diff options
author | smitsohu <smitsohu@gmail.com> | 2022-03-10 14:44:45 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2022-03-10 15:30:56 +0100 |
commit | 4a94b6d6e23cd85be16911d6368f2547d401553b (patch) | |
tree | 15366add31388d7c812a915acb29368b330101f1 /src | |
parent | refactor meta character filtering (diff) | |
download | firejail-4a94b6d6e23cd85be16911d6368f2547d401553b.tar.gz firejail-4a94b6d6e23cd85be16911d6368f2547d401553b.tar.zst firejail-4a94b6d6e23cd85be16911d6368f2547d401553b.zip |
ls: add control character filtering (similar to cat option)
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/ls.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 7207d1087..4156a7b25 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -46,7 +46,8 @@ static void print_file_or_dir(const char *path, const char *fname) { | |||
46 | struct stat s; | 46 | struct stat s; |
47 | if (stat(name, &s) == -1) { | 47 | if (stat(name, &s) == -1) { |
48 | if (lstat(name, &s) == -1) { | 48 | if (lstat(name, &s) == -1) { |
49 | printf("Error: cannot access %s\n", name); | 49 | printf("Error: cannot access %s\n", do_replace_cntrl_chars(name, '?')); |
50 | free(name); | ||
50 | return; | 51 | return; |
51 | } | 52 | } |
52 | } | 53 | } |
@@ -151,12 +152,17 @@ static void print_file_or_dir(const char *path, const char *fname) { | |||
151 | if (allocated) | 152 | if (allocated) |
152 | free(groupname); | 153 | free(groupname); |
153 | 154 | ||
155 | // file size | ||
154 | char *sz; | 156 | char *sz; |
155 | if (asprintf(&sz, "%d", (int) s.st_size) == -1) | 157 | if (asprintf(&sz, "%d", (int) s.st_size) == -1) |
156 | errExit("asprintf"); | 158 | errExit("asprintf"); |
157 | printf("%11.10s %s\n", sz, fname); | ||
158 | free(sz); | ||
159 | 159 | ||
160 | // file name | ||
161 | char *fname_print = replace_cntrl_chars(fname, '?'); | ||
162 | |||
163 | printf("%11.10s %s\n", sz, fname_print); | ||
164 | free(sz); | ||
165 | free(fname_print); | ||
160 | } | 166 | } |
161 | 167 | ||
162 | static void print_directory(const char *path) { | 168 | static void print_directory(const char *path) { |
@@ -192,13 +198,15 @@ void ls(const char *path) { | |||
192 | fprintf(stderr, "Error: cannot access %s\n", path); | 198 | fprintf(stderr, "Error: cannot access %s\n", path); |
193 | exit(1); | 199 | exit(1); |
194 | } | 200 | } |
201 | |||
202 | // debug doesn't filter control characters currently | ||
195 | if (arg_debug) | 203 | if (arg_debug) |
196 | printf("ls %s\n", rp); | 204 | printf("ls %s\n", rp); |
197 | 205 | ||
198 | // list directory contents | 206 | // list directory contents |
199 | struct stat s; | 207 | struct stat s; |
200 | if (stat(rp, &s) == -1) { | 208 | if (stat(rp, &s) == -1) { |
201 | fprintf(stderr, "Error: cannot access %s\n", rp); | 209 | fprintf(stderr, "Error: cannot access %s\n", do_replace_cntrl_chars(rp, '?')); |
202 | exit(1); | 210 | exit(1); |
203 | } | 211 | } |
204 | if (S_ISDIR(s.st_mode)) | 212 | if (S_ISDIR(s.st_mode)) |
@@ -237,13 +245,13 @@ void cat(const char *path) { | |||
237 | fprintf(stderr, "Error: %s is not a regular file\n", path); | 245 | fprintf(stderr, "Error: %s is not a regular file\n", path); |
238 | exit(1); | 246 | exit(1); |
239 | } | 247 | } |
240 | bool tty = isatty(STDOUT_FILENO); | 248 | int tty = isatty(STDOUT_FILENO); |
241 | 249 | ||
242 | int c; | 250 | int c; |
243 | while ((c = fgetc(fp)) != EOF) { | 251 | while ((c = fgetc(fp)) != EOF) { |
244 | // file is untrusted | 252 | // file is untrusted |
245 | // replace control characters when printing to a terminal | 253 | // replace control characters when printing to a terminal |
246 | if (tty && c != '\t' && c != '\n' && iscntrl((unsigned char) c)) | 254 | if (tty && iscntrl((unsigned char) c) && c != '\t' && c != '\n') |
247 | c = '?'; | 255 | c = '?'; |
248 | fputc(c, stdout); | 256 | fputc(c, stdout); |
249 | } | 257 | } |
@@ -325,7 +333,6 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
325 | // redirection | 333 | // redirection |
326 | if (dup2(fd, STDOUT_FILENO) == -1) | 334 | if (dup2(fd, STDOUT_FILENO) == -1) |
327 | errExit("dup2"); | 335 | errExit("dup2"); |
328 | assert(fd != STDOUT_FILENO); | ||
329 | close(fd); | 336 | close(fd); |
330 | op = SANDBOX_FS_CAT; | 337 | op = SANDBOX_FS_CAT; |
331 | } | 338 | } |