|
 |
10f9a2 |
From b72f69c0d45947e703543c5ff039a36d3edf5e84 Mon Sep 17 00:00:00 2001
|
|
|
10f9a2 |
From: Ray Strode <rstrode@redhat.com>
|
|
|
10f9a2 |
Date: Tue, 26 Mar 2019 11:03:00 -0400
|
|
|
10f9a2 |
Subject: [PATCH] gsm-util: avoid groups in regexex
|
|
|
10f9a2 |
|
|
|
10f9a2 |
They can lead to stack overflows if pcre isn't built with --disable-stack-for-recursion
|
|
|
10f9a2 |
---
|
|
|
10f9a2 |
gnome-session/gsm-util.c | 4 ++--
|
|
|
10f9a2 |
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
10f9a2 |
|
|
|
10f9a2 |
diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
|
|
|
10f9a2 |
index acb446a3..be971fe1 100644
|
|
|
10f9a2 |
--- a/gnome-session/gsm-util.c
|
|
|
10f9a2 |
+++ b/gnome-session/gsm-util.c
|
|
|
10f9a2 |
@@ -490,61 +490,61 @@ gsm_util_update_activation_environment (const char *variable,
|
|
|
10f9a2 |
g_clear_object (&connection);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
return environment_updated;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
gboolean
|
|
|
10f9a2 |
gsm_util_export_activation_environment (GError **error)
|
|
|
10f9a2 |
{
|
|
|
10f9a2 |
|
|
|
10f9a2 |
GDBusConnection *connection;
|
|
|
10f9a2 |
gboolean environment_updated = FALSE;
|
|
|
10f9a2 |
char **entry_names;
|
|
|
10f9a2 |
int i = 0;
|
|
|
10f9a2 |
GVariantBuilder builder;
|
|
|
10f9a2 |
GRegex *name_regex, *value_regex;
|
|
|
10f9a2 |
GVariant *reply;
|
|
|
10f9a2 |
GError *bus_error = NULL;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
connection = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, error);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (connection == NULL) {
|
|
|
10f9a2 |
return FALSE;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
name_regex = g_regex_new ("^[a-zA-Z_][a-zA-Z0-9_]*$", G_REGEX_OPTIMIZE, 0, error);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (name_regex == NULL) {
|
|
|
10f9a2 |
return FALSE;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
- value_regex = g_regex_new ("^([[:blank:]]|[^[:cntrl:]])*$", G_REGEX_OPTIMIZE, 0, error);
|
|
|
10f9a2 |
+ value_regex = g_regex_new ("^[[:blank:][:^cntrl:]]*$", G_REGEX_OPTIMIZE, 0, error);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (value_regex == NULL) {
|
|
|
10f9a2 |
return FALSE;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{ss}"));
|
|
|
10f9a2 |
for (entry_names = g_listenv (); entry_names[i] != NULL; i++) {
|
|
|
10f9a2 |
const char *entry_name = entry_names[i];
|
|
|
10f9a2 |
const char *entry_value = g_getenv (entry_name);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (!g_utf8_validate (entry_name, -1, NULL))
|
|
|
10f9a2 |
continue;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (!g_regex_match (name_regex, entry_name, 0, NULL))
|
|
|
10f9a2 |
continue;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (!g_utf8_validate (entry_value, -1, NULL))
|
|
|
10f9a2 |
continue;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (!g_regex_match (value_regex, entry_value, 0, NULL))
|
|
|
10f9a2 |
continue;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_variant_builder_add (&builder, "{ss}", entry_name, entry_value);
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
g_regex_unref (name_regex);
|
|
|
10f9a2 |
g_regex_unref (value_regex);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_strfreev (entry_names);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
reply = g_dbus_connection_call_sync (connection,
|
|
|
10f9a2 |
@@ -563,61 +563,61 @@ gsm_util_export_activation_environment (GError **error)
|
|
|
10f9a2 |
} else {
|
|
|
10f9a2 |
environment_updated = TRUE;
|
|
|
10f9a2 |
g_variant_unref (reply);
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_clear_object (&connection);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
return environment_updated;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
#ifdef HAVE_SYSTEMD
|
|
|
10f9a2 |
gboolean
|
|
|
10f9a2 |
gsm_util_export_user_environment (GError **error)
|
|
|
10f9a2 |
{
|
|
|
10f9a2 |
|
|
|
10f9a2 |
GDBusConnection *connection;
|
|
|
10f9a2 |
gboolean environment_updated = FALSE;
|
|
|
10f9a2 |
char **entries;
|
|
|
10f9a2 |
int i = 0;
|
|
|
10f9a2 |
GVariantBuilder builder;
|
|
|
10f9a2 |
GRegex *regex;
|
|
|
10f9a2 |
GVariant *reply;
|
|
|
10f9a2 |
GError *bus_error = NULL;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
connection = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, error);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (connection == NULL) {
|
|
|
10f9a2 |
return FALSE;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
- regex = g_regex_new ("^[a-zA-Z_][a-zA-Z0-9_]*=([[:blank:]]|[^[:cntrl:]])*$", G_REGEX_OPTIMIZE, 0, error);
|
|
|
10f9a2 |
+ regex = g_regex_new ("^[a-zA-Z_][a-zA-Z0-9_]*=[[:blank:][:^cntrl:]]*$", G_REGEX_OPTIMIZE, 0, error);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (regex == NULL) {
|
|
|
10f9a2 |
return FALSE;
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_variant_builder_init (&builder, G_VARIANT_TYPE ("as"));
|
|
|
10f9a2 |
for (entries = g_get_environ (); entries[i] != NULL; i++) {
|
|
|
10f9a2 |
const char *entry = entries[i];
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (!g_utf8_validate (entry, -1, NULL))
|
|
|
10f9a2 |
continue;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
if (!g_regex_match (regex, entry, 0, NULL))
|
|
|
10f9a2 |
continue;
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_variant_builder_add (&builder, "s", entry);
|
|
|
10f9a2 |
}
|
|
|
10f9a2 |
g_regex_unref (regex);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
g_strfreev (entries);
|
|
|
10f9a2 |
|
|
|
10f9a2 |
reply = g_dbus_connection_call_sync (connection,
|
|
|
10f9a2 |
"org.freedesktop.systemd1",
|
|
|
10f9a2 |
"/org/freedesktop/systemd1",
|
|
|
10f9a2 |
"org.freedesktop.systemd1.Manager",
|
|
|
10f9a2 |
"SetEnvironment",
|
|
|
10f9a2 |
g_variant_new ("(@as)",
|
|
|
10f9a2 |
g_variant_builder_end (&builder)),
|
|
|
10f9a2 |
NULL,
|
|
|
10f9a2 |
G_DBUS_CALL_FLAGS_NONE,
|
|
|
10f9a2 |
--
|
|
|
10f9a2 |
2.20.1
|
|
|
10f9a2 |
|