lldp: backslash escape untrusted chassis-id,port-id strings

This is a serious issue, because this is not guaranteed to be UTF-8
data.

Fixes: 07a9364d9c15 ('device: export list of LLDP neighbors through D-Bus')
(cherry picked from commit 8cd9b87c914e82e0e366b64b3b954761ba8135d9)
(cherry picked from commit 94f8e9fbdca92b1a1e3706e7653f0a19988336df)
(cherry picked from commit 90b1df47541484844eb9d168f0330c76b0de53e9)

1 files changed, 4 insertions, 2 deletions

diff --git a/src/devices/nm-lldp-listener.c b/src/devices/nm-lldp-listener.c
index 469ccce165..25baf58a0e 100644
--- a/src/devices/nm-lldp-listener.c
+++ b/src/devices/nm-lldp-listener.c
@@ -531,7 +531,8 @@ lldp_neighbor_new (sd_lldp_neighbor *neighbor_sd, GError **error)
 	case SD_LLDP_CHASSIS_SUBTYPE_INTERFACE_NAME:
 	case SD_LLDP_CHASSIS_SUBTYPE_LOCALLY_ASSIGNED:
 	case SD_LLDP_CHASSIS_SUBTYPE_CHASSIS_COMPONENT:
-		neigh->chassis_id = g_strndup ((const char *) chassis_id, chassis_id_len);
+		neigh->chassis_id =    nm_utils_buf_utf8safe_escape_cp (chassis_id, chassis_id_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL | NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_NON_ASCII)
+		                    ?: g_new0 (char, 1);
 		break;
 	case SD_LLDP_CHASSIS_SUBTYPE_MAC_ADDRESS:
 		neigh->chassis_id = nm_utils_hwaddr_ntoa (chassis_id, chassis_id_len);
@@ -547,7 +548,8 @@ lldp_neighbor_new (sd_lldp_neighbor *neighbor_sd, GError **error)
 	case SD_LLDP_PORT_SUBTYPE_INTERFACE_NAME:
 	case SD_LLDP_PORT_SUBTYPE_LOCALLY_ASSIGNED:
 	case SD_LLDP_PORT_SUBTYPE_PORT_COMPONENT:
-		neigh->port_id = strndup ((char *) port_id, port_id_len);
+		neigh->port_id =    nm_utils_buf_utf8safe_escape_cp (port_id, port_id_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL | NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_NON_ASCII)
+		                 ?: g_new0 (char, 1);
 		break;
 	case SD_LLDP_PORT_SUBTYPE_MAC_ADDRESS:
 		neigh->port_id = nm_utils_hwaddr_ntoa (port_id, port_id_len);