From f9755203b972966d545bba7f3d257cf4c6a4f8a0 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 15 Sep 2021 09:20:49 +0200 Subject: [PATCH] sysctl-util: modernize sysctl_read() a bit Let's add similar path validation to sysctl_read() as we already have in sysctl_write(). Let's also drop the trailing newline from the returned string, like sysctl_read_ip_property() already does it. (I checked all users of this, they don't care) --- src/basic/sysctl-util.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/basic/sysctl-util.c b/src/basic/sysctl-util.c index a19f3e26491..9c81001e69b 100644 --- a/src/basic/sysctl-util.c +++ b/src/basic/sysctl-util.c @@ -98,12 +98,23 @@ int sysctl_write_ip_property(int af, const char *ifname, const char *property, c int sysctl_read(const char *property, char **ret) { char *p; + int r; assert(property); - assert(ret); p = strjoina("/proc/sys/", property); - return read_full_virtual_file(p, ret, NULL); + + path_simplify(p); + if (!path_is_normalized(p)) /* Filter out attempts to write to /proc/sys/../../…, just in case */ + return -EINVAL; + + r = read_full_virtual_file(p, ret, NULL); + if (r < 0) + return r; + if (ret) + delete_trailing_chars(*ret, NEWLINE); + + return r; } int sysctl_read_ip_property(int af, const char *ifname, const char *property, char **ret) { -- 2.47.3