summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Kolesa <d.kolesa@osg.samsung.com>2015-06-09 14:01:25 +0100
committerDaniel Kolesa <d.kolesa@osg.samsung.com>2015-06-09 14:01:25 +0100
commitb90c1bf90e67f1838152185dce5a270f3f824f6b (patch)
tree0255638c4cc55bb616076c3d72b616c875602bc4
parent6692319c7873e0fbb797f01bc2ca41c2d12824b4 (diff)
elua lib: sanitize all file paths before writing them
This will prevent random nonsense from being written in. It changes semantics slightly (documented) and also fixes CID 1267463. @fix
-rw-r--r--src/lib/elua/Elua.h8
-rw-r--r--src/lib/elua/elua.c48
-rw-r--r--src/tests/elua/elua_lib.c26
3 files changed, 69 insertions, 13 deletions
diff --git a/src/lib/elua/Elua.h b/src/lib/elua/Elua.h
index d960cf5f4c..4c0f9cb3c5 100644
--- a/src/lib/elua/Elua.h
+++ b/src/lib/elua/Elua.h
@@ -187,6 +187,9 @@ EAPI void elua_state_free(Elua_State *es);
187 * split the setting into multiple calls. By the time of state use all need 187 * split the setting into multiple calls. By the time of state use all need
188 * to be set. 188 * to be set.
189 * 189 *
190 * Also, all the paths will be sanitized before setting by calling
191 * @ref eina_file_path_sanitize on them.
192 *
190 * @param[in] es The Elua state. 193 * @param[in] es The Elua state.
191 * @param[in] core The core path. 194 * @param[in] core The core path.
192 * @param[in] mods The modules path. 195 * @param[in] mods The modules path.
@@ -212,6 +215,9 @@ EAPI void elua_state_dirs_set(Elua_State *es, const char *core,
212 * they will expand to DATADIR/core, DATADIR/modules and DATADIR/apps, where 215 * they will expand to DATADIR/core, DATADIR/modules and DATADIR/apps, where
213 * DATADIR is typically something like /usr/share/elua. 216 * DATADIR is typically something like /usr/share/elua.
214 * 217 *
218 * Also, all the paths will be sanitized before setting by calling
219 * @ref eina_file_path_sanitize on them.
220 *
215 * @param[in] es The Elua state. 221 * @param[in] es The Elua state.
216 * @param[in] ignore_env If set to EINA_TRUE, this ignores the env vars. 222 * @param[in] ignore_env If set to EINA_TRUE, this ignores the env vars.
217 * 223 *
@@ -262,6 +268,8 @@ EAPI Eina_Stringshare *elua_state_prog_name_get(const Elua_State *es);
262/** 268/**
263 * @brief Add another path to look up modules in to the state. 269 * @brief Add another path to look up modules in to the state.
264 * 270 *
271 * The path will be sanitized using @ref eina_file_path_sanitize.
272 *
265 * @param[in] es The Elua state. 273 * @param[in] es The Elua state.
266 * 274 *
267 * @ingroup Elua 275 * @ingroup Elua
diff --git a/src/lib/elua/elua.c b/src/lib/elua/elua.c
index a7c86f9a91..0056cf0080 100644
--- a/src/lib/elua/elua.c
+++ b/src/lib/elua/elua.c
@@ -108,10 +108,29 @@ EAPI void
108elua_state_dirs_set(Elua_State *es, const char *core, const char *mods, 108elua_state_dirs_set(Elua_State *es, const char *core, const char *mods,
109 const char *apps) 109 const char *apps)
110{ 110{
111 char *spath = NULL;
111 EINA_SAFETY_ON_NULL_RETURN(es); 112 EINA_SAFETY_ON_NULL_RETURN(es);
112 if (core) es->coredir = eina_stringshare_add(core); 113 if (core)
113 if (mods) es->moddir = eina_stringshare_add(mods); 114 {
114 if (apps) es->appsdir = eina_stringshare_add(apps); 115 eina_stringshare_del(es->coredir);
116 spath = eina_file_path_sanitize(core);
117 es->coredir = eina_stringshare_add(spath);
118 free(spath);
119 }
120 if (mods)
121 {
122 eina_stringshare_del(es->moddir);
123 spath = eina_file_path_sanitize(mods);
124 es->moddir = eina_stringshare_add(spath);
125 free(spath);
126 }
127 if (apps)
128 {
129 eina_stringshare_del(es->appsdir);
130 spath = eina_file_path_sanitize(apps);
131 es->appsdir = eina_stringshare_add(spath);
132 free(spath);
133 }
115} 134}
116 135
117EAPI void 136EAPI void
@@ -128,7 +147,11 @@ elua_state_dirs_fill(Elua_State *es, Eina_Bool ignore_env)
128 snprintf(coredirbuf, sizeof(coredirbuf), "%s/core", 147 snprintf(coredirbuf, sizeof(coredirbuf), "%s/core",
129 eina_prefix_data_get(_elua_pfx)); 148 eina_prefix_data_get(_elua_pfx));
130 } 149 }
131 if (coredir) es->coredir = eina_stringshare_add(coredir); 150 if (coredir) {
151 char *sdir = eina_file_path_sanitize(coredir);
152 es->coredir = eina_stringshare_add(sdir);
153 free(sdir);
154 }
132 } 155 }
133 if (!(moddir = es->moddir)) 156 if (!(moddir = es->moddir))
134 { 157 {
@@ -138,7 +161,11 @@ elua_state_dirs_fill(Elua_State *es, Eina_Bool ignore_env)
138 snprintf(moddirbuf, sizeof(moddirbuf), "%s/modules", 161 snprintf(moddirbuf, sizeof(moddirbuf), "%s/modules",
139 eina_prefix_data_get(_elua_pfx)); 162 eina_prefix_data_get(_elua_pfx));
140 } 163 }
141 if (moddir) es->moddir = eina_stringshare_add(moddir); 164 if (moddir) {
165 char *sdir = eina_file_path_sanitize(moddir);
166 es->moddir = eina_stringshare_add(sdir);
167 free(sdir);
168 }
142 } 169 }
143 if (!(appsdir = es->appsdir)) 170 if (!(appsdir = es->appsdir))
144 { 171 {
@@ -148,7 +175,11 @@ elua_state_dirs_fill(Elua_State *es, Eina_Bool ignore_env)
148 snprintf(appsdirbuf, sizeof(appsdirbuf), "%s/apps", 175 snprintf(appsdirbuf, sizeof(appsdirbuf), "%s/apps",
149 eina_prefix_data_get(_elua_pfx)); 176 eina_prefix_data_get(_elua_pfx));
150 } 177 }
151 if (appsdir) es->appsdir = eina_stringshare_add(appsdir); 178 if (appsdir) {
179 char *sdir = eina_file_path_sanitize(appsdir);
180 es->appsdir = eina_stringshare_add(sdir);
181 free(sdir);
182 }
152 } 183 }
153} 184}
154 185
@@ -183,10 +214,13 @@ elua_state_prog_name_get(const Elua_State *es)
183EAPI void 214EAPI void
184elua_state_include_path_add(Elua_State *es, const char *path) 215elua_state_include_path_add(Elua_State *es, const char *path)
185{ 216{
217 char *spath = NULL;
186 EINA_SAFETY_ON_NULL_RETURN(es); 218 EINA_SAFETY_ON_NULL_RETURN(es);
187 EINA_SAFETY_ON_NULL_RETURN(path); 219 EINA_SAFETY_ON_NULL_RETURN(path);
188 EINA_SAFETY_ON_FALSE_RETURN(path[0]); 220 EINA_SAFETY_ON_FALSE_RETURN(path[0]);
189 es->lincs = eina_list_append(es->lincs, eina_stringshare_add(path)); 221 spath = eina_file_path_sanitize(path);
222 es->lincs = eina_list_append(es->lincs, eina_stringshare_add(spath));
223 free(spath);
190} 224}
191 225
192EAPI Eina_Bool 226EAPI Eina_Bool
diff --git a/src/tests/elua/elua_lib.c b/src/tests/elua/elua_lib.c
index bd959ca7b1..43df108113 100644
--- a/src/tests/elua/elua_lib.c
+++ b/src/tests/elua/elua_lib.c
@@ -22,6 +22,7 @@ START_TEST(elua_api)
22 int quit = 0; 22 int quit = 0;
23 cargv[0] = arg1; 23 cargv[0] = arg1;
24 cargv[1] = arg2; 24 cargv[1] = arg2;
25 char *spath = NULL;
25 26
26 fail_if(!elua_init()); 27 fail_if(!elua_init());
27 28
@@ -33,18 +34,31 @@ START_TEST(elua_api)
33 setenv("ELUA_MODULES_DIR", "bar", 1); 34 setenv("ELUA_MODULES_DIR", "bar", 1);
34 setenv("ELUA_APPS_DIR", "baz", 1); 35 setenv("ELUA_APPS_DIR", "baz", 1);
35 elua_state_dirs_fill(st, EINA_FALSE); 36 elua_state_dirs_fill(st, EINA_FALSE);
36 fail_if(strcmp(elua_state_core_dir_get(st), "foo")); 37
37 fail_if(strcmp(elua_state_mod_dir_get(st), "bar")); 38 spath = eina_file_path_sanitize("foo");
38 fail_if(strcmp(elua_state_apps_dir_get(st), "baz")); 39 fail_if(strcmp(elua_state_core_dir_get(st), spath));
40 free(spath);
41 spath = eina_file_path_sanitize("bar");
42 fail_if(strcmp(elua_state_mod_dir_get(st), spath));
43 free(spath);
44 spath = eina_file_path_sanitize("baz");
45 fail_if(strcmp(elua_state_apps_dir_get(st), spath));
46 free(spath);
39 unsetenv("ELUA_CORE_DIR"); 47 unsetenv("ELUA_CORE_DIR");
40 unsetenv("ELUA_MODULES_DIR"); 48 unsetenv("ELUA_MODULES_DIR");
41 unsetenv("ELUA_APPS_DIR"); 49 unsetenv("ELUA_APPS_DIR");
42 50
43 /* now fill it properly */ 51 /* now fill it properly */
44 elua_state_dirs_set(st, ELUA_CORE_DIR, ELUA_MODULES_DIR, ELUA_APPS_DIR); 52 elua_state_dirs_set(st, ELUA_CORE_DIR, ELUA_MODULES_DIR, ELUA_APPS_DIR);
45 fail_if(strcmp(elua_state_core_dir_get(st), ELUA_CORE_DIR)); 53 spath = eina_file_path_sanitize(ELUA_CORE_DIR);
46 fail_if(strcmp(elua_state_mod_dir_get(st), ELUA_MODULES_DIR)); 54 fail_if(strcmp(elua_state_core_dir_get(st), spath));
47 fail_if(strcmp(elua_state_apps_dir_get(st), ELUA_APPS_DIR)); 55 free(spath);
56 spath = eina_file_path_sanitize(ELUA_MODULES_DIR);
57 fail_if(strcmp(elua_state_mod_dir_get(st), spath));
58 free(spath);
59 spath = eina_file_path_sanitize(ELUA_APPS_DIR);
60 fail_if(strcmp(elua_state_apps_dir_get(st), spath));
61 free(spath);
48 62
49 /* needed for later setup, but untestable alone */ 63 /* needed for later setup, but untestable alone */
50 elua_state_include_path_add(st, ELUA_BINDINGS_DIR); 64 elua_state_include_path_add(st, ELUA_BINDINGS_DIR);