From 2bc4e65697d7207fa012fb7e65e3ce79307f226d Mon Sep 17 00:00:00 2001 From: Jan Rybar Date: Tue, 2 Apr 2019 11:49:08 +0000 Subject: Use JS_EncodeStringToUTF8 consistently with JavaScript When strings handled by the jsbackendauthority contain non-ASCII, the code will fail. For example, on a system having a user with a non-ASCII name, the following message will appear when a USB stick is plugged in. mar 04 21:47:31 mimmi polkitd[17163]: Error evaluating authorization rules The user will not be allowed to do the mount. The problem is that strings were variously encoded back to C strings with JS_EncodeString and JS_EncodeStringToUTF8. According to the documentation (https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/JSAPI_reference/JS_EncodeString#Description) the former will simply drop the high byte from each character. If that happens to a username, it will no longer be found as a valid user name on the system. Explicitly encoding to UTF-8 will at least work in UTF-8 locales, which is the increasingly dominant encoding. --- src/polkitbackend/polkitbackendjsauthority.cpp | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp index 984a0f0..9b752d1 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp @@ -1284,13 +1284,15 @@ js_polkit_log (JSContext *cx, unsigned argc, JS::Value *vp) { - /* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */ + PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); bool ret = false; char *s; JS::CallArgs args = JS::CallArgsFromVp (argc, vp); - s = JS_EncodeString (cx, args[0].toString ()); + JS::RootedString jsstr (authority->priv->cx); + jsstr = args[0].toString (); + s = JS_EncodeStringToUTF8 (cx, jsstr); JS_ReportWarningUTF8 (cx, "%s", s); JS_free (cx, s); @@ -1367,7 +1369,7 @@ js_polkit_spawn (JSContext *cx, unsigned js_argc, JS::Value *vp) { - /* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */ + PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); bool ret = false; JS::RootedObject array_object(cx); gchar *standard_output = NULL; @@ -1407,7 +1409,9 @@ js_polkit_spawn (JSContext *cx, JS_ReportErrorUTF8 (cx, "Element %d is not a string", n); goto out; } - s = JS_EncodeString (cx, elem_val.toString()); + JS::RootedString jsstr (authority->priv->cx); + jsstr = elem_val.toString(); + s = JS_EncodeStringToUTF8 (cx, jsstr); argv[n] = g_strdup (s); JS_free (cx, s); } @@ -1490,7 +1494,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, unsigned argc, JS::Value *vp) { - /* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */ + PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); bool ret = false; char *user; char *netgroup; @@ -1498,8 +1502,12 @@ js_polkit_user_is_in_netgroup (JSContext *cx, JS::CallArgs args = JS::CallArgsFromVp (argc, vp); - user = JS_EncodeString (cx, args[0].toString()); - netgroup = JS_EncodeString (cx, args[1].toString()); + JS::RootedString usrstr (authority->priv->cx); + usrstr = args[0].toString(); + user = JS_EncodeStringToUTF8 (cx, usrstr); + JS::RootedString netgstr (authority->priv->cx); + netgstr = args[1].toString(); + netgroup = JS_EncodeStringToUTF8 (cx, netgstr); if (innetgr (netgroup, NULL, /* host */ -- cgit v1.2.1