generators: be more careful when writing unit settings that support specifier expansion

Let's always escape strings we receive from the user before writing them out to unit file settings that suppor specifier expansion, so that user strings are transported as-is.
author: Lennart Poettering <lennart@poettering.net> 2017-11-21 20:09:31 +0100
committer: Lennart Poettering <lennart@poettering.net> 2017-11-29 12:32:57 +0100
commit: 98bad05e75cad988d5b2c2cc928f7cc2605cbc2d (patch)
tree: eab0e5f4e66d88c3cd8eaa0e72cc1289f694af90 /src/veritysetup
parent: b238be1e0d13f587d3a48645cea3f47d1dda3475 (diff)
download: systemd-98bad05e75cad988d5b2c2cc928f7cc2605cbc2d.tar.gz
1 files changed, 14 insertions, 2 deletions
diff --git a/src/veritysetup/veritysetup-generator.c b/src/veritysetup/veritysetup-generator.c
index ef43aed42f..5919b1380e 100644
--- a/src/veritysetup/veritysetup-generator.c
+++ b/src/veritysetup/veritysetup-generator.c
@@ -32,6 +32,7 @@
 #include "mkdir.h"
 #include "parse-util.h"
 #include "proc-cmdline.h"
+#include "specifier.h"
 #include "string-util.h"
 #include "unit-name.h"
 
@@ -42,7 +43,7 @@ static char *arg_data_what = NULL;
 static char *arg_hash_what = NULL;
 
 static int create_device(void) {
-        _cleanup_free_ char *u = NULL, *v = NULL, *d = NULL, *e = NULL;
+        _cleanup_free_ char *u = NULL, *v = NULL, *d = NULL, *e = NULL, *u_escaped = NULL, *v_escaped = NULL, *root_hash_escaped = NULL;
         _cleanup_fclose_ FILE *f = NULL;
         const char *p, *to;
         int r;
@@ -75,6 +76,13 @@ static int create_device(void) {
         if (!v)
                 return log_oom();
 
+        u_escaped = specifier_escape(u);
+        if (!u_escaped)
+                return log_oom();
+        v_escaped = specifier_escape(v);
+        if (!v_escaped)
+                return log_oom();
+
         r = unit_name_from_path(u, ".device", &d);
         if (r < 0)
                 return log_error_errno(r, "Failed to generate unit name: %m");
@@ -82,6 +90,10 @@ static int create_device(void) {
         if (r < 0)
                 return log_error_errno(r, "Failed to generate unit name: %m");
 
+        root_hash_escaped = specifier_escape(arg_root_hash);
+        if (!root_hash_escaped)
+                return log_oom();
+
         f = fopen(p, "wxe");
         if (!f)
                 return log_error_errno(errno, "Failed to create unit file %s: %m", p);
@@ -105,7 +117,7 @@ static int create_device(void) {
                 "ExecStop=" ROOTLIBEXECDIR "/systemd-veritysetup detach root\n",
                 d, e,
                 d, e,
-                u, v, arg_root_hash);
+                u_escaped, v_escaped, root_hash_escaped);
 
         r = fflush_and_check(f);
         if (r < 0)
author	Lennart Poettering <lennart@poettering.net>	2017-11-21 20:09:31 +0100
committer	Lennart Poettering <lennart@poettering.net>	2017-11-29 12:32:57 +0100
commit	98bad05e75cad988d5b2c2cc928f7cc2605cbc2d (patch)
tree	eab0e5f4e66d88c3cd8eaa0e72cc1289f694af90 /src/veritysetup
parent	b238be1e0d13f587d3a48645cea3f47d1dda3475 (diff)
download	systemd-98bad05e75cad988d5b2c2cc928f7cc2605cbc2d.tar.gz