[Libguestfs] [PATCH 2/2] launch: Validate $TERM before passing it through to the kernel command line.
Pino Toscano
ptoscano at redhat.com
Thu Dec 22 16:50:32 UTC 2016
On Sunday, 18 December 2016 20:09:29 CET Richard W.M. Jones wrote:
> Make sure it is reasonable before we pass it through to the kernel
> command line. I don't believe this is exploitable, but it might cause
> obscure bugs.
> ---
> src/launch.c | 26 +++++++++++++++++++++++++-
> 1 file changed, 25 insertions(+), 1 deletion(-)
>
> diff --git a/src/launch.c b/src/launch.c
> index 84d5e82..ee2a23d 100644
> --- a/src/launch.c
> +++ b/src/launch.c
> @@ -39,6 +39,8 @@
> #include <assert.h>
> #include <libintl.h>
>
> +#include "c-ctype.h"
> +
> #include "guestfs.h"
> #include "guestfs-internal.h"
> #include "guestfs-internal-actions.h"
> @@ -284,6 +286,28 @@ guestfs_impl_config (guestfs_h *g,
> return 0;
> }
>
> +/**
> + * Check that the $TERM environment variable is reasonable before
> + * we pass it through to the appliance.
> + */
> +static int
> +valid_term (const char *term)
I guess the return value can be bool.
> +{
> + size_t len = strlen (term);
> +
> + if (len == 0 || len > 16)
> + return 0;
> +
> + while (len > 0) {
> + char c = *term++;
> + len--;
> + if (!c_isalnum (c) && c != '-' && c != '_')
> + return 0;
> + }
The loop is fine already, maybe the need to use len can be dropped:
for (; *term; ++term) {
char c = *term;
if (!c_isalnum (c) && c != '-' && c != '_')
return 0;
}
Thanks,
--
Pino Toscano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20161222/11ded457/attachment.sig>
More information about the Libguestfs
mailing list