The fancy name could contain arbitrary bytes, in escaped fashion. Before
using it, let's validate that this contains only valid UTF-8.
(Note that D-Bus might kick us off the bus if we don't ensure everything
we send around is UTF-8).
(While we are at it, do the same in PID 1, even though it's not that
important there)
Addresses this issue found by @YHNdnzj:
https://github.com/systemd/systemd/pull/40367#discussion_r2714614301
Follow-up for: #40367
if (l < 0) {
log_debug_errno(l, "Failed to unescape FANCY_NAME=, ignoring: %m");
fancy_name = mfree(fancy_name);
+ } else if (!utf8_is_valid(fancy_name)) {
+ log_debug("Unescaped FANCY_NAME= contains invalid UTF-8, ignoring.");
+ fancy_name = mfree(fancy_name);
} else {
free_and_replace(fancy_name, unescaped);
if (l < 0) {
log_warning_errno(l, "Failed to unescape fancy OS name, ignoring: %m");
os_fancy_name = mfree(os_fancy_name);
+ } else if (!utf8_is_valid(unescaped)) {
+ log_warning("Unescaped fancy OS name contains invalid UTF-8, ignoring.");
+ os_fancy_name = mfree(os_fancy_name);
} else
free_and_replace(os_fancy_name, unescaped);
}
projects / thirdparty / systemd.git / commitdiff
