Fix: validate that session, host and basepath are legal

Ensure that session name, hostname and the session's base path
do not contain dots ('.') to safeguard against malformed names
that could be used to walk-up the relay daemon output path
hierarchy.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

diff --git a/src/bin/lttng-relayd/session.c b/src/bin/lttng-relayd/session.c
index 603a80978701f000d2aa0284d52dcbb83824c125..de059aae203e2df17054f9bd1d415279e0bd23bf 100644 (file)
--- a/src/bin/lttng-relayd/session.c
+++ b/src/bin/lttng-relayd/session.c
@@ -98,7 +98,23 @@ struct relay_session *session_create(const char *session_name,
                uint32_t minor)
 {
        int ret;
-       struct relay_session *session;
+       struct relay_session *session = NULL;
+
+       if (session_name && strstr(session_name, ".")) {
+               ERR("Illegal character in session name: \"%s\"",
+                               session_name);
+               goto error;
+       }
+       if (base_path && strstr(base_path, "../")) {
+               ERR("Invalid session base path walks up the path hierarchy: \"%s\"",
+                               base_path);
+               goto error;
+       }
+       if (hostname && strstr(hostname, ".")) {
+               ERR("Invalid character in hostname: \"%s\"",
+                               hostname);
+               goto error;
+       }
 
        session = zmalloc(sizeof(*session));
        if (!session) {