From: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Date: Fri, 30 Aug 2019 22:10:56 +0000 (-0400)
Subject: Fix: validate that session, host and basepath are legal
X-Git-Tag: v2.12.0-rc1~477
X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=commitdiff_plain;h=590f0324d6dfd382f79229a7934fa8b5b661641f;hp=6fa5fe7cc78bea0b0bba154a0f911d3df530e18f

Fix: validate that session, host and basepath are legal

Ensure that session name, hostname and the session's base path
do not contain dots ('.') to safeguard against malformed names
that could be used to walk-up the relay daemon output path
hierarchy.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---

diff --git a/src/bin/lttng-relayd/session.c b/src/bin/lttng-relayd/session.c
index 603a80978..de059aae2 100644
--- a/src/bin/lttng-relayd/session.c
+++ b/src/bin/lttng-relayd/session.c
@@ -98,7 +98,23 @@ struct relay_session *session_create(const char *session_name,
 		uint32_t minor)
 {
 	int ret;
-	struct relay_session *session;
+	struct relay_session *session = NULL;
+
+	if (session_name && strstr(session_name, ".")) {
+		ERR("Illegal character in session name: \"%s\"",
+				session_name);
+		goto error;
+	}
+	if (base_path && strstr(base_path, "../")) {
+		ERR("Invalid session base path walks up the path hierarchy: \"%s\"",
+				base_path);
+		goto error;
+	}
+	if (hostname && strstr(hostname, ".")) {
+		ERR("Invalid character in hostname: \"%s\"",
+				hostname);
+		goto error;
+	}
 
 	session = zmalloc(sizeof(*session));
 	if (!session) {