From: Martin Mares <mj@ucw.cz>
Date: Fri, 15 Feb 2013 10:26:38 +0000 (+0100)
Subject: Allow "." in names, but not sole "." nor ".."
X-Git-Tag: v1.3~5
X-Git-Url: http://mj.ucw.cz/gitweb/?a=commitdiff_plain;h=2f945219a2adf6e642dd597b096702c9947172bb;p=suidgw.git

Allow "." in names, but not sole "." nor ".."
---

diff --git a/suidgw.c b/suidgw.c
index 4e49abc..47885f6 100644
--- a/suidgw.c
+++ b/suidgw.c
@@ -83,7 +83,7 @@ static void sanitize_env(void)
   snprintf(env_orig_gid, sizeof(env_orig_gid), "ORIG_GID=%d", (int) getgid());
 }
 
-static bool get_program_name(const char *arg0)
+static void get_script_name(const char *arg0)
 {
   // If arg0 is a path, extract the last component
   const char *p = strrchr(arg0, '/');
@@ -93,8 +93,10 @@ static bool get_program_name(const char *arg0)
     p = arg0;
 
   // Reject empty and oversized names
-  if (!p[0] || strlen(p) >= PATH_MAX)
-    return 0;
+  if (!p[0])
+    die("Script name is empty");
+  if (strlen(p) >= PATH_MAX)
+    die("Script name too long");
 
   // Reject invalid characters
   for (const char *q = p; *q; q++)
@@ -103,14 +105,18 @@ static bool get_program_name(const char *arg0)
       if (! (c >= 'a' && c <= 'z' ||
 	     c >= 'A' && c <= 'Z' ||
 	     c >= '0' && c <= '9' ||
+	     c == '.' ||
 	     c == '-' ||
 	     c == '_'))
-	return 0;
+	die("Script name contains an invalid character 0x%02x", c);
     }
 
+  // Reject "." and ".."
+  if (!strcmp(p, ".") || !strcmp(p, ".."))
+    die("Script name must not be `.' or `..'");
+
   DBG("Program name: <%s>\n", p);
   strcpy(program_name, p);
-  return 1;
 }
 
 static void find_script(void)
@@ -172,9 +178,7 @@ int main(int argc UNUSED, char **argv)
 
   openlog("suidgw", LOG_NDELAY | LOG_PID, LOG_AUTH);
 
-  if (!get_program_name(argv[0]))
-    die("Unable to parse program name %s", argv[0]);
-
+  get_script_name(argv[0]);
   find_script();
   check_stat();
   switch_ugid();