escape spaces during serialization

2024-09-10 16:49:22 +08:00 · 2024-09-10 16:49:22 +08:00 · c26f3c54d3
commit c26f3c54d3
parent 9d5806c327
3 changed files with 247 additions and 1 deletions
--- a/backport-core-escape-spaces-in-paths-during-serialization.patch
+++ b/backport-core-escape-spaces-in-paths-during-serialization.patch
@ -0,0 +1,164 @@
 From d7942fe5fc197d1eb77986b5c73b5c36d82e141e Mon Sep 17 00:00:00 2001
 From: Frantisek Sumsal <frantisek@sumsal.cz>
 Date: Fri, 5 Jan 2024 20:39:40 +0100
 Subject: [PATCH] core: escape spaces in paths during serialization
 Otherwise we split them incorrectly when deserializing them.
 Resolves: #30747
 Conflict:NA
 Reference:https://github.com/systemd/systemd/commit/d7942fe5fc197d1eb77986b5c73b5c36d82e141e
 ---
 src/core/execute-serialize.c            | 17 ++++++------
 test/units/testsuite-07.exec-context.sh | 36 ++++++++++++++++---------
 2 files changed, 32 insertions(+), 21 deletions(-)
 diff --git a/src/core/execute-serialize.c b/src/core/execute-serialize.c
 index 55d24094f7..dd48ad3f65 100644
 --- a/src/core/execute-serialize.c
 +++ b/src/core/execute-serialize.c
@@ -1930,7 +1930,7 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
                 FOREACH_ARRAY(i, c->directories[dt].items, c->directories[dt].n_items) {
                         _cleanup_free_ char *path_escaped = NULL;
 -                        path_escaped = shell_escape(i->path, ":");
 +                        path_escaped = shell_escape(i->path, ":" WHITESPACE);
                         if (!path_escaped)
                                 return log_oom_debug();
@@ -1943,7 +1943,7 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
                         STRV_FOREACH(d, i->symlinks) {
                                 _cleanup_free_ char *link_escaped = NULL;
 -                                link_escaped = shell_escape(*d, ":");
 +                                link_escaped = shell_escape(*d, ":" WHITESPACE);
                                 if (!link_escaped)
                                         return log_oom_debug();
@@ -2264,11 +2264,11 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
         FOREACH_ARRAY(mount, c->bind_mounts, c->n_bind_mounts) {
                 _cleanup_free_ char *src_escaped = NULL, *dst_escaped = NULL;
 -                src_escaped = shell_escape(mount->source, ":");
 +                src_escaped = shell_escape(mount->source, ":" WHITESPACE);
                 if (!src_escaped)
                         return log_oom_debug();
 -                dst_escaped = shell_escape(mount->destination, ":");
 +                dst_escaped = shell_escape(mount->destination, ":" WHITESPACE);
                 if (!dst_escaped)
                         return log_oom_debug();
@@ -2455,11 +2455,11 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
         FOREACH_ARRAY(mount, c->mount_images, c->n_mount_images) {
                 _cleanup_free_ char *s = NULL, *source_escaped = NULL, *dest_escaped = NULL;
 -                source_escaped = shell_escape(mount->source, " ");
 +                source_escaped = shell_escape(mount->source, WHITESPACE);
                 if (!source_escaped)
                         return log_oom_debug();
 -                dest_escaped = shell_escape(mount->destination, " ");
 +                dest_escaped = shell_escape(mount->destination, WHITESPACE);
                 if (!dest_escaped)
                         return log_oom_debug();
@@ -2496,7 +2496,7 @@ static int exec_context_serialize(const ExecContext *c, FILE *f) {
         FOREACH_ARRAY(mount, c->extension_images, c->n_extension_images) {
                 _cleanup_free_ char *s = NULL, *source_escaped = NULL;
 -                source_escaped = shell_escape(mount->source, ":");
 +                source_escaped = shell_escape(mount->source, ":" WHITESPACE);
                 if (!source_escaped)
                         return log_oom_debug();
@@ -2847,7 +2847,8 @@ static int exec_context_deserialize(ExecContext *c, FILE *f) {
                                 _cleanup_free_ char *tuple = NULL, *path = NULL, *only_create = NULL;
                                 const char *p;
 -                                r = extract_first_word(&val, &tuple, WHITESPACE, EXTRACT_RETAIN_ESCAPE);
 +                                /* Use EXTRACT_UNESCAPE_RELAX here, as we unescape the colons in subsequent calls */
 +                                r = extract_first_word(&val, &tuple, WHITESPACE, EXTRACT_UNESCAPE_SEPARATORS|EXTRACT_UNESCAPE_RELAX);
                                 if (r < 0)
                                         return r;
                                 if (r == 0)
 diff --git a/test/units/testsuite-07.exec-context.sh b/test/units/testsuite-07.exec-context.sh
 index c84974f1de..dd63163008 100755
 --- a/test/units/testsuite-07.exec-context.sh
 +++ b/test/units/testsuite-07.exec-context.sh
@@ -93,6 +93,13 @@ systemd-run --wait --pipe -p BindPaths="/etc /home:/mnt:norbind -/foo/bar/baz:/u
     bash -xec "mountpoint /etc; test -d /etc/systemd; mountpoint /mnt; ! mountpoint /usr"
 systemd-run --wait --pipe -p BindReadOnlyPaths="/etc /home:/mnt:norbind -/foo/bar/baz:/usr:rbind" \
     bash -xec "test ! -w /etc; test ! -w /mnt; ! mountpoint /usr"
 +# Make sure we properly serialize/deserialize paths with spaces
 +# See: https://github.com/systemd/systemd/issues/30747
 +touch "/tmp/test file with spaces"
 +systemd-run --wait --pipe -p TemporaryFileSystem="/tmp" -p BindPaths="/etc /home:/mnt:norbind /tmp/test\ file\ with\ spaces" \
 +    bash -xec "mountpoint /etc; test -d /etc/systemd; mountpoint /mnt; stat '/tmp/test file with spaces'"
 +systemd-run --wait --pipe -p TemporaryFileSystem="/tmp" -p BindPaths="/etc /home:/mnt:norbind /tmp/test\ file\ with\ spaces:/tmp/destination\ wi\:th\ spaces" \
 +    bash -xec "mountpoint /etc; test -d /etc/systemd; mountpoint /mnt; stat '/tmp/destination wi:th spaces'"
 # Check if we correctly serialize, deserialize, and set directives that
 # have more complex internal handling
@@ -206,18 +213,20 @@ fi
 # {Cache,Configuration,Logs,Runtime,State}Directory=
 ARGUMENTS=(
 -    -p CacheDirectory="foo/bar/baz"
 +    -p CacheDirectory="foo/bar/baz also\ with\ spaces"
     -p CacheDirectory="foo"
     -p CacheDirectory="context"
     -p CacheDirectoryMode="0123"
     -p CacheDirectoryMode="0666"
 -    -p ConfigurationDirectory="context/foo also_context/bar context/nested/baz"
 +    -p ConfigurationDirectory="context/foo also_context/bar context/nested/baz context/semi\:colon"
     -p ConfigurationDirectoryMode="0400"
     -p LogsDirectory="context/foo"
     -p LogsDirectory=""
     -p LogsDirectory="context/a/very/nested/logs/dir"
 -    -p RuntimeDirectory="context"
 -    -p RuntimeDirectory="also_context"
 +    -p RuntimeDirectory="context/with\ spaces"
 +    # Note: {Runtime,State,Cache,Logs}Directory= directives support the directory:symlink syntax, which
 +    #       requires an additional level of escaping for the colon character
 +    -p RuntimeDirectory="also_context:a\ symlink\ with\ \\\:\ col\\\:ons\ and\ \ spaces"
     -p RuntimeDirectoryPreserve=yes
     -p StateDirectory="context"
     -p StateDirectory="./././././././context context context"
@@ -226,21 +235,22 @@ ARGUMENTS=(
 rm -rf /run/context
 systemd-run --wait --pipe "${ARGUMENTS[@]}" \
 -    bash -xec '[[ $CACHE_DIRECTORY == /var/cache/context:/var/cache/foo:/var/cache/foo/bar/baz ]];
 -               [[ $(stat -c "%a" ${CACHE_DIRECTORY##*:}) == 666 ]]'
 +    bash -xec '[[ $CACHE_DIRECTORY == "/var/cache/also with spaces:/var/cache/context:/var/cache/foo:/var/cache/foo/bar/baz" ]];
 +               [[ $(stat -c "%a" "${CACHE_DIRECTORY##*:}") == 666 ]]'
 systemd-run --wait --pipe "${ARGUMENTS[@]}" \
 -    bash -xec '[[ $CONFIGURATION_DIRECTORY == /etc/also_context/bar:/etc/context/foo:/etc/context/nested/baz ]];
 -               [[ $(stat -c "%a" ${CONFIGURATION_DIRECTORY##*:}) == 400 ]]'
 +    bash -xec '[[ $CONFIGURATION_DIRECTORY == /etc/also_context/bar:/etc/context/foo:/etc/context/nested/baz:/etc/context/semi:colon ]];
 +               [[ $(stat -c "%a" "${CONFIGURATION_DIRECTORY%%:*}") == 400 ]]'
 systemd-run --wait --pipe "${ARGUMENTS[@]}" \
     bash -xec '[[ $LOGS_DIRECTORY == /var/log/context/a/very/nested/logs/dir:/var/log/context/foo ]];
 -               [[ $(stat -c "%a" ${LOGS_DIRECTORY##*:}) == 755 ]]'
 +               [[ $(stat -c "%a" "${LOGS_DIRECTORY##*:}") == 755 ]]'
 systemd-run --wait --pipe "${ARGUMENTS[@]}" \
 -    bash -xec '[[ $RUNTIME_DIRECTORY == /run/also_context:/run/context ]];
 -               [[ $(stat -c "%a" ${RUNTIME_DIRECTORY##*:}) == 755 ]];
 -               [[ $(stat -c "%a" ${RUNTIME_DIRECTORY%%:*}) == 755 ]]'
 +    bash -xec '[[ $RUNTIME_DIRECTORY == "/run/also_context:/run/context/with spaces" ]];
 +               [[ $(stat -c "%a" "${RUNTIME_DIRECTORY##*:}") == 755 ]];
 +               [[ $(stat -c "%a" "${RUNTIME_DIRECTORY%%:*}") == 755 ]]'
 systemd-run --wait --pipe "${ARGUMENTS[@]}" \
     bash -xec '[[ $STATE_DIRECTORY == /var/lib/context ]]; [[ $(stat -c "%a" $STATE_DIRECTORY) == 0 ]]'
 -test -d /run/context
 +test -d "/run/context/with spaces"
 +test -s "/run/a symlink with : col:ons and  spaces"
 rm -rf /var/{cache,lib,log}/context /etc/{also_,}context
 # Limit*=
 -- 
 2.43.0
--- a/backport-core-escape-spaces-when-serializing-as-well.patch
+++ b/backport-core-escape-spaces-when-serializing-as-well.patch
@ -0,0 +1,77 @@
 From 5b1aa0e19a6df603336894604a85df74204d04f9 Mon Sep 17 00:00:00 2001
 From: Frantisek Sumsal <frantisek@sumsal.cz>
 Date: Mon, 12 Feb 2024 18:32:03 +0100
 Subject: [PATCH] core: escape spaces when serializing as well
 Otherwise they might get stripped when reading the serialized data back.
 Resolves: #31214
 Conflict:NA
 Reference:https://github.com/systemd/systemd/commit/5b1aa0e19a6df603336894604a85df74204d04f9
 ---
 src/shared/serialize.c                  |  2 +-
 test/units/testsuite-07.exec-context.sh | 33 +++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)
 diff --git a/src/shared/serialize.c b/src/shared/serialize.c
 index 7099f67f92..483cbc7419 100644
 --- a/src/shared/serialize.c
 +++ b/src/shared/serialize.c
@@ -46,7 +46,7 @@ int serialize_item_escaped(FILE *f, const char *key, const char *value) {
         if (!value)
                 return 0;
 -        c = cescape(value);
 +        c = xescape(value, " ");
         if (!c)
                 return log_oom();
 diff --git a/test/units/testsuite-07.exec-context.sh b/test/units/testsuite-07.exec-context.sh
 index dd63163008..e1e4367cc6 100755
 --- a/test/units/testsuite-07.exec-context.sh
 +++ b/test/units/testsuite-07.exec-context.sh
@@ -338,6 +338,39 @@ if [[ ! -v ASAN_OPTIONS ]] && systemctl --version | grep "+BPF_FRAMEWORK" && ker
     (! systemd-run --wait --pipe -p RestrictFileSystems="~proc devtmpfs sysfs" ls /sys)
 fi
 +# Make sure we properly (de)serialize various string arrays, including whitespaces
 +# See: https://github.com/systemd/systemd/issues/31214
 +systemd-run --wait --pipe -p Environment="FOO='bar4    '" \
 +            bash -xec '[[ $FOO == "bar4    " ]]'
 +systemd-run --wait --pipe -p Environment="FOO='bar4    ' BAR='\n\n'" \
 +            bash -xec "[[ \$FOO == 'bar4    ' && \$BAR == $'\n\n' ]]"
 +systemd-run --wait --pipe -p Environment='FOO="bar4  \\  "' -p Environment="BAR='\n\t'" \
 +            bash -xec "[[ \$FOO == 'bar4  \\  ' && \$BAR == $'\n\t' ]]"
 +TEST_ENV_FILE="/tmp/test-env-file-$RANDOM-    "
 +cat >"$TEST_ENV_FILE" <<EOF
 +FOO="env file    "
 +BAR="
 +    "
 +EOF
 +systemd-run --wait --pipe cat "$TEST_ENV_FILE"
 +systemd-run --wait --pipe -p ReadOnlyPaths="'$TEST_ENV_FILE'" \
 +            bash -xec '[[ ! -w "$TEST_ENV_FILE" ]]'
 +systemd-run --wait --pipe -p PrivateTmp=yes -p BindReadOnlyPaths="'$TEST_ENV_FILE':'/tmp/bar-    '" \
 +            bash -xec '[[ -e "/tmp/bar-    " && ! -w "/tmp/bar-    " ]]'
 +systemd-run --wait --pipe -p EnvironmentFile="$TEST_ENV_FILE" \
 +            bash -xec "[[ \$FOO == 'env file    ' && \$BAR == $'\n    ' ]]"
 +rm -f "$TEST_ENV_FILE"
 +# manager_serialize()/manager_deserialize() uses similar machinery
 +systemctl unset-environment FOO_WITH_SPACES
 +systemctl set-environment FOO_WITH_SPACES="foo   " FOO_WITH_TABS="foo\t\t\t"
 +systemctl show-environment
 +systemctl show-environment | grep -F "FOO_WITH_SPACES=$'foo   '"
 +systemctl show-environment | grep -F "FOO_WITH_TABS=$'foo\\\\t\\\\t\\\\t'"
 +systemctl daemon-reexec
 +systemctl show-environment
 +systemctl show-environment | grep -F "FOO_WITH_SPACES=$'foo   '"
 +systemctl show-environment | grep -F "FOO_WITH_TABS=$'foo\\\\t\\\\t\\\\t'"
 +
 # Ensure that clean-up codepaths work correctly if activation ultimately fails
 touch /run/not-a-directory
 mkdir /tmp/root
 -- 
 2.43.0
--- a/systemd.spec
+++ b/systemd.spec
@ -25,7 +25,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        255
-Release:        25
+Release:        26
 License:        MIT and LGPLv2+ and GPLv2+
 Summary:        System and Service Manager
@ -72,6 +72,8 @@ Patch6018:      backport-fix-cgtop-sscanf-return-code-checks.patch
 Patch6019:      backport-mount-optimize-mountinfo-traversal-by-decoupling-dev.patch
 Patch6020:      backport-systemctl-fix-printing-of-RootImageOptions.patch
 Patch6021:      backport-pid1-add-env-var-to-override-default-mount-rate-limit-interval.patch
 Patch6022:      backport-core-escape-spaces-in-paths-during-serialization.patch
 Patch6023:      backport-core-escape-spaces-when-serializing-as-well.patch
 Patch9008:      update-rtc-with-system-clock-when-shutdown.patch
 Patch9009:      udev-add-actions-while-rename-netif-failed.patch
@ -1661,6 +1663,9 @@ fi
 %{_unitdir}/veritysetup.target
 %changelog
 * Mon Dec 09 2024 zhangyao <zhangyao108@huawei.com> - 255-26
 - DESC:escape spaces during serialization
 * Mon Nov 11 2024 xujing <xujing125@huawei.com> - 255-25
 - pid1: add env var to override default mount rate limit interval