diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-03-20 20:31:55 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-03-21 14:39:02 -0300 |
commit | f95bbb6f6e517f43fd0f3d7129f238fe817beca4 (patch) | |
tree | 9b244163b28e6ebb033e2477339f827575850e15 /src | |
parent | firejail.h: move invalid_name prototype to proper place (diff) | |
download | firejail-f95bbb6f6e517f43fd0f3d7129f238fe817beca4.tar.gz firejail-f95bbb6f6e517f43fd0f3d7129f238fe817beca4.tar.zst firejail-f95bbb6f6e517f43fd0f3d7129f238fe817beca4.zip |
util.c: add and use ascii-only char functions
The "invalid_name" function claims to "allow strict ASCII letters and
numbers".
However, it uses isalnum(3) and isdigit(3), which may take the current
locale into account and thus return 1 for non-ASCII characters.
So add the following functions:
* ascii_isalnum
* ascii_isalpha
* ascii_isdigit
* ascii_islower
* ascii_isupper
* ascii_isxdigit
And use the applicable ones in "invalid_name" so that it actually uses
strictly ASCII in its comparisons.
Added on commit b4ffaa207 ("merges; more on cleaning up esc chars",
2023-02-14).
Relates to #5578.
Kind of relates to #5708.
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/firejail.h | 6 | ||||
-rw-r--r-- | src/firejail/util.c | 31 |
2 files changed, 35 insertions, 2 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 76f1a12a0..2cde75463 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -580,6 +580,12 @@ int has_handler(pid_t pid, int signal); | |||
580 | void enter_network_namespace(pid_t pid); | 580 | void enter_network_namespace(pid_t pid); |
581 | int read_pid(const char *name, pid_t *pid); | 581 | int read_pid(const char *name, pid_t *pid); |
582 | pid_t require_pid(const char *name); | 582 | pid_t require_pid(const char *name); |
583 | int ascii_isalnum(unsigned char c); | ||
584 | int ascii_isalpha(unsigned char c); | ||
585 | int ascii_isdigit(unsigned char c); | ||
586 | int ascii_islower(unsigned char c); | ||
587 | int ascii_isupper(unsigned char c); | ||
588 | int ascii_isxdigit(unsigned char c); | ||
583 | int invalid_name(const char *name); | 589 | int invalid_name(const char *name); |
584 | void check_homedir(const char *dir); | 590 | void check_homedir(const char *dir); |
585 | 591 | ||
diff --git a/src/firejail/util.c b/src/firejail/util.c index cda99e432..b2a0c85f1 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -1448,15 +1448,42 @@ static int has_link(const char *dir) { | |||
1448 | return 0; | 1448 | return 0; |
1449 | } | 1449 | } |
1450 | 1450 | ||
1451 | int ascii_isalnum(unsigned char c) { | ||
1452 | return (ascii_isalpha(c) || ascii_isdigit(c)); | ||
1453 | } | ||
1454 | |||
1455 | int ascii_isalpha(unsigned char c) { | ||
1456 | return (ascii_islower(c) || ascii_isupper(c)); | ||
1457 | } | ||
1458 | |||
1459 | int ascii_isdigit(unsigned char c) { | ||
1460 | return (c >= '0' && c <= '9'); | ||
1461 | } | ||
1462 | |||
1463 | int ascii_islower(unsigned char c) { | ||
1464 | return (c >= 'a' && c <= 'z'); | ||
1465 | } | ||
1466 | |||
1467 | int ascii_isupper(unsigned char c) { | ||
1468 | return (c >= 'A' && c <= 'Z'); | ||
1469 | } | ||
1470 | |||
1471 | int ascii_isxdigit(unsigned char c) { | ||
1472 | int ret = (ascii_isdigit(c) || | ||
1473 | (c >= 'a' && c <= 'f') || | ||
1474 | (c >= 'A' && c <= 'F')); | ||
1475 | return ret; | ||
1476 | } | ||
1477 | |||
1451 | // allow strict ASCII letters and numbers; names with only numbers are rejected; spaces are rejected | 1478 | // allow strict ASCII letters and numbers; names with only numbers are rejected; spaces are rejected |
1452 | int invalid_name(const char *name) { | 1479 | int invalid_name(const char *name) { |
1453 | const char *c = name; | 1480 | const char *c = name; |
1454 | 1481 | ||
1455 | int only_numbers = 1; | 1482 | int only_numbers = 1; |
1456 | while (*c) { | 1483 | while (*c) { |
1457 | if (!isalnum(*c)) | 1484 | if (!ascii_isalnum(*c)) |
1458 | return 1; | 1485 | return 1; |
1459 | if (!isdigit(*c)) | 1486 | if (!ascii_isdigit(*c)) |
1460 | only_numbers = 0; | 1487 | only_numbers = 0; |
1461 | ++c; | 1488 | ++c; |
1462 | } | 1489 | } |