diff options
Diffstat (limited to 'src/firejail/profile.c')
| -rw-r--r-- | src/firejail/profile.c | 23 |
1 files changed, 3 insertions, 20 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 2e3790b3c..e6c31bc0a 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -61,23 +61,6 @@ int profile_find(const char *name, const char *dir) { | |||
| 61 | //*************************************************** | 61 | //*************************************************** |
| 62 | // run-time profiles | 62 | // run-time profiles |
| 63 | //*************************************************** | 63 | //*************************************************** |
| 64 | static void check_file_name(char *ptr, int lineno) { | ||
| 65 | if (strncmp(ptr, "${HOME}", 7) == 0) | ||
| 66 | ptr += 7; | ||
| 67 | else if (strncmp(ptr, "${PATH}", 7) == 0) | ||
| 68 | ptr += 7; | ||
| 69 | |||
| 70 | int len = strlen(ptr); | ||
| 71 | // file globbing ('*') is allowed | ||
| 72 | if (strcspn(ptr, "\\&!?\"'<>%^(){}[];,") != (size_t)len) { | ||
| 73 | if (lineno == 0) | ||
| 74 | fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr); | ||
| 75 | else | ||
| 76 | fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno); | ||
| 77 | exit(1); | ||
| 78 | } | ||
| 79 | } | ||
| 80 | |||
| 81 | 64 | ||
| 82 | // check profile line; if line == 0, this was generated from a command line option | 65 | // check profile line; if line == 0, this was generated from a command line option |
| 83 | // return 1 if the command is to be added to the linked list of profile commands | 66 | // return 1 if the command is to be added to the linked list of profile commands |
| @@ -281,8 +264,8 @@ int profile_check_line(char *ptr, int lineno) { | |||
| 281 | } | 264 | } |
| 282 | 265 | ||
| 283 | // check directories | 266 | // check directories |
| 284 | check_file_name(dname1, lineno); | 267 | invalid_filename(dname1); |
| 285 | check_file_name(dname2, lineno); | 268 | invalid_filename(dname2); |
| 286 | if (strstr(dname1, "..") || strstr(dname2, "..")) { | 269 | if (strstr(dname1, "..") || strstr(dname2, "..")) { |
| 287 | fprintf(stderr, "Error: invalid file name.\n"); | 270 | fprintf(stderr, "Error: invalid file name.\n"); |
| 288 | exit(1); | 271 | exit(1); |
| @@ -361,7 +344,7 @@ int profile_check_line(char *ptr, int lineno) { | |||
| 361 | } | 344 | } |
| 362 | 345 | ||
| 363 | // some characters just don't belong in filenames | 346 | // some characters just don't belong in filenames |
| 364 | check_file_name(ptr, lineno); | 347 | invalid_filename(ptr); |
| 365 | if (strstr(ptr, "..")) { | 348 | if (strstr(ptr, "..")) { |
| 366 | if (lineno == 0) | 349 | if (lineno == 0) |
| 367 | fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr); | 350 | fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr); |