mainline merge: clean homedir pathname

author: startx2017 <vradu.startx@yandex.com> 2018-10-17 19:07:46 -0400
committer: startx2017 <vradu.startx@yandex.com> 2018-10-17 19:07:46 -0400
commit: df7591d850176fc4d6e0def4e00a32f4cdb658f4 (patch)
tree: 73cc91117c34963003c950b59d06e889f7ae7cb9 /src
parent: mainline merge: allow overriding of disable-mnt with noblacklist (diff)
download: firejail-df7591d850176fc4d6e0def4e00a32f4cdb658f4.tar.gz
firejail-df7591d850176fc4d6e0def4e00a32f4cdb658f4.tar.zst
firejail-df7591d850176fc4d6e0def4e00a32f4cdb658f4.zip
3 files changed, 36 insertions, 3 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 91636b755..3e55139b3 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -479,6 +479,7 @@ int is_link(const char *fname);
 void trim_trailing_slash_or_dot(char *path);
 char *line_remove_spaces(const char *buf);
 char *split_comma(char *str);
+char *clean_pathname(const char *path);
 void check_unsigned(const char *str, const char *msg);
 int find_child(pid_t parent, pid_t *child);
 void check_private_dir(void);
diff --git a/src/firejail/main.c b/src/firejail/main.c
index ba6b98191..bc5360ba7 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -212,9 +212,8 @@ static void init_cfg(int argc, char **argv) {
        // build home directory name
        cfg.homedir = NULL;
        if (pw->pw_dir != NULL) {
-                cfg.homedir = strdup(pw->pw_dir);
+                cfg.homedir = clean_pathname(pw->pw_dir);
-                if (!cfg.homedir)
+                assert(cfg.homedir);
-                        errExit("strdup");
        }
        else {
                fprintf(stderr, "Error: user %s doesn't have a user directory assigned\n", cfg.username);
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 4a164901d..c1a680dd4 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -532,6 +532,39 @@ char *split_comma(char *str) {
        return ptr;
 }
+// remove consecutive and trailing slashes
+// and return allocated memory
+// e.g. /home//user/ -> /home/user
+char *clean_pathname(const char *path) {
+        assert(path);
+        size_t len = strlen(path);
+        char *rv = calloc(len + 1, 1);
+        if (!rv)
+                errExit("calloc");
+        if (len > 0) {
+                int i, j, cnt;
+                for (i = 0, j = 0, cnt = 0; i < len; i++) {
+                        if (path[i] == '/')
+                                cnt++;
+                        else
+                                cnt = 0;
+                        if (cnt < 2) {
+                                rv[j] = path[i];
+                                j++;
+                        }
+                }
+                // remove a trailing slash
+                if (j > 1 && rv[j - 1] == '/')
+                        rv[j - 1] = '\0';
+                size_t new_len = strlen(rv);
+                if (new_len < len) {
+                        rv = realloc(rv, new_len + 1);
+                        if (!rv)
+                                errExit("realloc");
+                }
+        }
+        return rv;
+}
 void check_unsigned(const char *str, const char *msg) {
        EUID_ASSERT();
author	startx2017 <vradu.startx@yandex.com>	2018-10-17 19:07:46 -0400
committer	startx2017 <vradu.startx@yandex.com>	2018-10-17 19:07:46 -0400
commit	df7591d850176fc4d6e0def4e00a32f4cdb658f4 (patch)
tree	73cc91117c34963003c950b59d06e889f7ae7cb9 /src
parent	mainline merge: allow overriding of disable-mnt with noblacklist (diff)
download	firejail-df7591d850176fc4d6e0def4e00a32f4cdb658f4.tar.gz firejail-df7591d850176fc4d6e0def4e00a32f4cdb658f4.tar.zst firejail-df7591d850176fc4d6e0def4e00a32f4cdb658f4.zip

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 91636b755..3e55139b3 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -479,6 +479,7 @@ int is_link(const char *fname);
479	void trim_trailing_slash_or_dot(char *path);	479	void trim_trailing_slash_or_dot(char *path);
480	char line_remove_spaces(const char buf);	480	char line_remove_spaces(const char buf);
481	char split_comma(char str);	481	char split_comma(char str);
		482	char clean_pathname(const char path);
482	void check_unsigned(const char str, const char msg);	483	void check_unsigned(const char str, const char msg);
483	int find_child(pid_t parent, pid_t *child);	484	int find_child(pid_t parent, pid_t *child);
484	void check_private_dir(void);	485	void check_private_dir(void);


diff --git a/src/firejail/main.c b/src/firejail/main.c index ba6b98191..bc5360ba7 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -212,9 +212,8 @@ static void init_cfg(int argc, char **argv) {
212	// build home directory name	212	// build home directory name
213	cfg.homedir = NULL;	213	cfg.homedir = NULL;
214	if (pw->pw_dir != NULL) {	214	if (pw->pw_dir != NULL) {
215	cfg.homedir = strdup(pw->pw_dir);	215	cfg.homedir = clean_pathname(pw->pw_dir);
216	if (!cfg.homedir)	216	assert(cfg.homedir);
217	errExit("strdup");
218	}	217	}
219	else {	218	else {
220	fprintf(stderr, "Error: user %s doesn't have a user directory assigned\n", cfg.username);	219	fprintf(stderr, "Error: user %s doesn't have a user directory assigned\n", cfg.username);


diff --git a/src/firejail/util.c b/src/firejail/util.c index 4a164901d..c1a680dd4 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c
@@ -532,6 +532,39 @@ char split_comma(char str) {
532	return ptr;	532	return ptr;
533	}	533	}
534		534
		535	// remove consecutive and trailing slashes
		536	// and return allocated memory
		537	// e.g. /home//user/ -> /home/user
		538	char clean_pathname(const char path) {
		539	assert(path);
		540	size_t len = strlen(path);
		541	char *rv = calloc(len + 1, 1);
		542	if (!rv)
		543	errExit("calloc");
		544	if (len > 0) {
		545	int i, j, cnt;
		546	for (i = 0, j = 0, cnt = 0; i < len; i++) {
		547	if (path[i] == '/')
		548	cnt++;
		549	else
		550	cnt = 0;
		551	if (cnt < 2) {
		552	rv[j] = path[i];
		553	j++;
		554	}
		555	}
		556	// remove a trailing slash
		557	if (j > 1 && rv[j - 1] == '/')
		558	rv[j - 1] = '\0';
		559	size_t new_len = strlen(rv);
		560	if (new_len < len) {
		561	rv = realloc(rv, new_len + 1);
		562	if (!rv)
		563	errExit("realloc");
		564	}
		565	}
		566	return rv;
		567	}
535		568
536	void check_unsigned(const char str, const char msg) {	569	void check_unsigned(const char str, const char msg) {
537	EUID_ASSERT();	570	EUID_ASSERT();