diff options
-rw-r--r-- | src/firejail/fs_whitelist.c | 48 |
1 files changed, 36 insertions, 12 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index df0c21e12..8d7d45c13 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -371,9 +371,13 @@ void fs_whitelist(void) { | |||
371 | // resolve ${DOWNLOADS} | 371 | // resolve ${DOWNLOADS} |
372 | if (strcmp(dataptr, "${DOWNLOADS}") == 0) { | 372 | if (strcmp(dataptr, "${DOWNLOADS}") == 0) { |
373 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOWNLOAD_DIR=\"$HOME/", 24, "Downloads"); | 373 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOWNLOAD_DIR=\"$HOME/", 24, "Downloads"); |
374 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 374 | char *tmpw1 = NULL; |
375 | if (tmp1 != NULL) | ||
376 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
375 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, dentry, "Downloads"); | 377 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, dentry, "Downloads"); |
376 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 378 | char *tmpw2 = NULL; |
379 | if (tmp2 != NULL) | ||
380 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
377 | if (tmp1 && tmpw1) { | 381 | if (tmp1 && tmpw1) { |
378 | entry->data = tmpw1; | 382 | entry->data = tmpw1; |
379 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 383 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -398,9 +402,13 @@ void fs_whitelist(void) { | |||
398 | // resolve ${MUSIC} | 402 | // resolve ${MUSIC} |
399 | if (strcmp(dataptr, "${MUSIC}") == 0) { | 403 | if (strcmp(dataptr, "${MUSIC}") == 0) { |
400 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_MUSIC_DIR=\"$HOME/", 21, "Music"); | 404 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_MUSIC_DIR=\"$HOME/", 21, "Music"); |
401 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 405 | char *tmpw1 = NULL; |
406 | if (tmp1 != NULL) | ||
407 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
402 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, mentry, "Music"); | 408 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, mentry, "Music"); |
403 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 409 | char *tmpw2 = NULL; |
410 | if (tmp2 != NULL) | ||
411 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
404 | if (tmp1 && tmpw1) { | 412 | if (tmp1 && tmpw1) { |
405 | entry->data = tmpw1; | 413 | entry->data = tmpw1; |
406 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 414 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -425,9 +433,13 @@ void fs_whitelist(void) { | |||
425 | // resolve ${VIDEOS} | 433 | // resolve ${VIDEOS} |
426 | if (strcmp(dataptr, "${VIDEOS}") == 0) { | 434 | if (strcmp(dataptr, "${VIDEOS}") == 0) { |
427 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_VIDEOS_DIR=\"$HOME/", 22, "Videos"); | 435 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_VIDEOS_DIR=\"$HOME/", 22, "Videos"); |
428 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 436 | char *tmpw1 = NULL; |
437 | if (tmp1 != NULL) | ||
438 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
429 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, ventry, "Videos"); | 439 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, ventry, "Videos"); |
430 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 440 | char *tmpw2 = NULL; |
441 | if (tmp2 != NULL) | ||
442 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
431 | if (tmp1 && tmpw1) { | 443 | if (tmp1 && tmpw1) { |
432 | entry->data = tmpw1; | 444 | entry->data = tmpw1; |
433 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 445 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -452,9 +464,13 @@ void fs_whitelist(void) { | |||
452 | // resolve ${PICTURES} | 464 | // resolve ${PICTURES} |
453 | if (strcmp(dataptr, "${PICTURES}") == 0) { | 465 | if (strcmp(dataptr, "${PICTURES}") == 0) { |
454 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_PICTURES_DIR=\"$HOME/", 24, "Pictures"); | 466 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_PICTURES_DIR=\"$HOME/", 24, "Pictures"); |
455 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 467 | char *tmpw1 = NULL; |
468 | if (tmp1 != NULL) | ||
469 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
456 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, pentry, "Pictures"); | 470 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, pentry, "Pictures"); |
457 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 471 | char *tmpw2 = NULL; |
472 | if (tmp2 != NULL) | ||
473 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
458 | if (tmp1 && tmpw1) { | 474 | if (tmp1 && tmpw1) { |
459 | entry->data = tmpw1; | 475 | entry->data = tmpw1; |
460 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 476 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -479,9 +495,13 @@ void fs_whitelist(void) { | |||
479 | // resolve ${DESKTOP} | 495 | // resolve ${DESKTOP} |
480 | if (strcmp(dataptr, "${DESKTOP}") == 0) { | 496 | if (strcmp(dataptr, "${DESKTOP}") == 0) { |
481 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DESKTOP_DIR=\"$HOME/", 24, "Desktop"); | 497 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DESKTOP_DIR=\"$HOME/", 24, "Desktop"); |
482 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 498 | char *tmpw1 = NULL; |
499 | if (tmp1 != NULL) | ||
500 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
483 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, deentry, "Desktop"); | 501 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, deentry, "Desktop"); |
484 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 502 | char *tmpw2 = NULL; |
503 | if (tmp2 != NULL) | ||
504 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
485 | if (tmp1 && tmpw1) { | 505 | if (tmp1 && tmpw1) { |
486 | entry->data = tmpw1; | 506 | entry->data = tmpw1; |
487 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 507 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
@@ -506,9 +526,13 @@ void fs_whitelist(void) { | |||
506 | // resolve ${DOCUMENTS} | 526 | // resolve ${DOCUMENTS} |
507 | if (strcmp(dataptr, "${DOCUMENTS}") == 0) { | 527 | if (strcmp(dataptr, "${DOCUMENTS}") == 0) { |
508 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOCUMENTS_DIR=\"$HOME/", 25, "Documents"); | 528 | char *tmp1 = resolve_xdg(arg_debug || arg_debug_whitelists, "XDG_DOCUMENTS_DIR=\"$HOME/", 25, "Documents"); |
509 | char *tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | 529 | char *tmpw1 = NULL; |
530 | if (tmp1 != NULL) | ||
531 | tmpw1 = parse_nowhitelist(nowhitelist_flag, tmp1); | ||
510 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, doentry, "Documents"); | 532 | char *tmp2 = resolve_hardcoded(arg_debug || arg_debug_whitelists, doentry, "Documents"); |
511 | char *tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | 533 | char *tmpw2 = NULL; |
534 | if (tmp2 != NULL) | ||
535 | tmpw2 = parse_nowhitelist(nowhitelist_flag, tmp2); | ||
512 | if (tmp1 && tmpw1) { | 536 | if (tmp1 && tmpw1) { |
513 | entry->data = tmpw1; | 537 | entry->data = tmpw1; |
514 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 538 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |