X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fshared%2Futil.c;h=1aaebf0612ea365514a7373ca6220d478d2f95c9;hb=2e3d069236777cd62f755a02f4a239306b4ad21a;hp=d5de59fce90955530cf0f2c121f46a41ca7caa41;hpb=55c0b89c575fcb2c075286d444ed4fb1cf8c8563;p=elogind.git diff --git a/src/shared/util.c b/src/shared/util.c index d5de59fce..1aaebf061 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -561,9 +561,9 @@ int fchmod_umask(int fd, mode_t m) { } int write_one_line_file_atomic(const char *fn, const char *line) { - FILE *f; + _cleanup_fclose_ FILE *f = NULL; + _cleanup_free_ char *p = NULL; int r; - char *p; assert(fn); assert(line); @@ -585,12 +585,9 @@ int write_one_line_file_atomic(const char *fn, const char *line) { fflush(f); - if (ferror(f)) { - if (errno != 0) - r = -errno; - else - r = -EIO; - } else { + if (ferror(f)) + r = errno ? -errno : -EIO; + else { if (rename(p, fn) < 0) r = -errno; else @@ -601,9 +598,6 @@ finish: if (r < 0) unlink(p); - fclose(f); - free(p); - return r; } @@ -641,6 +635,9 @@ int read_full_file(const char *fn, char **contents, size_t *size) { _cleanup_free_ char *buf = NULL; struct stat st; + assert(fn); + assert(contents); + f = fopen(fn, "re"); if (!f) return -errno; @@ -772,33 +769,55 @@ fail: return r; } -int load_env_file( - const char *fname, - char ***rl) { +int load_env_file(const char *fname, + char ***rl) { - FILE *f; - char **m = NULL; - int r; + FILE _cleanup_fclose_ *f; + char *b; + char _cleanup_free_ *c = NULL; + char _cleanup_strv_free_ **m = NULL; assert(fname); assert(rl); - if (!(f = fopen(fname, "re"))) + f = fopen(fname, "re"); + if (!f) return -errno; while (!feof(f)) { - char l[LINE_MAX], *p, *u; + char l[LINE_MAX], *p, *u, *cs; char **t; if (!fgets(l, sizeof(l), f)) { - if (feof(f)) + if (!feof(f)) + return -errno; + else if (!c) break; + } - r = -errno; - goto finish; + cs = endswith(l, "\\\n"); + if (cs) { + *cs = '\0'; + b = strappend(c, l); + if (!b) + return log_oom(); + + free(c); + c = b; + *l = '\0'; + continue; + } + + if (c) { + b = strappend(c, l); + if (!b) + return log_oom(); + + free(c); + c = b; } - p = strstrip(l); + p = strstrip(c ? c : l); if (!*p) continue; @@ -806,35 +825,27 @@ int load_env_file( if (strchr(COMMENTS, *p)) continue; - if (!(u = normalize_env_assignment(p))) { - r = log_oom(); - goto finish; - } + u = normalize_env_assignment(p); + if (!u) + return log_oom(); + + free(c); + c = NULL; t = strv_append(m, u); free(u); - if (!t) { - r = log_oom(); - goto finish; - } + if (!t) + return log_oom(); strv_free(m); m = t; } - r = 0; - *rl = m; m = NULL; -finish: - if (f) - fclose(f); - - strv_free(m); - - return r; + return 0; } int write_env_file(const char *fname, char **l) { @@ -5596,6 +5607,27 @@ bool string_is_safe(const char *p) { return true; } +bool path_is_safe(const char *p) { + + if (isempty(p)) + return false; + + if (streq(p, "..") || startswith(p, "../") || endswith(p, "/..") || strstr(p, "/../")) + return false; + + if (strlen(p) > PATH_MAX) + return false; + + /* The following two checks are not really dangerous, but hey, they still are confusing */ + if (streq(p, ".") || startswith(p, "./") || endswith(p, "/.") || strstr(p, "/./")) + return false; + + if (strstr(p, "//")) + return false; + + return true; +} + /* hey glibc, APIs with callbacks without a user pointer are so useless */ void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size, int (*compar) (const void *, const void *, void *), void *arg) {