[gnome-terminal] server: Check passed environment

From: Christian Persch <chpe src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-terminal] server: Check passed environment
Date: Fri, 1 May 2020 09:39:07 +0000 (UTC)

commit 0cf3e6b4bd65e21fc72e0d7ed2db0ad6c6f5272c
Author: Christian Persch <chpe src gnome org>
Date:   Fri May 1 11:38:38 2020 +0200

    server: Check passed environment
    
    Make sure all elements of the environment passed actually are
    in KEY=VALUE format.

 src/terminal-gdbus.c | 10 +++++++++-
 src/terminal-util.c  | 22 ++++++++++++++++++++++
 src/terminal-util.h  |  2 ++
 3 files changed, 33 insertions(+), 1 deletion(-)
---
diff --git a/src/terminal-gdbus.c b/src/terminal-gdbus.c
index 116d8a03..e0d0ecfd 100644
--- a/src/terminal-gdbus.c
+++ b/src/terminal-gdbus.c
@@ -141,10 +141,18 @@ terminal_receiver_impl_exec (TerminalReceiver *receiver,
     shell = FALSE;
   if (!g_variant_lookup (options, "environ", "^a&ay", &envv))
     envv = NULL;
-
   if (!g_variant_lookup (options, "fd-set", "@a(ih)", &fd_array))
     fd_array = NULL;
 
+  /* Check environment */
+  if (!terminal_util_check_envv((const char * const*)envv)) {
+    g_dbus_method_invocation_return_error_literal (invocation,
+                                                   G_DBUS_ERROR,
+                                                   G_DBUS_ERROR_INVALID_ARGS,
+                                                   "Malformed environment");
+    goto out;
+  }
+
   /* Check FD passing */
   if ((fd_list != NULL) ^ (fd_array != NULL)) {
     g_dbus_method_invocation_return_error_literal (invocation,
diff --git a/src/terminal-util.c b/src/terminal-util.c
index 128d4da8..3155e3f4 100644
--- a/src/terminal-util.c
+++ b/src/terminal-util.c
@@ -1556,3 +1556,25 @@ terminal_util_find_program_in_path (const char *path,
 }
 
 /* END code copied from glib */
+
+/*
+ * terminal_util_check_envv:
+ * @strv:
+ *
+ * Validates that each element is of the form 'KEY=VALUE'.
+ */
+gboolean
+terminal_util_check_envv(char const* const* strv)
+{
+  if (!strv)
+    return TRUE;
+
+  for (int i = 0; strv[i]; ++i) {
+          const char *str = strv[i];
+          const char *equal = strchr(str, '=');
+          if (equal == NULL || equal == str)
+                  return FALSE;
+  }
+
+  return TRUE;
+}
diff --git a/src/terminal-util.h b/src/terminal-util.h
index 85784410..0f3e6bfa 100644
--- a/src/terminal-util.h
+++ b/src/terminal-util.h
@@ -110,6 +110,8 @@ const char *terminal_util_translate_encoding (const char *encoding);
 char *terminal_util_find_program_in_path (const char *path,
                                           const char *program);
 
+gboolean terminal_util_check_envv(char const* const* strv);
+
 G_END_DECLS
 
 #endif /* TERMINAL_UTIL_H */

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]