNOTES: add related PR to --apparmor= item (diff) | |
download | firejail-ab4bd9c707cd3e872039abd00b3274a01d7dd1c2.tar.gz firejail-ab4bd9c707cd3e872039abd00b3274a01d7dd1c2.tar.zst firejail-ab4bd9c707cd3e872039abd00b3274a01d7dd1c2.zip |
Escape control characters
Names and commands can contain control characters:
```
firejail --name="$(echo -e '\e[31mRed\n\b\b\bText\e[0m')" sleep 10s
```
results in "Text" printed in red.
Prevent commands like `--tree` to control the terminal.
Diffstat (limited to 'src/lib/pid.c')
-rw-r--r-- | src/lib/pid.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/lib/pid.c b/src/lib/pid.c index 5e9b20c94..cb9686648 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
@@ -197,6 +197,12 @@ static void print_elem(unsigned index, int nowrap) { | |||
197 | char *user = pid_get_user_name(uid); | 197 | char *user = pid_get_user_name(uid); |
198 | char *user_allocated = user; | 198 | char *user_allocated = user; |
199 | 199 | ||
200 | char *cmd_escape = escape_cntrl_chars(cmd); | ||
201 | if (cmd_escape) { | ||
202 | free(cmd); | ||
203 | cmd = cmd_escape; | ||
204 | } | ||
205 | |||
200 | // extract sandbox name - pid == index | 206 | // extract sandbox name - pid == index |
201 | char *sandbox_name = ""; | 207 | char *sandbox_name = ""; |
202 | char *sandbox_name_allocated = NULL; | 208 | char *sandbox_name_allocated = NULL; |
@@ -224,7 +230,15 @@ static void print_elem(unsigned index, int nowrap) { | |||
224 | } | 230 | } |
225 | free(fname); | 231 | free(fname); |
226 | 232 | ||
227 | if (user ==NULL) | 233 | char *sandbox_name_escape = escape_cntrl_chars(sandbox_name); |
234 | if (sandbox_name_escape) { | ||
235 | if (sandbox_name_allocated) | ||
236 | free(sandbox_name_allocated); | ||
237 | sandbox_name = sandbox_name_escape; | ||
238 | sandbox_name_allocated = sandbox_name; | ||
239 | } | ||
240 | |||
241 | if (user == NULL) | ||
228 | user = ""; | 242 | user = ""; |
229 | if (cmd) { | 243 | if (cmd) { |
230 | if (col < 4 || nowrap) | 244 | if (col < 4 || nowrap) |