Fix: forbid session name creation if contains /

[lttng-tools.git] / src / bin / lttng-sessiond / session.c

diff --git a/src/bin/lttng-sessiond/session.c b/src/bin/lttng-sessiond/session.c
index 07031a30a5c5bc6cf603b84847aac2a866919ede..e7904472fb9f5f19113bef0e247160aaff999d38 100644 (file)
--- a/src/bin/lttng-sessiond/session.c
+++ b/src/bin/lttng-sessiond/session.c
@@ -49,6 +49,42 @@ static struct ltt_session_list ltt_session_list = {
        .next_uuid = 0,
 };
 
+/* These characters are forbidden in a session name. Used by validate_name. */
+static const char *forbidden_name_chars = "/";
+
+/*
+ * Validate the session name for forbidden characters.
+ *
+ * Return 0 on success else -1 meaning a forbidden char. has been found.
+ */
+static int validate_name(const char *name)
+{
+       int ret;
+       char *tok, *tmp_name;
+
+       assert(name);
+
+       tmp_name = strdup(name);
+       if (!tmp_name) {
+               /* ENOMEM here. */
+               ret = -1;
+               goto error;
+       }
+
+       tok = strpbrk(tmp_name, forbidden_name_chars);
+       if (tok) {
+               DBG("Session name %s contains a forbidden character", name);
+               /* Forbidden character has been found. */
+               ret = -1;
+               goto error;
+       }
+       ret = 0;
+
+error:
+       free(tmp_name);
+       return ret;
+}
+
 /*
  * Add a ltt_session structure to the global list.
  *
@@ -194,6 +230,12 @@ int session_create(char *name, uid_t uid, gid_t gid)
                goto error;
        }
 
+       ret = validate_name(name);
+       if (ret < 0) {
+               ret = LTTNG_ERR_SESSION_INVALID_CHAR;
+               goto error;
+       }
+
        ret = gethostname(new_session->hostname, sizeof(new_session->hostname));
        if (ret < 0) {
                if (errno == ENAMETOOLONG) {