udev: refuse unsafe device symbolic link

author Yu Watanabe <watanabe.yu+github@gmail.com>

Wed, 2 Jun 2021 14:23:21 +0000 (23:23 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Fri, 4 Jun 2021 06:51:39 +0000 (15:51 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Wed, 2 Jun 2021 14:23:21 +0000 (23:23 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Fri, 4 Jun 2021 06:51:39 +0000 (15:51 +0900)
diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c

index b3bbbaa4d81bbca12db1f95425573d83daac9b2f..033ecc91f221d378119803e916be950cd0a71f49 100644 (file)
--- a/src/udev/udev-node.c
+++ b/src/udev/udev-node.c
@@ -239,17 +239,25 @@ toolong:
  }
  
  /* manage "stack of names" with possibly specified device priorities */
-static int link_update(sd_device *dev, const char *slink, bool add) {
-        _cleanup_free_ char *filename = NULL, *dirname = NULL;
+static int link_update(sd_device *dev, const char *slink_in, bool add) {
+        _cleanup_free_ char *slink = NULL, *filename = NULL, *dirname = NULL;
          const char *slink_name, *id;
          char name_enc[NAME_MAX+1];
          int i, r, retries;
  
          assert(dev);
-        assert(slink);
+        assert(slink_in);
+
+        slink = strdup(slink_in);
+        if (!slink)
+                return log_oom_debug();
+
+        path_simplify(slink);
  
          slink_name = path_startswith(slink, "/dev");
-        if (!slink_name)
+        if (!slink_name ||
+            empty_or_root(slink_name) ||
+            !path_is_normalized(slink_name))
                  return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EINVAL),
                                                "Invalid symbolic link of device node: %s", slink);
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Wed, 2 Jun 2021 14:23:21 +0000 (23:23 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Fri, 4 Jun 2021 06:51:39 +0000 (15:51 +0900)