git.ipfire.org Git - thirdparty/util-linux.git/commit

author	Karel Zak <kzak@redhat.com>
	Thu, 27 Nov 2014 12:39:35 +0000 (13:39 +0100)
committer	Karel Zak <kzak@redhat.com>
	Thu, 27 Nov 2014 12:39:35 +0000 (13:39 +0100)
commit	89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc
tree	1cd3e59664c5d32df7b51cff76b2bb7ce270334d	tree \| snapshot
parent	cca51b9e45460e05bf5da81be80a26a70a120704	commit \| diff

libblkid: care about unsafe chars in cache

The high-level libblkid API uses /run/blkid/blkid.tab cache to
store probing results. The cache format is

   <device NAME="value" ...>devname</device>

and unfortunately the cache code does not escape quotation marks:

   # mkfs.ext4 -L 'AAA"BBB'

   # cat /run/blkid/blkid.tab
   ...
   <device ... LABEL="AAA"BBB" ...>/dev/sdb1</device>

such string is later incorrectly parsed and blkid(8) returns
nonsenses. And for use-cases like

   # eval $(blkid -o export /dev/sdb1)

it's also insecure.

Note that mount, udevd and blkid -p are based on low-level libblkid
API, it bypass the cache and directly read data from the devices.

The current udevd upstream does not depend on blkid(8) output at all,
it's directly linked with the library and all unsafe chars are encoded by
\x<hex> notation.

   # mkfs.ext4 -L 'X"`/tmp/foo` "' /dev/sdb1
   # udevadm info --export-db | grep LABEL
   ...
   E: ID_FS_LABEL=X__/tmp/foo___
   E: ID_FS_LABEL_ENC=X\x22\x60\x2ftmp\x2ffoo\x60\x20\x22

Signed-off-by: Karel Zak <kzak@redhat.com>

libblkid/src/read.c		diff \| blob \| blame \| history
libblkid/src/save.c		diff \| blob \| blame \| history
misc-utils/blkid.8		diff \| blob \| blame \| history
misc-utils/blkid.c		diff \| blob \| blame \| history