test-env-util: Verify that \r is disallowed in env var values

This adds tests to make sure that basic/env-util considers environment
variables containing \r characters invalid, and that it removes such
variables during environment cleanup in strv_env_clean*().

test-env-util has not verified this behaviour before.

As \r characters can be used to hide information, disallowing them
helps with systemd's security barrier role, even when the \r
character comes as part of a DOS style (\r\n) line ending.

Prompted-by: https://github.com/systemd/systemd/issues/17378

1 files changed, 3 insertions, 0 deletions

diff --git a/src/test/test-env-util.c b/src/test/test-env-util.c
index b0af660e3b..4fede158cd 100644
--- a/src/test/test-env-util.c
+++ b/src/test/test-env-util.c
@@ -264,6 +264,7 @@ static void test_env_clean(void) {
                                                 "xyz=xyz\n",
                                                 "another=one",
                                                 "another=final one",
+                                                "CRLF=\r\n",
                                                 "BASH_FUNC_foo%%=() {  echo foo\n}");
         assert_se(e);
         assert_se(!strv_env_is_valid(e));
@@ -306,6 +307,8 @@ static void test_env_value_is_valid(void) {
         assert_se(env_value_is_valid("printf \"\\x1b]0;<mock-chroot>\\x07<mock-chroot>\""));
         assert_se(env_value_is_valid("tab\tcharacter"));
         assert_se(env_value_is_valid("new\nline"));
+        assert_se(!env_value_is_valid("Show this?\rNope. Show that!"));
+        assert_se(!env_value_is_valid("new DOS\r\nline"));
 }
 
 static void test_env_assignment_is_valid(void) {