From 2dc3371a071aec665ac34e04bc53a0ef2ab59fb2 Mon Sep 17 00:00:00 2001 From: smitsohu Date: Wed, 15 Aug 2018 17:41:37 +0200 Subject: fix NP deref private-home and private-bin are included just for consistency --- src/firejail/fs_bin.c | 4 ++++ src/firejail/fs_etc.c | 6 ++++++ src/firejail/fs_home.c | 4 ++++ src/firejail/fs_lib.c | 6 ++++++ 4 files changed, 20 insertions(+) diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c index 5625ed356..168ecacfb 100644 --- a/src/firejail/fs_bin.c +++ b/src/firejail/fs_bin.c @@ -285,6 +285,10 @@ void fs_private_bin_list(void) { errExit("strdup"); char *ptr = strtok(dlist, ","); + if (!ptr) { + fprintf(stderr, "Error: invalid private-bin argument\n"); + exit(1); + } globbing(ptr); while ((ptr = strtok(NULL, ",")) != NULL) globbing(ptr); diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 8847e44e7..bf60b56a7 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c @@ -99,6 +99,8 @@ errexit: } static void duplicate(const char *fname, const char *private_dir, const char *private_run_dir) { + assert(fname); + if (*fname == '~' || *fname == '/' || strstr(fname, "..")) { fprintf(stderr, "Error: \"%s\" is an invalid filename\n", fname); exit(1); @@ -162,6 +164,10 @@ void fs_private_dir_list(const char *private_dir, const char *private_run_dir, c char *ptr = strtok(dlist, ","); + if (!ptr) { + fprintf(stderr, "Error: invalid private %s argument\n", private_dir); + exit(1); + } duplicate(ptr, private_dir, private_run_dir); while ((ptr = strtok(NULL, ",")) != NULL) diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 09931bd56..3b5094ac9 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c @@ -494,6 +494,10 @@ void fs_private_home_list(void) { errExit("strdup"); char *ptr = strtok(dlist, ","); + if (!ptr) { + fprintf(stderr, "Error: invalid private-home argument\n"); + exit(1); + } duplicate(ptr); while ((ptr = strtok(NULL, ",")) != NULL) duplicate(ptr); diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 77c9a0cf5..a607280a0 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c @@ -196,6 +196,8 @@ static void load_library(const char *fname) { } static void install_list_entry(const char *lib) { + assert(lib); + // filename check int len = strlen(lib); if (strcspn(lib, "\\&!?\"'<>%^(){}[];,") != (size_t)len || @@ -255,6 +257,10 @@ void fslib_install_list(const char *lib_list) { errExit("strdup"); char *ptr = strtok(dlist, ","); + if (!ptr) { + fprintf(stderr, "Error: invalid private-lib argument\n"); + exit(1); + } install_list_entry(ptr); while ((ptr = strtok(NULL, ",")) != NULL) -- cgit v1.2.3-70-g09d2