veritysetup: do some superficial checking on volume name

poettering · poettering · commit 9959d7828010 · 2022-03-31T11:44:46.000+02:00
cryptsetup does this too, so let's better be safe here, too.
diff --git a/src/veritysetup/veritysetup.c b/src/veritysetup/veritysetup.c
@@ -146,6 +146,9 @@ static int run(int argc, char *argv[]) {
                 root_hash = argv[5];
                 options = mangle_none(argc > 6 ? argv[6] : NULL);
 
+                if (!filename_is_valid(volume))
+                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
+
                 r = unhexmem(root_hash, SIZE_MAX, &m, &l);
                 if (r < 0)
                         return log_error_errno(r, "Failed to parse root hash: %m");
@@ -210,6 +213,9 @@ static int run(int argc, char *argv[]) {
 
                 volume = argv[2];
 
+                if (!filename_is_valid(volume))
+                        return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
+
                 r = crypt_init_by_name(&cd, volume);
                 if (r == -ENODEV) {
                         log_info("Volume %s already inactive.", volume);
