9 files changed, 15 insertions, 17 deletions

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 441042233..85a4fbddb 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -496,7 +496,7 @@ int arp_check(const char *dev, uint32_t destaddr);
 uint32_t arp_assign(const char *dev, Bridge *br);
 
 // macros.c
-char *expand_home(const char *path, const char *homedir);
+char *expand_macros(const char *path);
 char *resolve_macro(const char *name);
 void invalid_filename(const char *fname, int globbing);
 int is_macro(const char *name);
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 9f0dac4e0..f70c5ac8a 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -257,8 +257,6 @@ static void globbing(OPERATION op, const char *pattern, const char *noblacklist[
 
 // blacklist files or directories by mounting empty files on top of them
 void fs_blacklist(void) {
-        char *homedir = cfg.homedir;
-        assert(homedir);
         ProfileEntry *entry = cfg.profile;
         if (!entry)
                 return;
@@ -335,7 +333,7 @@ void fs_blacklist(void) {
                                 enames = calloc(2, sizeof(char *));
                                 if (!enames)
                                         errExit("calloc");
-                                enames[0] = expand_home(entry->data + 12, homedir);
+                                enames[0] = expand_macros(entry->data + 12);
                                 assert(enames[1] == 0);
                         }
 
@@ -401,7 +399,7 @@ void fs_blacklist(void) {
                 }
 
                 // replace home macro in blacklist array
-                char *new_name = expand_home(ptr, homedir);
+                char *new_name = expand_macros(ptr);
                 ptr = new_name;
 
                 // expand path macro - look for the file in /usr/local/bin,  /usr/local/sbin, /bin, /usr/bin, /sbin and  /usr/sbin directories
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index 42c67452c..47261d7c1 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -355,7 +355,7 @@ void fs_check_private_dir(void) {
         invalid_filename(cfg.home_private, 0); // no globbing
 
         // Expand the home directory
-        char *tmp = expand_home(cfg.home_private, cfg.homedir);
+        char *tmp = expand_macros(cfg.home_private);
         cfg.home_private = realpath(tmp, NULL);
         free(tmp);
 
@@ -378,7 +378,7 @@ static char *check_dir_or_file(const char *name) {
                 printf("Private home: checking %s\n", name);
 
         // expand home directory
-        char *fname = expand_home(name, cfg.homedir);
+        char *fname = expand_macros(name);
         assert(fname);
 
         // If it doesn't start with '/', it must be relative to homedir
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c
index 1884f6597..1fbb073f4 100644
--- a/src/firejail/fs_hostname.c
+++ b/src/firejail/fs_hostname.c
@@ -189,7 +189,7 @@ void fs_resolvconf(void) {
 char *fs_check_hosts_file(const char *fname) {
         assert(fname);
         invalid_filename(fname, 0); // no globbing
-        char *rv = expand_home(fname, cfg.homedir);
+        char *rv = expand_macros(fname);
 
         // no a link
         if (is_link(rv))
diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c
index b66068a95..913f7502d 100644
--- a/src/firejail/fs_mkdir.c
+++ b/src/firejail/fs_mkdir.c
@@ -60,7 +60,7 @@ void fs_mkdir(const char *name) {
 
         // check directory name
         invalid_filename(name, 0); // no globbing
-        char *expanded = expand_home(name, cfg.homedir);
+        char *expanded = expand_macros(name);
         if (strncmp(expanded, cfg.homedir, strlen(cfg.homedir)) != 0 &&
             strncmp(expanded, "/tmp", 4) != 0) {
                 fprintf(stderr, "Error: only directories in user home or /tmp are supported by mkdir\n");
@@ -100,7 +100,7 @@ void fs_mkfile(const char *name) {
 
         // check file name
         invalid_filename(name, 0); // no globbing
-        char *expanded = expand_home(name, cfg.homedir);
+        char *expanded = expand_macros(name);
         if (strncmp(expanded, cfg.homedir, strlen(cfg.homedir)) != 0 &&
             strncmp(expanded, "/tmp", 4) != 0) {
                 fprintf(stderr, "Error: only files in user home or /tmp are supported by mkfile\n");
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index 454715a71..8ef948239 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -368,7 +368,7 @@ void fs_whitelist(void) {
                 char *dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10;
 
                 // replace ~/ or ${HOME} into /home/username or resolve macro
-                new_name = expand_home(dataptr, cfg.homedir);
+                new_name = expand_macros(dataptr);
                 assert(new_name);
 
                 // mount empty home directory if resolving the macro was not successful
diff --git a/src/firejail/macros.c b/src/firejail/macros.c
index 4bf3d3589..59b5db3d8 100644
--- a/src/firejail/macros.c
+++ b/src/firejail/macros.c
@@ -192,9 +192,8 @@ char *resolve_macro(const char *name) {
 // directory (supplied).
 // The return value is allocated using malloc and must be freed by the caller.
 // The function returns NULL if there are any errors.
-char *expand_home(const char *path, const char *homedir) {
+char *expand_macros(const char *path) {
         assert(path);
-        assert(homedir);
 
         int called_as_root = 0;
 
@@ -210,14 +209,14 @@ char *expand_home(const char *path, const char *homedir) {
         // Replace home macro
         char *new_name = NULL;
         if (strncmp(path, "${HOME}", 7) == 0) {
-                if (asprintf(&new_name, "%s%s", homedir, path + 7) == -1)
+                if (asprintf(&new_name, "%s%s", cfg.homedir, path + 7) == -1)
                         errExit("asprintf");
                 if(called_as_root)
                         EUID_ROOT();
                 return new_name;
         }
         else if (*path == '~') {
-                if (asprintf(&new_name, "%s%s", homedir, path + 1) == -1)
+                if (asprintf(&new_name, "%s%s", cfg.homedir, path + 1) == -1)
                         errExit("asprintf");
                 if(called_as_root)
                         EUID_ROOT();
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 315a7260a..e0a149085 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -868,6 +868,7 @@ int main(int argc, char **argv) {
 
         // check if the user is allowed to use firejail
         init_cfg(argc, argv);
+        assert(cfg.homedir);
 
         // get starting timestamp, process --quiet
         start_timestamp = getticks();
@@ -1480,7 +1481,7 @@ int main(int argc, char **argv) {
                                 exit(1);
                         }
 
-                        char *ppath = expand_home(argv[i] + 10, cfg.homedir);
+                        char *ppath = expand_macros(argv[i] + 10);
                         if (!ppath)
                                 errExit("strdup");
 
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index db58d2e0b..f70c0c9d1 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -1327,7 +1327,7 @@ void profile_read(const char *fname) {
                         char *newprofile = ptr + 8; // profile name
 
                         // expand ${HOME}/ in front of the new profile file
-                        char *newprofile2 = expand_home(newprofile, cfg.homedir);
+                        char *newprofile2 = expand_macros(newprofile);
 
                         // recursivity
                         profile_read((newprofile2)? newprofile2:newprofile);