From: Frantisek Sumsal Date: Wed, 6 May 2026 12:03:29 +0000 (+0200) Subject: dbus: limit the number of env variables to something reasonable, vol. 3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a7e276a82f7e2bf080685afca83d30215b1307a5;p=thirdparty%2Fsystemd.git dbus: limit the number of env variables to something reasonable, vol. 3 Let's limit the number of environment variables when creating a transient unit via StartTransientUnit as well, since validating the environment variable names/assignments is expensive. Follow-up for 49c1e1bcf2b482b6de35a4212a06ed1d8c382745. --- diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index aea9fbb304e..2329762f16b 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -3456,6 +3456,9 @@ int bus_exec_context_set_transient_property( if (r < 0) return r; + if (strv_length(l) > ENVIRONMENT_ASSIGNMENTS_MAX) + return sd_bus_error_set(reterr_error, SD_BUS_ERROR_LIMITS_EXCEEDED, + "Too many environment assignments."); if (!strv_env_is_valid(l)) return sd_bus_error_set(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment block."); @@ -3490,6 +3493,9 @@ int bus_exec_context_set_transient_property( if (r < 0) return r; + if (strv_length(l) > ENVIRONMENT_ASSIGNMENTS_MAX) + return sd_bus_error_set(reterr_error, SD_BUS_ERROR_LIMITS_EXCEEDED, + "Too many environment variable names or assignments."); if (!strv_env_name_or_assignment_is_valid(l)) return sd_bus_error_set(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Invalid UnsetEnvironment= list."); @@ -3642,6 +3648,9 @@ int bus_exec_context_set_transient_property( if (r < 0) return r; + if (strv_length(l) > ENVIRONMENT_ASSIGNMENTS_MAX) + return sd_bus_error_set(reterr_error, SD_BUS_ERROR_LIMITS_EXCEEDED, + "Too many environment variable names."); if (!strv_env_name_is_valid(l)) return sd_bus_error_set(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Invalid PassEnvironment= block.");