github-mirror/fish-shell
2
0
Fork 0
mirror of https://github.com/fish-shell/fish-shell.git synced 2025-01-21 01:47:15 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Disallow NULLs in function names and paths

Browse Source 
These aren't compatible with unix semantics.

Fixes #8195 harder.
This commit is contained in:
Fabian Homborg 2021-08-01 12:23:31 +02:00
parent 0157ac35a4
commit 06acc201f4
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/common.cpp
View File

@ -1877,7 +1877,9 @@ bool valid_var_name(const wchar_t *str) {
bool valid_func_name(const wcstring &str) { bool valid_func_name(const wcstring &str) {
if (str.empty()) return false; if (str.empty()) return false;
if (str.at(0) == L'-') return false; if (str.at(0) == L'-') return false;
// A function name needs to be a valid path, so no / and no NULL.
if (str.find_first_of(L'/') != wcstring::npos) return false; if (str.find_first_of(L'/') != wcstring::npos) return false;
if (str.find_first_of(L'\0') != wcstring::npos) return false;
return true; return true;
} }

4
src/path.cpp
View File

@ -38,6 +38,10 @@ const wcstring_list_t dflt_pathsv({L"/bin", L"/usr/bin", PREFIX L"/bin"});
static bool path_get_path_core(const wcstring &cmd, wcstring *out_path, static bool path_get_path_core(const wcstring &cmd, wcstring *out_path,
const maybe_t<env_var_t> &bin_path_var) { const maybe_t<env_var_t> &bin_path_var) {
// Unix paths can't include a NULL-byte, that's the separator.
// If we let this through, we'd end up checking up to the NULL,
// so we'd get the wrong path.
if (cmd.find(L'\0') != wcstring::npos) return false;
// If the command has a slash, it must be an absolute or relative path and thus we don't bother // If the command has a slash, it must be an absolute or relative path and thus we don't bother
// looking for a matching command. // looking for a matching command.
if (cmd.find(L'/') != wcstring::npos) { if (cmd.find(L'/') != wcstring::npos) {