libc: check name in getvent()/putenv()

passing "", "." or ".." as name caused a crash in getenv() as it would open the directory; then seek() to determine the file size would fail and return -1. now checking for these special names and set error string when its bad. doing a single read() will not work when /env has a 9p fileserver mounted onto it and the file size is bigger than the i/o unit. so doing incremental reads until we get eof.
author: cinap_lenrek <cinap_lenrek@felloff.net> 2015-02-11 23:54:28 +0100
committer: cinap_lenrek <cinap_lenrek@felloff.net> 2015-02-11 23:54:28 +0100
commit: 8b57e59ea93b7fc4f80c33bc1560b685f392ccc4 (patch)
tree: 7132a81a58217f9c87a031a2145433e86eba6653 /sys/src/libc/9sys/putenv.c
parent: 21570a47195d90b1dc2a3634d8042929543599d3 (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/sys/src/libc/9sys/putenv.c b/sys/src/libc/9sys/putenv.c
index de2389482..a99aaeb5f 100644
--- a/sys/src/libc/9sys/putenv.c
+++ b/sys/src/libc/9sys/putenv.c
@@ -4,20 +4,20 @@
 int
 putenv(char *name, char *val)
 {
-	int f;
 	char ename[100];
-	long s;
+	int f, n;
 
-	if(strchr(name, '/') != nil)
-		return -1;
-	snprint(ename, sizeof ename, "/env/%s", name);
-	if(strcmp(ename+5, name) != 0)
+	if(name[0]=='\0' || strcmp(name, ".")==0 || strcmp(name, "..")==0 || strchr(name, '/')!=nil
+	|| strlen(name) >= sizeof(ename)-5){
+		werrstr("bad env name: %s", name);
 		return -1;
+	}
+	snprint(ename, sizeof(ename), "/env/%s", name);
 	f = create(ename, OWRITE, 0664);
 	if(f < 0)
 		return -1;
-	s = strlen(val);
-	if(write(f, val, s) != s){
+	n = strlen(val);
+	if(write(f, val, n) != n){
 		close(f);
 		return -1;
 	}
author	cinap_lenrek <cinap_lenrek@felloff.net>	2015-02-11 23:54:28 +0100
committer	cinap_lenrek <cinap_lenrek@felloff.net>	2015-02-11 23:54:28 +0100
commit	8b57e59ea93b7fc4f80c33bc1560b685f392ccc4 (patch)
tree	7132a81a58217f9c87a031a2145433e86eba6653 /sys/src/libc/9sys/putenv.c
parent	21570a47195d90b1dc2a3634d8042929543599d3 (diff)