udisks2/udisks-2.10.0-module-names.patch
DistroBaker 2fccc86ccc Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/udisks2.git#8eb05435f07a89544f717607667b28049f1313f5
2021-03-31 16:30:40 +00:00

137 lines
5.1 KiB
Diff

commit e062c17e3829f3c04c25b5f6fc17ccc4491befa8
Author: Tomas Bzatek <tbzatek@redhat.com>
Date: Tue Mar 23 16:48:08 2021 +0100
modules: Limit module name to alphanumeric characters and -_ separators
A hardening feature as long as the module name is directly involved
in filename creation.
diff --git a/doc/udisks2-sections.txt.daemon.sections.in b/doc/udisks2-sections.txt.daemon.sections.in
index 16eaf74e..204ca897 100644
--- a/doc/udisks2-sections.txt.daemon.sections.in
+++ b/doc/udisks2-sections.txt.daemon.sections.in
@@ -312,6 +312,7 @@ udisks_daemon_util_get_free_mdraid_device
udisks_ata_identify_get_word
udisks_daemon_util_trigger_uevent
udisks_daemon_util_trigger_uevent_sync
+udisks_module_validate_name
</SECTION>
<SECTION>
diff --git a/src/udisksconfigmanager.c b/src/udisksconfigmanager.c
index 9558e276..5868e864 100644
--- a/src/udisksconfigmanager.c
+++ b/src/udisksconfigmanager.c
@@ -26,6 +26,7 @@
#include "udiskslogging.h"
#include "udisksdaemontypes.h"
#include "udisksconfigmanager.h"
+#include "udisksdaemonutil.h"
struct _UDisksConfigManager {
GObject parent_instance;
@@ -60,6 +61,8 @@ enum
#define DEFAULTS_GROUP_NAME "defaults"
#define DEFAULTS_ENCRYPTION_KEY "encryption"
+#define MODULES_ALL_ARG "*"
+
static void
udisks_config_manager_get_property (GObject *object,
guint property_id,
@@ -170,7 +173,16 @@ parse_config_file (UDisksConfigManager *manager,
{
modules_tmp = modules;
for (module_i = *modules_tmp; module_i; module_i = *++modules_tmp)
- *out_modules = g_list_append (*out_modules, g_strdup (g_strstrip (module_i)));
+ {
+ g_strstrip (module_i);
+ if (! udisks_module_validate_name (module_i) && !g_str_equal (module_i, MODULES_ALL_ARG))
+ {
+ g_warning ("Invalid module name '%s' specified in the %s config file.",
+ module_i, conf_filename);
+ continue;
+ }
+ *out_modules = g_list_append (*out_modules, g_strdup (module_i));
+ }
g_strfreev (modules);
}
}
@@ -397,7 +409,7 @@ udisks_config_manager_get_modules_all (UDisksConfigManager *manager)
parse_config_file (manager, NULL, NULL, &modules);
- ret = !modules || (g_strcmp0 (modules->data, "*") == 0 && g_list_length (modules) == 1);
+ ret = !modules || (g_strcmp0 (modules->data, MODULES_ALL_ARG) == 0 && g_list_length (modules) == 1);
g_list_free_full (modules, (GDestroyNotify) g_free);
diff --git a/src/udisksdaemonutil.c b/src/udisksdaemonutil.c
index 60134765..1695b524 100644
--- a/src/udisksdaemonutil.c
+++ b/src/udisksdaemonutil.c
@@ -1880,3 +1880,29 @@ udisks_daemon_util_trigger_uevent_sync (UDisksDaemon *daemon,
}
/* ---------------------------------------------------------------------------------------------------- */
+
+/**
+ * udisks_module_validate_name:
+ * @module_name: A udisks2 module name.
+ *
+ * Checks the string for a valid udisks2 module name. Only alphanumeric characters
+ * along with the '-' and '_' separators are permitted.
+ *
+ * Returns: %TRUE if the string is a valid udisks2 module name, %FALSE otherwise.
+ */
+gboolean
+udisks_module_validate_name (const gchar *module_name)
+{
+ int i;
+
+ for (i = 0; module_name[i] != '\0'; i++)
+ /* going ASCII, will disqualify any UTF-* string */
+ if (! g_ascii_isalnum (module_name[i]) &&
+ module_name[i] != '-' &&
+ module_name[i] != '_')
+ return FALSE;
+
+ return TRUE;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
diff --git a/src/udisksdaemonutil.h b/src/udisksdaemonutil.h
index 2d7ac981..df584de4 100644
--- a/src/udisksdaemonutil.h
+++ b/src/udisksdaemonutil.h
@@ -129,6 +129,8 @@ gchar *udisks_daemon_util_get_free_mdraid_device (void);
guint16 udisks_ata_identify_get_word (const guchar *identify_data, guint word_number);
+gboolean udisks_module_validate_name (const gchar *module_name);
+
/* Utility macro for policy verification. */
#define UDISKS_DAEMON_CHECK_AUTHORIZATION(daemon, \
object, \
diff --git a/src/udiskslinuxmanager.c b/src/udiskslinuxmanager.c
index 8af65d97..26d8a5d7 100644
--- a/src/udiskslinuxmanager.c
+++ b/src/udiskslinuxmanager.c
@@ -956,6 +956,15 @@ handle_enable_module (UDisksManager *object,
UDisksLinuxManager *manager = UDISKS_LINUX_MANAGER (object);
EnableModulesData *data;
+ if (! udisks_module_validate_name (arg_name))
+ {
+ g_dbus_method_invocation_return_error (invocation,
+ G_IO_ERROR, G_IO_ERROR_INVALID_ARGUMENT,
+ "Requested module name '%s' is not a valid udisks2 module name.",
+ arg_name);
+ return TRUE;
+ }
+
if (! arg_enable)
{
/* TODO: implement proper module unloading */