From: Lennart Poettering Date: Fri, 1 Mar 2024 13:46:00 +0000 (+0100) Subject: hostnamed: do some validation of the hw serial before we return it X-Git-Tag: v256-rc1~672^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64724e0579366f89914b0b8f8791e127b7fbca93;p=thirdparty%2Fsystemd.git hostnamed: do some validation of the hw serial before we return it Let's make sure the serial contains not control chars, and is UTF-8 clean. In particular the latter matters as D-Bus shouldn't kick us from the bus. --- diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c index 25e7b193cd1..87662e20912 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c @@ -39,6 +39,7 @@ #include "string-table.h" #include "strv.h" #include "user-util.h" +#include "utf8.h" #include "varlink-io.systemd.Hostname.h" #include "virt.h" @@ -283,13 +284,32 @@ static int get_hardware_firmware_data(const char *sysattr, char **ret) { } static int get_hardware_serial(char **ret) { - int r; + _cleanup_free_ char *b = NULL; + int r = 0; + + FOREACH_STRING(attr, "product_serial", "board_serial") { + r = get_hardware_firmware_data(attr, &b); + if (r != 0 && !ERRNO_IS_NEG_DEVICE_ABSENT(r)) + break; + } + if (r < 0) + return r; + if (r == 0) + return -ENOENT; - r = get_hardware_firmware_data("product_serial", ret); - if (r <= 0) - return get_hardware_firmware_data("board_serial", ret); + /* Do some superficial validation: do not allow CCs and make sure D-Bus won't kick us off the bus + * because we send invalid UTF-8 data */ - return r; + if (string_has_cc(b, /* ok= */ NULL)) + return -ENOENT; + + if (!utf8_is_valid(b)) + return -ENOENT; + + if (ret) + *ret = TAKE_PTR(b); + + return 0; } static int get_firmware_version(char **ret) {