Fix: validate that session, host and basepath are legal

[lttng-tools.git] / src / bin / lttng-relayd / session.c

diff --git a/src/bin/lttng-relayd/session.c b/src/bin/lttng-relayd/session.c
index 603a80978701f000d2aa0284d52dcbb83824c125..de059aae203e2df17054f9bd1d415279e0bd23bf 100644 (file)
--- a/src/bin/lttng-relayd/session.c
+++ b/src/bin/lttng-relayd/session.c
@@ -98,7 +98,23 @@ struct relay_session *session_create(const char *session_name,
                uint32_t minor)
 {
        int ret;
-       struct relay_session *session;
+       struct relay_session *session = NULL;
+
+       if (session_name && strstr(session_name, ".")) {
+               ERR("Illegal character in session name: \"%s\"",
+                               session_name);
+               goto error;
+       }
+       if (base_path && strstr(base_path, "../")) {
+               ERR("Invalid session base path walks up the path hierarchy: \"%s\"",
+                               base_path);
+               goto error;
+       }
+       if (hostname && strstr(hostname, ".")) {
+               ERR("Invalid character in hostname: \"%s\"",
+                               hostname);
+               goto error;
+       }
 
        session = zmalloc(sizeof(*session));
        if (!session) {