diff options
author | 2023-06-13 19:12:16 -0300 | |
---|---|---|
committer | 2023-06-13 21:25:35 -0300 | |
commit | a51968336dfa869be765e7109948725582971319 (patch) | |
tree | 7837f49c388355554f32ff8df660bb599e24ec35 /src | |
parent | Standardize name/hostname checks (diff) | |
download | firejail-a51968336dfa869be765e7109948725582971319.tar.gz firejail-a51968336dfa869be765e7109948725582971319.tar.zst firejail-a51968336dfa869be765e7109948725582971319.zip |
Add missing name/hostname checks
Note that the sandbox name may also be set through the "join-or-start"
option.
Relates to #5578 #5708.
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 4 | ||||
-rw-r--r-- | src/firejail/profile.c | 12 |
2 files changed, 16 insertions, 0 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index df1c81f3a..070eb47f3 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -2837,6 +2837,10 @@ int main(int argc, char **argv, char **envp) { | |||
2837 | fprintf(stderr, "Error: invalid sandbox name: cannot be empty\n"); | 2837 | fprintf(stderr, "Error: invalid sandbox name: cannot be empty\n"); |
2838 | return 1; | 2838 | return 1; |
2839 | } | 2839 | } |
2840 | if (invalid_name(cfg.name)) { | ||
2841 | fprintf(stderr, "Error: invalid sandbox name\n"); | ||
2842 | return 1; | ||
2843 | } | ||
2840 | } | 2844 | } |
2841 | else if (strcmp(argv[i], "--deterministic-exit-code") == 0) { | 2845 | else if (strcmp(argv[i], "--deterministic-exit-code") == 0) { |
2842 | arg_deterministic_exit_code = 1; | 2846 | arg_deterministic_exit_code = 1; |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 139ce0580..ae881664b 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -1156,6 +1156,14 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
1156 | // hostname | 1156 | // hostname |
1157 | if (strncmp(ptr, "hostname ", 9) == 0) { | 1157 | if (strncmp(ptr, "hostname ", 9) == 0) { |
1158 | cfg.hostname = ptr + 9; | 1158 | cfg.hostname = ptr + 9; |
1159 | if (strlen(cfg.hostname) == 0) { | ||
1160 | fprintf(stderr, "Error: invalid hostname: cannot be empty\n"); | ||
1161 | exit(1); | ||
1162 | } | ||
1163 | if (invalid_name(cfg.hostname)) { | ||
1164 | fprintf(stderr, "Error: invalid hostname\n"); | ||
1165 | exit(1); | ||
1166 | } | ||
1159 | return 0; | 1167 | return 0; |
1160 | } | 1168 | } |
1161 | 1169 | ||
@@ -1641,6 +1649,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
1641 | fprintf(stderr, "Error: invalid sandbox name: cannot be empty\n"); | 1649 | fprintf(stderr, "Error: invalid sandbox name: cannot be empty\n"); |
1642 | exit(1); | 1650 | exit(1); |
1643 | } | 1651 | } |
1652 | if (invalid_name(cfg.name)) { | ||
1653 | fprintf(stderr, "Error: invalid sandbox name\n"); | ||
1654 | exit(1); | ||
1655 | } | ||
1644 | } | 1656 | } |
1645 | else | 1657 | else |
1646 | warning_feature_disabled("join"); | 1658 | warning_feature_disabled("join"); |