cgroup-util: be more strict when processing slice unit names

diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c
index 1306cc197a21b5bee4989462506997ee4f831ccc..b5e4094f4ebe578aecbbd886bc54be85bda9a773 100644 (file)
--- a/src/shared/cgroup-util.c
+++ b/src/shared/cgroup-util.c
@@ -1663,11 +1663,17 @@ int cg_slice_to_path(const char *unit, char **ret) {
                 return -ENOMEM;
 
         dash = strchr(p, '-');
+
+        /* Don't allow initial dashes */
+        if (dash == p)
+                return -EINVAL;
+
         while (dash) {
                 _cleanup_free_ char *escaped = NULL;
                 char n[dash - p + sizeof(".slice")];
 
-                if (isempty(dash + 1))
+                /* Don't allow trailing or double dashes */
+                if (dash[1] == 0 || dash[1] == '-')
                         return -EINVAL;
 
                 strcpy(stpncpy(n, p, dash - p), ".slice");

diff --git a/src/test/test-cgroup-util.c b/src/test/test-cgroup-util.c
index efe99cb34b55fc03fb5e5a4159c0171c9fb4f8f4..4a89f64518977e877459134d7a521a02b76f36bc 100644 (file)
--- a/src/test/test-cgroup-util.c
+++ b/src/test/test-cgroup-util.c
@@ -274,7 +274,7 @@ static void test_slice_to_path(void) {
         test_slice_to_path_one("-foo-.slice", NULL, -EINVAL);
         test_slice_to_path_one("-foo.slice", NULL, -EINVAL);
         test_slice_to_path_one("foo-.slice", NULL, -EINVAL);
-        test_slice_to_path_one("foo--bar.slice", "foo.slice/foo-.slice/foo--bar.slice", 0);
+        test_slice_to_path_one("foo--bar.slice", NULL, -EINVAL);
         test_slice_to_path_one("foo.slice/foo--bar.slice", NULL, -EINVAL);
         test_slice_to_path_one("a-b.slice", "a.slice/a-b.slice", 0);
         test_slice_to_path_one("a-b-c-d-e.slice", "a.slice/a-b.slice/a-b-c.slice/a-b-c-d.slice/a-b-c-d-e.slice", 0);