shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 09:21:26 +03:00
Code

core: rework how we validate DeviceAllow= settings

Browse Source 
Let's make sure we don't validate "char-*" and "block-*" expressions as
paths.
This commit is contained in:
Lennart Poettering 2018-06-11 12:22:58 +02:00
parent 9d5e9b4add
commit 57e84e7535
4 changed files with 40 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/basic/path-util.c
View File

@ -893,10 +893,31 @@ bool is_device_path(const char *path) {
path_startswith(path, "/sys/");
}
bool is_deviceallow_pattern(const char *path) {
return path_startswith(path, "/dev/") ||
startswith(path, "block-") ||
startswith(path, "char-");
bool valid_device_node_path(const char *path) {
/* Some superficial checks whether the specified path is a valid device node path, all without looking at the
* actual device node. */
if (!PATH_STARTSWITH_SET(path, "/dev/", "/run/systemd/inaccessible/"))
return false;
if (endswith(path, "/")) /* can't be a device node if it ends in a slash */
return false;
return path_is_normalized(path);
}
bool valid_device_allow_pattern(const char *path) {
assert(path);
/* Like valid_device_node_path(), but also allows full-subsystem expressions, like DeviceAllow= and DeviceDeny=
* accept it */
if (startswith(path, "block-") ||
startswith(path, "char-"))
return true;
return valid_device_node_path(path);
}
int systemd_installation_has_version(const char *root, unsigned minimal_version) {

4
src/basic/path-util.h
View File

@ -147,7 +147,9 @@ char *file_in_same_dir(const char *path, const char *filename);
bool hidden_or_backup_file(const char *filename) _pure_;
bool is_device_path(const char *path);
bool is_deviceallow_pattern(const char *path);
bool valid_device_node_path(const char *path);
bool valid_device_allow_pattern(const char *path);
int systemd_installation_has_version(const char *root, unsigned minimal_version);

9
src/core/dbus-cgroup.c
View File

@ -1059,15 +1059,12 @@ int bus_cgroup_set_property(
while ((r = sd_bus_message_read(message, "(ss)", &path, &rwm)) > 0) {
if ((!is_deviceallow_pattern(path) &&
!path_startswith(path, "/run/systemd/inaccessible/")) ||
strpbrk(path, WHITESPACE))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "DeviceAllow= requires device node");
if (!valid_device_allow_pattern(path) || strpbrk(path, WHITESPACE))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "DeviceAllow= requires device node or pattern");
if (isempty(rwm))
rwm = "rwm";
if (!in_charset(rwm, "rwm"))
else if (!in_charset(rwm, "rwm"))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "DeviceAllow= requires combination of rwm flags");
if (!UNIT_WRITE_FLAGS_NOOP(flags)) {

16
src/core/load-fragment.c
View File

@ -3234,14 +3234,16 @@ int config_parse_device_allow(
return 0;
}
r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
if (r < 0)
return 0;
if (!startswith(resolved, "block-") && !startswith(resolved, "char-")) {
if (!is_deviceallow_pattern(resolved) &&
!path_startswith(resolved, "/run/systemd/inaccessible/")) {
log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
return 0;
r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
if (r < 0)
return 0;
if (!valid_device_node_path(resolved)) {
log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
return 0;
}
}
if (!isempty(p) && !in_charset(p, "rwm")) {