fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-27 16:20:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

keyfile: make reader more strict in handle_as_path()

Browse source 
When interpreting a blob as filename, ensure that it contains
no NUL character (except the last char).

(cherry picked from commit 7b6759b764)
This commit is contained in:
Thomas Haller 2015-02-25 21:52:00 +01:00
parent 21849d73ee
commit d655b80dbe
1 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/settings/plugins/keyfile/reader.c
View file

@ -777,14 +777,17 @@ handle_as_path (GBytes *bytes,
if (data_len > 500 || data_len < 1)
return FALSE;
/* If there's a trailing NULL tell g_utf8_validate() to to until the NULL */
if (data[data_len - 1] == '\0')
validate_len = -1;
else
/* If there's a trailing zero tell g_utf8_validate() to validate until the zero */
if (data[data_len - 1] == '\0') {
/* setting it to -1, would mean we accept data to contain NUL characters before the
* end. Don't accept any NUL in [0 .. data_len-1[ . */
validate_len = data_len - 1;
} else
validate_len = data_len;
if (g_utf8_validate ((const char *) data, validate_len, NULL) == FALSE)
return FALSE;
if ( validate_len == 0
|| g_utf8_validate ((const char *) data, validate_len, NULL) == FALSE)
return FALSE;
/* Might be a bare path without the file:// prefix; in that case
* if it's an absolute path, use that, otherwise treat it as a