From: Lennart Poettering Date: Fri, 26 Oct 2018 14:51:34 +0000 (+0200) Subject: importd: immediately validate whether fd is of right type when receiving it X-Git-Tag: v240~175^2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=176a05c24be1168cd0a0e39f5e7084112861d3ed;p=thirdparty%2Fsystemd.git importd: immediately validate whether fd is of right type when receiving it Just some paranoia. --- diff --git a/src/import/importd.c b/src/import/importd.c index 83f186f66e0..2426933558f 100644 --- a/src/import/importd.c +++ b/src/import/importd.c @@ -22,6 +22,7 @@ #include "process-util.h" #include "signal-util.h" #include "socket-util.h" +#include "stat-util.h" #include "string-table.h" #include "strv.h" #include "syslog-util.h" @@ -716,6 +717,10 @@ static int method_import_tar_or_raw(sd_bus_message *msg, void *userdata, sd_bus_ if (r < 0) return r; + r = fd_verify_regular(fd); + if (r < 0) + return r; + if (!machine_name_is_valid(local)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Local name %s is invalid", local); @@ -780,6 +785,10 @@ static int method_import_fs(sd_bus_message *msg, void *userdata, sd_bus_error *e if (r < 0) return r; + r = fd_verify_directory(fd); + if (r < 0) + return r; + if (!machine_name_is_valid(local)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Local name %s is invalid", local); @@ -846,6 +855,10 @@ static int method_export_tar_or_raw(sd_bus_message *msg, void *userdata, sd_bus_ if (!machine_name_is_valid(local)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Local name %s is invalid", local); + r = fd_verify_regular(fd); + if (r < 0) + return r; + type = streq_ptr(sd_bus_message_get_member(msg), "ExportTar") ? TRANSFER_EXPORT_TAR : TRANSFER_EXPORT_RAW; r = transfer_new(m, &t);