logind: also escape external data when saving to /run

author Lennart Poettering <lennart@poettering.net>

Thu, 22 May 2014 01:35:28 +0000 (10:35 +0900)

committer Lennart Poettering <lennart@poettering.net>

Thu, 22 May 2014 01:36:16 +0000 (10:36 +0900)
author Lennart Poettering <lennart@poettering.net>
Thu, 22 May 2014 01:35:28 +0000 (10:35 +0900)
committer Lennart Poettering <lennart@poettering.net>
Thu, 22 May 2014 01:36:16 +0000 (10:36 +0900)
diff --git a/src/login/logind-session.c b/src/login/logind-session.c

index 9a541013017f7cf75faa46edee7519932b89c219..fdeacb150acb42a84f203cb052fc412a613c6a50 100644 (file)
--- a/src/login/logind-session.c
+++ b/src/login/logind-session.c
@@ -213,7 +213,6 @@ int session_save(Session *s) {
  
          if (s->scope)
                  fprintf(f, "SCOPE=%s\n", s->scope);
-
          if (s->scope_job)
                  fprintf(f, "SCOPE_JOB=%s\n", s->scope_job);
  
@@ -229,17 +228,54 @@ int session_save(Session *s) {
          if (s->display)
                  fprintf(f, "DISPLAY=%s\n", s->display);
  
-        if (s->remote_host)
-                fprintf(f, "REMOTE_HOST=%s\n", s->remote_host);
+        if (s->remote_host) {
+                _cleanup_free_ char *escaped;
+
+                escaped = cescape(s->remote_host);
+                if (!escaped) {
+                        r = -ENOMEM;
+                        goto finish;
+                }
+
+                fprintf(f, "REMOTE_HOST=%s\n", escaped);
+        }
+
+        if (s->remote_user) {
+                _cleanup_free_ char *escaped;
+
+                escaped = cescape(s->remote_user);
+                if (!escaped) {
+                        r = -ENOMEM;
+                        goto finish;
+                }
+
+                fprintf(f, "REMOTE_USER=%s\n", escaped);
+        }
+
+        if (s->service) {
+                _cleanup_free_ char *escaped;
  
-        if (s->remote_user)
-                fprintf(f, "REMOTE_USER=%s\n", s->remote_user);
+                escaped = cescape(s->service);
+                if (!escaped) {
+                        r = -ENOMEM;
+                        goto finish;
+                }
+
+                fprintf(f, "SERVICE=%s\n", escaped);
+        }
  
-        if (s->service)
-                fprintf(f, "SERVICE=%s\n", s->service);
+        if (s->desktop) {
+                _cleanup_free_ char *escaped;
  
-        if (s->desktop)
-                fprintf(f, "DESKTOP=%s\n", s->desktop);
+
+                escaped = cescape(s->desktop);
+                if (!escaped) {
+                        r = -ENOMEM;
+                        goto finish;
+                }
+
+                fprintf(f, "DESKTOP=%s\n", escaped);
+        }
  
          if (s->seat && seat_has_vts(s->seat))
                  fprintf(f, "VTNR=%u\n", s->vtnr);
author	Lennart Poettering <lennart@poettering.net>
	Thu, 22 May 2014 01:35:28 +0000 (10:35 +0900)
committer	Lennart Poettering <lennart@poettering.net>
	Thu, 22 May 2014 01:36:16 +0000 (10:36 +0900)