From bbff0c9853e3db735bb55ac9c1036db55c1f525d Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 4 Jan 2022 19:00:34 +0100 Subject: [PATCH] core: ensure static-hostname is valid UTF-8 We get the hostname via D-Bus (from hostnamed) or read it from file. In the latter case, it is not ensured that it's valid UTF-8. Non-UTF-8 "strings" are bad, because we might try to expose them on D-Bus, log them or other bad things. Sanitize the string by using backslash escaping. Maybe we should outright reject such binary nonsense, but it's not done here, for no strong reasons. --- src/core/nm-hostname-manager.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/core/nm-hostname-manager.c b/src/core/nm-hostname-manager.c index dfca58eefe..64c2531e61 100644 --- a/src/core/nm-hostname-manager.c +++ b/src/core/nm-hostname-manager.c @@ -188,11 +188,24 @@ nm_hostname_manager_get_static_hostname(NMHostnameManager *self) static void _set_hostname(NMHostnameManager *self, const char *hostname) { - NMHostnameManagerPrivate *priv = NM_HOSTNAME_MANAGER_GET_PRIVATE(self); + NMHostnameManagerPrivate *priv = NM_HOSTNAME_MANAGER_GET_PRIVATE(self); + gs_free char *hostname_free = NULL; char *old_hostname; hostname = nm_str_not_empty(hostname); + if (hostname) { + /* as we also read the file from disk, it might not be in UTF-8 encoding. + * + * A hostname in non-UTF-8 encoding would be odd and cause issues when we + * try to expose them on D-Bus via the NM_SETTINGS_STATIC_HOSTNAME property. + * + * Sanitize somewhat. It's wrong anyway. */ + hostname = nm_utils_str_utf8safe_escape(hostname, + NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL, + &hostname_free); + } + if (nm_streq0(hostname, priv->static_hostname)) return;