From 35c2958ae4caf70a3074f59fbceeb24cfe82f902 Mon Sep 17 00:00:00 2001 From: nicm Date: Tue, 6 Jul 2021 08:18:38 +0000 Subject: Forbid empty session names, GitHub issue 2758. --- cmd-new-session.c | 13 ++++++++++++- cmd-rename-session.c | 5 +++++ session.c | 2 ++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/cmd-new-session.c b/cmd-new-session.c index c47d66cd..666aeaac 100644 --- a/cmd-new-session.c +++ b/cmd-new-session.c @@ -102,6 +102,11 @@ cmd_new_session_exec(struct cmd *self, struct cmdq_item *item) if (tmp != NULL) { name = format_single(item, tmp, c, NULL, NULL, NULL); newname = session_check_name(name); + if (newname == NULL) { + cmdq_error(item, "invalid session: %s", name); + free(name); + return (CMD_RETURN_ERROR); + } free(name); } if (args_has(args, 'A')) { @@ -134,8 +139,14 @@ cmd_new_session_exec(struct cmd *self, struct cmdq_item *item) prefix = xstrdup(sg->name); else if (groupwith != NULL) prefix = xstrdup(groupwith->name); - else + else { prefix = session_check_name(group); + if (prefix == NULL) { + cmdq_error(item, "invalid session group: %s", + group); + goto fail; + } + } } /* Set -d if no client. */ diff --git a/cmd-rename-session.c b/cmd-rename-session.c index 51b8ffc8..49fafe33 100644 --- a/cmd-rename-session.c +++ b/cmd-rename-session.c @@ -53,6 +53,11 @@ cmd_rename_session_exec(struct cmd *self, struct cmdq_item *item) tmp = format_single_from_target(item, args->argv[0]); newname = session_check_name(tmp); + if (newname == NULL) { + cmdq_error(item, "invalid session: %s", tmp); + free(tmp); + return (CMD_RETURN_ERROR); + } free(tmp); if (strcmp(newname, s->name) == 0) { free(newname); diff --git a/session.c b/session.c index 93d50b47..cb0093a2 100644 --- a/session.c +++ b/session.c @@ -237,6 +237,8 @@ session_check_name(const char *name) { char *copy, *cp, *new_name; + if (*name == '\0') + return (NULL); copy = xstrdup(name); for (cp = copy; *cp != '\0'; cp++) { if (*cp == ':' || *cp == '.') -- cgit From 32f2d9d089ced7d693aa412821f1d66134877cf0 Mon Sep 17 00:00:00 2001 From: nicm Date: Tue, 6 Jul 2021 08:26:00 +0000 Subject: Improve error reporting when the tmux /tmp directory cannot be created or used, GitHub issue 2765 from Uwe Kleine-Koenig. --- tmux.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tmux.c b/tmux.c index 16877407..55ab9751 100644 --- a/tmux.c +++ b/tmux.c @@ -211,16 +211,22 @@ make_label(const char *label, char **cause) free(paths); xasprintf(&base, "%s/tmux-%ld", path, (long)uid); - if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST) + if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST) { + xasprintf(cause, "couldn't create directory %s (%s)", base, + strerror(errno)); goto fail; - if (lstat(base, &sb) != 0) + } + if (lstat(base, &sb) != 0) { + xasprintf(cause, "couldn't read directory %s (%s)", base, + strerror(errno)); goto fail; + } if (!S_ISDIR(sb.st_mode)) { - errno = ENOTDIR; + xasprintf(cause, "%s is not a directory", base); goto fail; } if (sb.st_uid != uid || (sb.st_mode & S_IRWXO) != 0) { - errno = EACCES; + xasprintf(cause, "directory %s has unsafe permissions", base); goto fail; } xasprintf(&path, "%s/%s", base, label); @@ -228,7 +234,6 @@ make_label(const char *label, char **cause) return (path); fail: - xasprintf(cause, "error creating %s (%s)", base, strerror(errno)); free(base); return (NULL); } -- cgit