mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-10-28 20:25:25 +03:00
journal: move valid_user_field() to journal-util.[ch] and rename it → journal_field_valid()
Being able to validate journal field names is useful outside of the journal itself.
This commit is contained in:
parent
eabd4eb934
commit
53978b98f9
@ -28,6 +28,7 @@
|
|||||||
#include "fs-util.h"
|
#include "fs-util.h"
|
||||||
#include "io-util.h"
|
#include "io-util.h"
|
||||||
#include "journal-importer.h"
|
#include "journal-importer.h"
|
||||||
|
#include "journal-util.h"
|
||||||
#include "journald-console.h"
|
#include "journald-console.h"
|
||||||
#include "journald-kmsg.h"
|
#include "journald-kmsg.h"
|
||||||
#include "journald-native.h"
|
#include "journald-native.h"
|
||||||
@ -43,41 +44,6 @@
|
|||||||
#include "string-util.h"
|
#include "string-util.h"
|
||||||
#include "unaligned.h"
|
#include "unaligned.h"
|
||||||
|
|
||||||
bool valid_user_field(const char *p, size_t l, bool allow_protected) {
|
|
||||||
const char *a;
|
|
||||||
|
|
||||||
/* We kinda enforce POSIX syntax recommendations for
|
|
||||||
environment variables here, but make a couple of additional
|
|
||||||
requirements.
|
|
||||||
|
|
||||||
http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
|
|
||||||
|
|
||||||
/* No empty field names */
|
|
||||||
if (l <= 0)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* Don't allow names longer than 64 chars */
|
|
||||||
if (l > 64)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* Variables starting with an underscore are protected */
|
|
||||||
if (!allow_protected && p[0] == '_')
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* Don't allow digits as first character */
|
|
||||||
if (p[0] >= '0' && p[0] <= '9')
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* Only allow A-Z0-9 and '_' */
|
|
||||||
for (a = p; a < p + l; a++)
|
|
||||||
if ((*a < 'A' || *a > 'Z') &&
|
|
||||||
(*a < '0' || *a > '9') &&
|
|
||||||
*a != '_')
|
|
||||||
return false;
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
static bool allow_object_pid(const struct ucred *ucred) {
|
static bool allow_object_pid(const struct ucred *ucred) {
|
||||||
return ucred && ucred->uid == 0;
|
return ucred && ucred->uid == 0;
|
||||||
}
|
}
|
||||||
@ -201,7 +167,7 @@ static int server_process_entry(
|
|||||||
|
|
||||||
q = memchr(p, '=', e - p);
|
q = memchr(p, '=', e - p);
|
||||||
if (q) {
|
if (q) {
|
||||||
if (valid_user_field(p, q - p, false)) {
|
if (journal_field_valid(p, q - p, false)) {
|
||||||
size_t l;
|
size_t l;
|
||||||
|
|
||||||
l = e - p;
|
l = e - p;
|
||||||
@ -257,7 +223,7 @@ static int server_process_entry(
|
|||||||
k[e - p] = '=';
|
k[e - p] = '=';
|
||||||
memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
|
memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
|
||||||
|
|
||||||
if (valid_user_field(p, e - p, false)) {
|
if (journal_field_valid(p, e - p, false)) {
|
||||||
iovec[n].iov_base = k;
|
iovec[n].iov_base = k;
|
||||||
iovec[n].iov_len = (e - p) + 1 + l;
|
iovec[n].iov_len = (e - p) + 1 + l;
|
||||||
entry_size += iovec[n].iov_len;
|
entry_size += iovec[n].iov_len;
|
||||||
|
@ -149,3 +149,41 @@ int journal_access_check_and_warn(sd_journal *j, bool quiet) {
|
|||||||
|
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool journal_field_valid(const char *p, size_t l, bool allow_protected) {
|
||||||
|
const char *a;
|
||||||
|
|
||||||
|
/* We kinda enforce POSIX syntax recommendations for
|
||||||
|
environment variables here, but make a couple of additional
|
||||||
|
requirements.
|
||||||
|
|
||||||
|
http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
|
||||||
|
|
||||||
|
if (l == (size_t) -1)
|
||||||
|
l = strlen(p);
|
||||||
|
|
||||||
|
/* No empty field names */
|
||||||
|
if (l <= 0)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* Don't allow names longer than 64 chars */
|
||||||
|
if (l > 64)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* Variables starting with an underscore are protected */
|
||||||
|
if (!allow_protected && p[0] == '_')
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* Don't allow digits as first character */
|
||||||
|
if (p[0] >= '0' && p[0] <= '9')
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* Only allow A-Z0-9 and '_' */
|
||||||
|
for (a = p; a < p + l; a++)
|
||||||
|
if ((*a < 'A' || *a > 'Z') &&
|
||||||
|
(*a < '0' || *a > '9') &&
|
||||||
|
*a != '_')
|
||||||
|
return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
@ -19,7 +19,10 @@
|
|||||||
***/
|
***/
|
||||||
|
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
|
||||||
#include "sd-journal.h"
|
#include "sd-journal.h"
|
||||||
|
|
||||||
|
bool journal_field_valid(const char *p, size_t l, bool allow_protected);
|
||||||
|
|
||||||
int journal_access_check_and_warn(sd_journal *j, bool quiet);
|
int journal_access_check_and_warn(sd_journal *j, bool quiet);
|
||||||
|
Loading…
Reference in New Issue
Block a user