From: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Date: Fri, 30 Aug 2019 22:10:56 +0000 (-0400)
Subject: Fix: validate that session, host and basepath are legal
X-Git-Tag: v2.11.0-rc3~45
X-Git-Url: http://git.lttng.org/?p=lttng-tools.git;a=commitdiff_plain;h=99f9cbb0c7733d19a8c6ecca5a4b0bda2c5271a2

Fix: validate that session, host and basepath are legal

Ensure that session name, hostname and the session's base path
do not contain dots ('.') to safeguard against malformed names
that could be used to walk-up the relay daemon output path
hierarchy.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---

diff --git a/src/bin/lttng-relayd/session.c b/src/bin/lttng-relayd/session.c
index 603a80978..de059aae2 100644
--- a/src/bin/lttng-relayd/session.c
+++ b/src/bin/lttng-relayd/session.c
@@ -98,7 +98,23 @@ struct relay_session *session_create(const char *session_name,
 		uint32_t minor)
 {
 	int ret;
-	struct relay_session *session;
+	struct relay_session *session = NULL;
+
+	if (session_name && strstr(session_name, ".")) {
+		ERR("Illegal character in session name: \"%s\"",
+				session_name);
+		goto error;
+	}
+	if (base_path && strstr(base_path, "../")) {
+		ERR("Invalid session base path walks up the path hierarchy: \"%s\"",
+				base_path);
+		goto error;
+	}
+	if (hostname && strstr(hostname, ".")) {
+		ERR("Invalid character in hostname: \"%s\"",
+				hostname);
+		goto error;
+	}
 
 	session = zmalloc(sizeof(*session));
 	if (!session) {