From db16ce56f8b1c559dfac360600ef69d046682ed1 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Fri, 17 Jan 2020 19:10:40 +0100
Subject: reject control characters in file names

---
 src/firejail/macros.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/firejail/macros.c b/src/firejail/macros.c
index 874180ad1..ccd201956 100644
--- a/src/firejail/macros.c
+++ b/src/firejail/macros.c
@@ -275,12 +275,19 @@ void invalid_filename(const char *fname, int globbing) {
 			return;
 	}
 
+	size_t i;
+	for (i = 0; ptr[i]; i++) {
+		if (iscntrl((unsigned char) ptr[i])) {
+			fprintf(stderr, "Error: invalid filename: contains a control character\n");
+			exit(1);
+		}
+	}
+	
 	char *reject;
 	if (globbing)
 		reject = "\\&!\"'<>%^(){};,"; // file globbing ('*?[]') is allowed
 	else
 		reject = "\\&!?\"'<>%^(){};,*[]";
-
 	char *c = strpbrk(ptr, reject);
 	if (c) {
 		fprintf(stderr, "Error: \"%s\" is an invalid filename: rejected character: \"%c\"\n", ptr, *c);
-- 
cgit v1.2.3-54-g00ecf