From de12a24e7706c1cb2eb5d5055a511582cad8c562 Mon Sep 17 00:00:00 2001 From: Wim Taymans Date: Sat, 20 Mar 2021 20:59:50 +0100 Subject: [PATCH] protocol-native: hex encode invalid SEC_LABEL When the sec label contains invalid chars, hexencode it to avoid causing problems with invalid strings later. --- src/modules/module-protocol-native.c | 33 ++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/src/modules/module-protocol-native.c b/src/modules/module-protocol-native.c index 806bf7927..c92409c79 100644 --- a/src/modules/module-protocol-native.c +++ b/src/modules/module-protocol-native.c @@ -33,6 +33,7 @@ #include #include #include +#include #if HAVE_PWD_H #include #endif @@ -390,6 +391,17 @@ static const struct pw_protocol_native_connection_events server_conn_events = { .need_flush = on_server_need_flush, }; +static bool check_print(const char *buffer, int len) +{ + int i; + while (len > 1 && buffer[len-1] == 0) + len--; + for (i = 0; i < len; i++) + if (!isprint(buffer[i])) + return false; + return true; +} + static struct client_data *client_new(struct server *s, int fd) { struct client_data *this; @@ -404,7 +416,7 @@ static struct client_data *client_new(struct server *s, int fd) struct pw_properties *props; char buffer[1024]; struct protocol_data *d = pw_protocol_get_user_data(protocol); - int res; + int i, res; props = pw_properties_new(PW_KEY_PROTOCOL, "protocol-native", NULL); if (props == NULL) @@ -427,9 +439,22 @@ static struct client_data *client_new(struct server *s, int fd) else pw_log_warn("server %p: security label error: %m", s); } else { - /* buffer is not null terminated, must use length explicitly */ - pw_properties_setf(props, PW_KEY_SEC_LABEL, "%.*s", - (int)len, buffer); + if (!check_print(buffer, len)) { + char *hex, *p; + static const char *ch = "0123456789abcdef"; + + p = hex = alloca(len * 2 + 10); + p += snprintf(p, 5, "hex:"); + for(i = 0; i < (int)len; i++) + p += snprintf(p, 3, "%c%c", + ch[buffer[i] >> 4], ch[buffer[i] & 0xf]); + pw_properties_set(props, PW_KEY_SEC_LABEL, hex); + + } else { + /* buffer is not null terminated, must use length explicitly */ + pw_properties_setf(props, PW_KEY_SEC_LABEL, "%.*s", + (int)len, buffer); + } } #elif defined(__FreeBSD__) len = sizeof(xucred);