aboutsummaryrefslogtreecommitdiffstats
path: root/src/interfaces/timedated
diff options
context:
space:
mode:
authorkremlin <ian@kremlin.cc>2014-10-14 23:11:13 +0800
committerkremlin <ian@kremlin.cc>2014-10-14 23:11:13 +0800
commit0b7afeee3bb89a0185de1cb3d9937434f24388d7 (patch)
treee0fcc548c48569ea08b8b406211112674ac0b37c /src/interfaces/timedated
parentc8a3e18eb82223e010f8adfae4a85b426a101a65 (diff)
downloadsystembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.tar
systembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.tar.gz
systembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.tar.bz2
systembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.tar.lz
systembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.tar.xz
systembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.tar.zst
systembsd-0b7afeee3bb89a0185de1cb3d9937434f24388d7.zip
prevent directory traversal in setTimezone
Diffstat (limited to 'src/interfaces/timedated')
-rw-r--r--src/interfaces/timedated/timedated.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/src/interfaces/timedated/timedated.c b/src/interfaces/timedated/timedated.c
index d4b0dce..8fb1ce5 100644
--- a/src/interfaces/timedated/timedated.c
+++ b/src/interfaces/timedated/timedated.c
@@ -219,7 +219,11 @@ on_handle_set_timezone(Timedate1 *td1_passed_interf,
strlcat(tz_target_path, "/", TZNAME_MAX);
strlcat(tz_target_path, proposed_tz, TZNAME_MAX);
- g_printf("%s\n", tz_target_path);
+ if(strstr(tz_target_path, "../")) {
+
+ g_dbus_method_invocation_return_dbus_error(invoc, "org.freedesktop.timedate1.Error.EBADF", "Provided timezone is invalid.");
+ return FALSE;
+ }
if(!statbuf)
return FALSE;
@@ -266,7 +270,9 @@ on_handle_set_local_rtc(Timedate1 *td1_passed_interf,
GDBusMethodInvocation *invoc,
const gchar *greet,
gpointer data) {
- return FALSE;
+
+ g_dbus_method_invocation_return_dbus_error(invoc, "org.freedesktop.timedate1.Error.ENODEV", "OpenBSD does not support setting the realtime clock in local time, only UTC.");
+ return TRUE;
}
static gboolean
@@ -324,6 +330,7 @@ our_get_timezone() {
return ret;
}
+/* openbsd does not support setting the RTC to localtime, only UTC */
gboolean
our_get_local_rtc() {