From: Lennart Poettering Date: Fri, 20 Jul 2018 09:55:18 +0000 (+0200) Subject: fileio: add additional safety checks X-Git-Tag: v240~902^2~2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=09942654d30c71718c5230d4423ad0b1ab6ebadb;p=thirdparty%2Fsystemd.git fileio: add additional safety checks Let's protect against attempts to create temporary files above the root dir, as that makes little sense. Let's better be safe than sorry. --- diff --git a/src/basic/fileio.c b/src/basic/fileio.c index 6b0bad5b714..9ff9118031d 100644 --- a/src/basic/fileio.c +++ b/src/basic/fileio.c @@ -1225,9 +1225,13 @@ int tempfn_xxxxxx(const char *p, const char *extra, char **ret) { const char *fn; char *t; - assert(p); assert(ret); + if (isempty(p)) + return -EINVAL; + if (path_equal(p, "/")) + return -EINVAL; + /* * Turns this: * /foo/bar/waldo @@ -1258,9 +1262,13 @@ int tempfn_random(const char *p, const char *extra, char **ret) { uint64_t u; unsigned i; - assert(p); assert(ret); + if (isempty(p)) + return -EINVAL; + if (path_equal(p, "/")) + return -EINVAL; + /* * Turns this: * /foo/bar/waldo @@ -1311,7 +1319,8 @@ int tempfn_random_child(const char *p, const char *extra, char **ret) { r = tmp_dir(&p); if (r < 0) return r; - } + } else if (isempty(p)) + return -EINVAL; extra = strempty(extra); @@ -1404,7 +1413,8 @@ int open_tmpfile_unlinkable(const char *directory, int flags) { r = tmp_dir(&directory); if (r < 0) return r; - } + } else if (isempty(directory)) + return -EINVAL; /* Returns an unlinked temporary file that cannot be linked into the file system anymore */