From owner-svn-src-all@freebsd.org Wed Jun 27 23:44:38 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1E09101E565; Wed, 27 Jun 2018 23:44:38 +0000 (UTC) (envelope-from imp@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6610D7A8B1; Wed, 27 Jun 2018 23:44:38 +0000 (UTC) (envelope-from imp@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 39DAC1ECD; Wed, 27 Jun 2018 23:44:38 +0000 (UTC) (envelope-from imp@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w5RNicME085249; Wed, 27 Jun 2018 23:44:38 GMT (envelope-from imp@FreeBSD.org) Received: (from imp@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w5RNibEr085247; Wed, 27 Jun 2018 23:44:37 GMT (envelope-from imp@FreeBSD.org) Message-Id: <201806272344.w5RNibEr085247@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: imp set sender to imp@FreeBSD.org using -f From: Warner Losh Date: Wed, 27 Jun 2018 23:44:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r335753 - head/sbin/devd X-SVN-Group: head X-SVN-Commit-Author: imp X-SVN-Commit-Paths: head/sbin/devd X-SVN-Commit-Revision: 335753 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jun 2018 23:44:39 -0000 Author: imp Date: Wed Jun 27 23:44:37 2018 New Revision: 335753 URL: https://svnweb.freebsd.org/changeset/base/335753 Log: Safely quote all variable expansions. When expanding a variable set by a message from the kernel, safely quote all arguments expanded when creating a command line for the shell. Reviewd by: Shawn Webb, Oliver Pinter, brd@ Sponsored by: Netflix Modified: head/sbin/devd/devd.cc head/sbin/devd/devd.hh Modified: head/sbin/devd/devd.cc ============================================================================== --- head/sbin/devd/devd.cc Wed Jun 27 23:02:18 2018 (r335752) +++ head/sbin/devd/devd.cc Wed Jun 27 23:44:37 2018 (r335753) @@ -636,6 +636,30 @@ config::is_id_char(char ch) const ch == '-')); } +string +config::shell_quote(const string &s) +{ + string buffer; + + /* + * Enclose the string in $' ' with escapes for ' and / characters making + * it one argument and ensuring the shell won't be affected by its + * usual list of candidates. + */ + buffer.reserve(s.length() * 3 / 2); + buffer += '$'; + buffer += '\''; + for (const char &c : s) { + if (c == '\'' || c == '\\') { + buffer += '\\'; + } + buffer += c; + } + buffer += '\''; + + return buffer; +} + void config::expand_one(const char *&src, string &dst) { @@ -650,8 +674,7 @@ config::expand_one(const char *&src, string &dst) } // $(foo) -> $(foo) - // Not sure if I want to support this or not, so for now we just pass - // it through. + // This is the escape hatch for passing down shell subcommands if (*src == '(') { dst += '$'; count = 1; @@ -677,7 +700,7 @@ config::expand_one(const char *&src, string &dst) do { buffer += *src++; } while (is_id_char(*src)); - dst.append(get_variable(buffer)); + dst.append(shell_quote(get_variable(buffer))); } const string Modified: head/sbin/devd/devd.hh ============================================================================== --- head/sbin/devd/devd.hh Wed Jun 27 23:02:18 2018 (r335752) +++ head/sbin/devd/devd.hh Wed Jun 27 23:44:37 2018 (r335753) @@ -173,6 +173,7 @@ class config (protected) void parse_one_file(const char *fn); void parse_files_in_dir(const char *dirname); void expand_one(const char *&src, std::string &dst); + std::string shell_quote(const std::string &s); bool is_id_char(char) const; bool chop_var(char *&buffer, char *&lhs, char *&rhs) const; private: