angler-fishThe Vulnerability History Project

core: rework unit name validation and manipulation logic

      A variety of changes:

- Make sure all our calls distuingish OOM from other errors if OOM is
  not the only error possible.

- Be much stricter when parsing escaped paths, do not accept trailing or
  leading escaped slashes.

- Change unit validation to take a bit mask for allowing plain names,
  instance names or template names or an combination thereof.

- Refuse manipulating invalid unit name
by Aaron the Falcon 2015-04-30 18:21:00 UTC
commit 7410616cd9dbbec97cf98d75324da5cda2b2f7a2
systemd VCC CVE-2021-33910
src/core/automount.c
+10 -9
src/core/busname.c
+3 -3
src/core/dbus-unit.c
+2 -2
src/core/device.c
+9 -10
src/core/load-fragment.c
+8 -8
src/core/manager.c
+8 -9
src/core/mount.c
+12 -11
src/core/snapshot.c
+2 -2
src/core/socket.c
+12 -11
src/core/swap.c
+19 -20
src/core/unit-printf.c
+42 -13
src/core/unit.c
+79 -81
src/cryptsetup/cryptsetup-generator.c
+10 -10
src/dbus1-generator/dbus1-generator.c
+1 -1
src/debug-generator/debug-generator.c
+6 -6
src/escape/escape.c
+18 -22
src/fstab-generator/fstab-generator.c
+9 -9
src/getty-generator/getty-generator.c
+11 -11
src/gpt-auto-generator/gpt-auto-generator.c
+12 -13
src/hibernate-resume/hibernate-resume-generator.c
+3 -5
src/journal/journalctl.c
+9 -8
src/login/logind-user.c
+4 -4
src/machine/machinectl.c
+25 -30
src/run/run.c
+22 -22
src/shared/cgroup-util.c
+7 -8
src/shared/dropin.c
+7 -8
src/shared/generator.c
+9 -9
src/shared/install-printf.c
+14 -2
src/shared/install.c
+30 -29
src/shared/unit-name.c
+223 -377
src/shared/unit-name.h
+36 -42
src/systemctl/systemctl.c
+46 -54
src/sysv-generator/sysv-generator.c
+3 -5
src/test/test-unit-name.c
+123 -179
expand_less