shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-12-26 03:22:00 +03:00
Code

test-env-util: Verify that \r is disallowed in env var values

Browse Source 
This adds tests to make sure that basic/env-util considers environment
variables containing \r characters invalid, and that it removes such
variables during environment cleanup in strv_env_clean*().

test-env-util has not verified this behaviour before.

As \r characters can be used to hide information, disallowing them
helps with systemd's security barrier role, even when the \r
character comes as part of a DOS style (\r\n) line ending.

Prompted-by: https://github.com/systemd/systemd/issues/17378
This commit is contained in:
Hans Ulrich Niedermann 2020-10-21 22:40:18 +02:00 committed by Lennart Poettering
parent d975310342
commit e1e8c60af7
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/test/test-env-util.c
View File

@ -264,6 +264,7 @@ static void test_env_clean(void) {
"xyz=xyz\n", "xyz=xyz\n",
"another=one", "another=one",
"another=final one", "another=final one",
"CRLF=\r\n",
"BASH_FUNC_foo%%=() { echo foo\n}"); "BASH_FUNC_foo%%=() { echo foo\n}");
assert_se(e); assert_se(e);
assert_se(!strv_env_is_valid(e)); assert_se(!strv_env_is_valid(e));
@ -306,6 +307,8 @@ static void test_env_value_is_valid(void) {
assert_se(env_value_is_valid("printf \"\\x1b]0;<mock-chroot>\\x07<mock-chroot>\"")); assert_se(env_value_is_valid("printf \"\\x1b]0;<mock-chroot>\\x07<mock-chroot>\""));
assert_se(env_value_is_valid("tab\tcharacter")); assert_se(env_value_is_valid("tab\tcharacter"));
assert_se(env_value_is_valid("new\nline")); assert_se(env_value_is_valid("new\nline"));
assert_se(!env_value_is_valid("Show this?\rNope. Show that!"));
assert_se(!env_value_is_valid("new DOS\r\nline"));
} }
static void test_env_assignment_is_valid(void) { static void test_env_assignment_is_valid(void) {