dbus: add some more safety checks before accepting data from bus clients

[elogind.git] / src / hostname / hostnamed.c

diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c
index 8f9d5a04f5b73393930ac02c0eac34ccd2192bb7..cd3ef491ac3ec4fb9efae6d3ab78c7904de3abd0 100644 (file)
--- a/src/hostname/hostnamed.c
+++ b/src/hostname/hostnamed.c
@@ -451,6 +451,14 @@ static DBusHandlerResult hostname_message_handler(
                         } else {
                                 char *h;
 
+                                /* The icon name might ultimately be
+                                 * used as file name, so better be
+                                 * safe than sorry */
+                                if (k == PROP_ICON_NAME && !filename_is_safe(name))
+                                        return bus_send_error_reply(connection, message, NULL, -EINVAL);
+                                if (k == PROP_PRETTY_HOSTNAME && !string_is_safe(name))
+                                        return bus_send_error_reply(connection, message, NULL, -EINVAL);
+
                                 h = strdup(name);
                                 if (!h)
                                         goto oom;