From 719eeee461b470d4803c7e370b33828bb7806dba Mon Sep 17 00:00:00 2001
From: Ryan Gonzalez <rymg19@gmail.com>
Date: Mon, 5 Oct 2020 11:18:03 -0500
Subject: [PATCH] build-init/finish: Validate extension names

Otherwise, it becomes easy to accidentally create extensions with
invalid names. Ref #3887.
---
 app/flatpak-builtins-build-finish.c | 6 ++++++
 app/flatpak-builtins-build-init.c   | 3 +++
 2 files changed, 9 insertions(+)

diff --git a/app/flatpak-builtins-build-finish.c b/app/flatpak-builtins-build-finish.c
index 46261417..cd23f1b0 100644
--- a/app/flatpak-builtins-build-finish.c
+++ b/app/flatpak-builtins-build-finish.c
@@ -588,6 +588,12 @@ update_metadata (GFile *base, FlatpakContext *arg_context, gboolean is_runtime,
           goto out;
         }
 
+      if (!flatpak_is_valid_name (elements[0], error))
+        {
+          glnx_prefix_error (error, _("Invalid extension name %s"), elements[0]);
+          goto out;
+        }
+
       groupname = g_strconcat (FLATPAK_METADATA_GROUP_PREFIX_EXTENSION,
                                elements[0], NULL);
 
diff --git a/app/flatpak-builtins-build-init.c b/app/flatpak-builtins-build-init.c
index fc098176..465aa8b1 100644
--- a/app/flatpak-builtins-build-init.c
+++ b/app/flatpak-builtins-build-init.c
@@ -449,6 +449,9 @@ flatpak_builtin_build_init (int argc, char **argv, GCancellable *cancellable, GE
       if (g_strv_length (elements) < 2)
         return flatpak_fail (error, _("Too few elements in --extension argument %s, format should be NAME=VAR[=VALUE]"), opt_extensions[i]);
 
+      if (!flatpak_is_valid_name (elements[0], error))
+        return glnx_prefix_error (error, _("Invalid extension name %s"), elements[0]);
+
       groupname = g_strconcat (FLATPAK_METADATA_GROUP_PREFIX_EXTENSION,
                                elements[0], NULL);