diff options
| author | Sebastian Benoit <benno@cvs.openbsd.org> | 2016-06-21 21:35:26 +0000 |
|---|---|---|
| committer | Sebastian Benoit <benno@cvs.openbsd.org> | 2016-06-21 21:35:26 +0000 |
| commit | f2ada2db1464df13335d236529c834c378ced993 (patch) | |
| tree | a15cd06b17ca32de9b75238620437773f018ecdf /sbin | |
| parent | 05fc6735d59f44db060a9d3a428944db3e862ebe (diff) | |
do not allow whitespace in macro names, i.e. "this is" = "a variable".
change this in all config parsers in our tree that support macros.
problem reported by sven falempin.
feedback from henning@, stsp@, deraadt@
ok florian@ mikeb@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/iked/parse.y | 10 | ||||
| -rw-r--r-- | sbin/ipsecctl/parse.y | 10 | ||||
| -rw-r--r-- | sbin/pfctl/parse.y | 10 |
3 files changed, 27 insertions, 3 deletions
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y index 958e51ae235..db438642f0d 100644 --- a/sbin/iked/parse.y +++ b/sbin/iked/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.54 2015/12/09 21:41:49 naddy Exp $ */ +/* $OpenBSD: parse.y,v 1.55 2016/06/21 21:35:24 benno Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -1005,7 +1005,15 @@ string : string STRING varset : STRING '=' string { + char *s = $1; log_debug("%s = \"%s\"\n", $1, $3); + while (*s++) { + if (isspace((unsigned char)*s)) { + yyerror("macro name cannot contain " + "whitespace"); + YYERROR; + } + } if (symset($1, $3, 0) == -1) err(1, "cannot store variable"); free($1); diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y index fe9cee04211..4bfc1deb51b 100644 --- a/sbin/ipsecctl/parse.y +++ b/sbin/ipsecctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.164 2015/12/09 21:41:50 naddy Exp $ */ +/* $OpenBSD: parse.y,v 1.165 2016/06/21 21:35:24 benno Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -881,8 +881,16 @@ string : string STRING varset : STRING '=' string { + char *s = $1; if (ipsec->opts & IPSECCTL_OPT_VERBOSE) printf("%s = \"%s\"\n", $1, $3); + while (*s++) { + if (isspace((unsigned char)*s)) { + yyerror("macro name cannot contain " + "whitespace"); + YYERROR; + } + } if (symset($1, $3, 0) == -1) err(1, "cannot store variable"); free($1); diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 776eb12abda..e03b0037d0c 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.651 2016/06/21 13:40:43 benno Exp $ */ +/* $OpenBSD: parse.y,v 1.652 2016/06/21 21:35:24 benno Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -712,8 +712,16 @@ numberstring : NUMBER { ; varset : STRING '=' varstring { + char *s = $1; if (pf->opts & PF_OPT_VERBOSE) printf("%s = \"%s\"\n", $1, $3); + while (*s++) { + if (isspace((unsigned char)*s)) { + yyerror("macro name cannot contain " + "whitespace"); + YYERROR; + } + } if (symset($1, $3, 0) == -1) err(1, "cannot store variable %s", $1); free($1); |