From 09942654d30c71718c5230d4423ad0b1ab6ebadb Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 20 Jul 2018 11:55:18 +0200 Subject: [PATCH] fileio: add additional safety checks Let's protect against attempts to create temporary files above the root dir, as that makes little sense. Let's better be safe than sorry. --- src/basic/fileio.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/src/basic/fileio.c b/src/basic/fileio.c index 6b0bad5b714..9ff9118031d 100644 --- a/src/basic/fileio.c +++ b/src/basic/fileio.c @@ -1225,9 +1225,13 @@ int tempfn_xxxxxx(const char *p, const char *extra, char **ret) { const char *fn; char *t; - assert(p); assert(ret); + if (isempty(p)) + return -EINVAL; + if (path_equal(p, "/")) + return -EINVAL; + /* * Turns this: * /foo/bar/waldo @@ -1258,9 +1262,13 @@ int tempfn_random(const char *p, const char *extra, char **ret) { uint64_t u; unsigned i; - assert(p); assert(ret); + if (isempty(p)) + return -EINVAL; + if (path_equal(p, "/")) + return -EINVAL; + /* * Turns this: * /foo/bar/waldo @@ -1311,7 +1319,8 @@ int tempfn_random_child(const char *p, const char *extra, char **ret) { r = tmp_dir(&p); if (r < 0) return r; - } + } else if (isempty(p)) + return -EINVAL; extra = strempty(extra); @@ -1404,7 +1413,8 @@ int open_tmpfile_unlinkable(const char *directory, int flags) { r = tmp_dir(&directory); if (r < 0) return r; - } + } else if (isempty(directory)) + return -EINVAL; /* Returns an unlinked temporary file that cannot be linked into the file system anymore */ -- 2.47.3