When enumerating machines from /run, and when accepting machine names
for operations, be more strict and always validate.
Note that these checks are strictly speaking unnecessary, since
enumeration happens only on the trusted /run...
assert(machine);
assert(pid);
+ if (!machine_name_is_valid(machine))
+ return -EINVAL;
+
p = strjoina("/run/systemd/machines/", machine);
r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
if (r == -ENOENT)
/* Filter out the unit: symlinks */
for (a = l, b = l; *a; a++) {
- if (startswith(*a, "unit:"))
+ if (startswith(*a, "unit:") || !machine_name_is_valid(*a))
free(*a);
else {
*b = *a;
if (startswith(de->d_name, "unit:"))
continue;
+ if (!machine_name_is_valid(de->d_name))
+ continue;
+
k = manager_add_machine(m, de->d_name, &machine);
if (k < 0) {
log_error_errno(k, "Failed to add machine by file name %s: %m", de->d_name);
projects / thirdparty / systemd.git / commitdiff
