Welcome to little lamb

Code » ssp » commit 3804b80

ssp: Ensure site's name doesn't contain a NUL byte

author Olivier Brunel
2023-04-18 08:09:17 UTC
committer Olivier Brunel
2023-04-18 08:09:17 UTC
parent a275c8ce14daeffd913c1ada74d5eba8d2e6174a
ssp: Ensure site's name doesn't contain a NUL byte

Which could happen via escaping; as names enclosed in double-quotes are
processed as escaped, and as such "unescaped".
So using "foo\x00bar" would have a site's name containing a NUL, which
would be all kinds of annoying since we (mostly) treat them as
NUL-terminated strings.
src/ssp/ssp.c +4 -0 
diff --git a/src/ssp/ssp.c b/src/ssp/ssp.c
index be77bbd..6c3f7e3 100644
--- a/src/ssp/ssp.c
+++ b/src/ssp/ssp.c
@@ -4,6 +4,7 @@
 #include <errno.h>
 #include <locale.h>
 #include <skalibs/env.h>
+#include <limb/bytestr.h>
 #include <limb/command.h>
 #include <limb/esc.h>
 #include <limb/exitcode.h>
@@ -52,6 +53,9 @@ get_site_name(const char *s, struct ssp *ctx)
     l = esc_scan(ctx->sa.s + ctx->sa.len, l, s + 1, l);
     if (l < 0)
         return NULL;
+    /* make sure there was no encoded NUL byte */
+    if (byte_chr(ctx->sa.s + ctx->sa.len, l, 0) < l)
+        return (errno = EINVAL, NULL);
     ctx->sa.s[l++] = 0;
     ctx->sa.len += l;
     return ctx->sa.s + salen;