diff options
| author | Peter Hutterer <peter.hutterer@who-t.net> | 2019-02-08 11:07:15 +1000 |
|---|---|---|
| committer | Peter Hutterer <peter.hutterer@who-t.net> | 2019-02-11 03:35:53 +0000 |
| commit | 4353ed915219f7d8795489d4465786a42653583f (patch) | |
| tree | 589c6b32755023e2036f6b081ab8f5e21b19cab0 | |
| parent | 3a89f95b55f5f3d47e7c3fe3a25308f5dffcea3e (diff) | |
| download | libinput-4353ed915219f7d8795489d4465786a42653583f.tar.gz | |
udev: restrict the seat ID to 256 characters
Anything longer than that is likely a bug.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
| -rw-r--r-- | src/udev-seat.c | 12 | ||||
| -rw-r--r-- | test/test-udev.c | 25 |
2 files changed, 34 insertions, 3 deletions
diff --git a/src/udev-seat.c b/src/udev-seat.c index aeae198c..fd50488a 100644 --- a/src/udev-seat.c +++ b/src/udev-seat.c @@ -382,6 +382,15 @@ libinput_udev_assign_seat(struct libinput *libinput, { struct udev_input *input = (struct udev_input*)libinput; + if (!seat_id) + return -1; + + if (strlen(seat_id) > 256) { + log_bug_client(libinput, + "Unexpected seat id, limited to 256 characters.\n"); + return -1; + } + /* We cannot do this during udev_create_context because the log * handler isn't set up there but we really want to log to the right * place if the quirks run into parser errors. So we have to do it @@ -389,9 +398,6 @@ libinput_udev_assign_seat(struct libinput *libinput, */ libinput_init_quirks(libinput); - if (!seat_id) - return -1; - if (libinput->interface_backend != &interface_backend) { log_bug_client(libinput, "Mismatching backends.\n"); return -1; diff --git a/test/test-udev.c b/test/test-udev.c index 6a6e6763..4f677c11 100644 --- a/test/test-udev.c +++ b/test/test-udev.c @@ -130,6 +130,30 @@ START_TEST(udev_create_empty_seat) } END_TEST +START_TEST(udev_create_seat_too_long) +{ + struct libinput *li; + struct udev *udev; + char seatname[258]; + + memset(seatname, 'a', sizeof(seatname) - 1); + seatname[sizeof(seatname) - 1] = '\0'; + + udev = udev_new(); + ck_assert(udev != NULL); + + li = libinput_udev_create_context(&simple_interface, NULL, udev); + litest_set_log_handler_bug(li); + + ck_assert_int_eq(libinput_udev_assign_seat(li, seatname), -1); + + litest_assert_empty_queue(li); + + libinput_unref(li); + udev_unref(udev); +} +END_TEST + START_TEST(udev_set_user_data) { struct libinput *li; @@ -651,6 +675,7 @@ TEST_COLLECTION(udev) litest_add_no_device("udev:create", udev_create_NULL); litest_add_no_device("udev:create", udev_create_seat0); litest_add_no_device("udev:create", udev_create_empty_seat); + litest_add_no_device("udev:create", udev_create_seat_too_long); litest_add_no_device("udev:create", udev_set_user_data); litest_add_no_device("udev:seat", udev_added_seat_default); |