colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

platform: move asserts for sysctl_get/set functions to nm-linux-platform

Browse Source 
Also assert inside of sysctl_get() that we read the expected file
locations. Especially because now we might log the content of these
files.

Signed-off-by: Thomas Haller <thaller@redhat.com>
This commit is contained in:
Thomas Haller
2014-03-04 21:14:30 +01:00
parent 087c88f729
commit 3e9ba55c3a
2 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/platform/nm-linux-platform.c
View File

@@ -1462,6 +1462,12 @@ sysctl_set (NMPlatform *platform, const char *path, const char *value)
g_return_val_if_fail (path != NULL, FALSE);
g_return_val_if_fail (value != NULL, FALSE);
/* Don't write outside known locations */
g_assert (g_str_has_prefix (path, "/proc/sys/")
|| g_str_has_prefix (path, "/sys/"));
/* Don't write to suspicious locations */
g_assert (!strstr (path, "/.."));
fd = open (path, O_WRONLY | O_TRUNC);
if (fd == -1) {
if (errno == ENOENT) {
@@ -1555,6 +1561,12 @@ sysctl_get (NMPlatform *platform, const char *path)
GError *error = NULL;
char *contents;
/* Don't write outside known locations */
g_assert (g_str_has_prefix (path, "/proc/sys/")
|| g_str_has_prefix (path, "/sys/"));
/* Don't write to suspicious locations */
g_assert (!strstr (path, "/.."));
if (!g_file_get_contents (path, &contents, NULL, &error)) {
/* We assume FAILED means EOPNOTSUP */
if ( g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_NOENT)