<div dir="ltr">Hey Phil,<div><br></div><div>Not sure if modifying user input without any warnings about it is a good idea. This clearly solve problems but do we want to solve it this way ? </div><div><br></div><div>It might be a better idea to warn the user about improper channel name or simply block the command and return an error.</div><div><br></div><div>On Wed, Nov 26, 2014 at 10:32 PM, Philippe Proulx <span dir="ltr"><<a href="mailto:eeppeliteloop@gmail.com" target="_blank">eeppeliteloop@gmail.com</a>></span> wrote:<br></div><div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">This patch ensures:<br>
<br>
1. A channel name does not contain any '/' character, since<br>
relative paths may be injected in the channel name<br>
otherwise (knowing that the channel name is eventually<br>
part of a file name)<br>
2. A channel name does not start with a '.' character, since<br>
trace readers (Babeltrace is one of them) could interpret<br>
files starting with a dot as hidden files and ignore<br>
them when opening the CTF trace<br>
<br>
Fixes: #751<br>
<br>
Signed-off-by: Philippe Proulx <<a href="mailto:eeppeliteloop@gmail.com">eeppeliteloop@gmail.com</a>><br>
---<br>
src/bin/lttng/commands/enable_channels.c | 38 +++++++++++++++++++++++++++-----<br>
1 file changed, 33 insertions(+), 5 deletions(-)<br>
<br>
diff --git a/src/bin/lttng/commands/enable_channels.c b/src/bin/lttng/commands/enable_channels.c<br>
index f8272e9..e6cce49 100644<br>
--- a/src/bin/lttng/commands/enable_channels.c<br>
+++ b/src/bin/lttng/commands/enable_channels.c<br>
@@ -275,11 +275,39 @@ static int enable_channel(char *session_name)<br>
/* Strip channel list (format: chan1,chan2,...) */<br>
channel_name = strtok(opt_channels, ",");<br>
while (channel_name != NULL) {<br>
- /* Copy channel name and normalize it */<br>
+ /* Copy channel name, sanitize and normalize it */<br>
strncpy(<a href="http://chan.name" target="_blank">chan.name</a>, channel_name, NAME_MAX);<br>
<a href="http://chan.name" target="_blank">chan.name</a>[NAME_MAX - 1] = '\0';<br>
<br>
- DBG("Enabling channel %s", channel_name);<br>
+ char *src, *dst;<br>
+ int got_first = 0;<br>
+<br>
+ for (src = dst = <a href="http://chan.name" target="_blank">chan.name</a>; *src != '\0'; ++src) {<br>
+ *dst = *src;<br>
+<br>
+ /*<br>
+ * Channel name could be used in file names, so remove<br>
+ * invalid '/'<br>
+ */<br>
+ if (*dst != '/') {<br></blockquote><div><br></div><div>Maybe send some warning here ?</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
+ /*<br>
+ * Remove starting dots since this could create<br>
+ * file names starting with dots, and trace<br>
+ * readers could interpret them as hidden files<br>
+ * and ignore them.<br>
+ */<br>
+ if (*dst != '.') {<br></blockquote><div><br></div><div>Same</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
+ got_first = 1;<br>
+ dst++;<br>
+ } else if (got_first) {<br>
+ dst++;<br>
+ }<br>
+ }<br>
+ }<br>
+<br>
+ *dst = '\0';<br>
+<br>
+ DBG("Enabling channel %s", <a href="http://chan.name" target="_blank">chan.name</a>);<br>
<br>
ret = lttng_enable_channel(handle, &chan);<br>
if (ret < 0) {<br>
@@ -288,19 +316,19 @@ static int enable_channel(char *session_name)<br>
case LTTNG_ERR_KERN_CHAN_EXIST:<br>
case LTTNG_ERR_UST_CHAN_EXIST:<br>
case LTTNG_ERR_CHAN_EXIST:<br>
- WARN("Channel %s: %s (session %s)", channel_name,<br>
+ WARN("Channel %s: %s (session %s)", <a href="http://chan.name" target="_blank">chan.name</a>,<br>
lttng_strerror(ret), session_name);<br>
warn = 1;<br>
break;<br>
default:<br>
- ERR("Channel %s: %s (session %s)", channel_name,<br>
+ ERR("Channel %s: %s (session %s)", <a href="http://chan.name" target="_blank">chan.name</a>,<br>
lttng_strerror(ret), session_name);<br>
error = 1;<br>
break;<br>
}<br>
} else {<br>
MSG("%s channel %s enabled for session %s",<br>
- get_domain_str(dom.type), channel_name, session_name);<br>
+ get_domain_str(dom.type), <a href="http://chan.name" target="_blank">chan.name</a>, session_name);<br>
success = 1;<br>
}<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
2.1.3<br>
<br>
<br>
_______________________________________________<br>
lttng-dev mailing list<br>
<a href="mailto:lttng-dev@lists.lttng.org">lttng-dev@lists.lttng.org</a><br>
<a href="http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev" target="_blank">http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev</a><br>
</font></span></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr">Jonathan Rajotte Julien</div></div>
</div></div></div>