diff options
| author | John Levon <john.levon@joyent.com> | 2020-04-21 08:43:40 -0700 |
|---|---|---|
| committer | John Levon <john.levon@joyent.com> | 2020-04-29 07:33:40 -0700 |
| commit | 2f602de35d44213d39581c59632aa8365348850b (patch) | |
| tree | c295ffd8f9be0baa1cf77559dd657f176211b53d /usr/src | |
| parent | 454f0c49f9d5b08ab88fe3db5788d9e5e6a7cf0f (diff) | |
| download | illumos-joyent-2f602de35d44213d39581c59632aa8365348850b.tar.gz | |
12585 insufficient validation in svccfg for service name
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Patrick Mooney <pmooney@pfmooney.com>
Approved by: Dan McDonald <danmcd@joyent.com>
Diffstat (limited to 'usr/src')
| -rw-r--r-- | usr/src/cmd/svc/svccfg/svccfg_xml.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/usr/src/cmd/svc/svccfg/svccfg_xml.c b/usr/src/cmd/svc/svccfg/svccfg_xml.c index 13c7a90d12..c0810de2ab 100644 --- a/usr/src/cmd/svc/svccfg/svccfg_xml.c +++ b/usr/src/cmd/svc/svccfg/svccfg_xml.c @@ -23,7 +23,7 @@ */ /* * Copyright 2011 Nexenta Systems, Inc. All rights reserved. - * Copyright 2019 Joyent, Inc. + * Copyright 2020 Joyent, Inc. */ @@ -3404,6 +3404,28 @@ out: } /* + * Validate the svc:/-prefixed FMRI generated from the service name. + */ +static void +validate_service_name(const entity_t *s) +{ + char *fmri; + int ftype; + const char *finst; + + if ((fmri = uu_strdup(s->sc_fmri)) == NULL) + uu_die(gettext("couldn't allocate memory")); + + if (scf_parse_fmri(fmri, &ftype, NULL, NULL, &finst, NULL, NULL) != 0 || + finst != NULL || ftype != SCF_FMRI_TYPE_SVC) { + uu_die(gettext("invalid value \"%s\": should be a bare " + "service name\n"), s->sc_name); + } + + uu_free(fmri); +} + +/* * Translate a service element into an internal instance/property tree, added * to bundle. * @@ -3427,6 +3449,8 @@ lxml_get_service(bundle_t *bundle, xmlNodePtr svc, svccfg_op_t op) s = internal_service_new((char *)xmlGetProp(svc, (xmlChar *)name_attr)); + validate_service_name(s); + version = xmlGetProp(svc, (xmlChar *)version_attr); s->sc_u.sc_service.sc_service_version = atol((const char *)version); xmlFree(version); |