From cc5dd79b095925a195f00979e5cefea2dfe78f8f Mon Sep 17 00:00:00 2001
From: Matthias Clasen <mclasen@redhat.com>
Date: Fri, 12 Oct 2018 21:11:58 -0400
Subject: [PATCH] remote: Be robust against bad names

If we use a remote name containing questionable characters
such as newlines or '[', we will run into assertions in
GKeyFile. To avoid that, check that the group name we
pass is valid, and throw an error otherwise.

Found while writing tests.

Closes: #2244
Approved by: alexlarsson

Closes: #2247
Approved by: alexlarsson
---
 common/flatpak-remote.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/common/flatpak-remote.c b/common/flatpak-remote.c
index a2d36cf2..9342c505 100644
--- a/common/flatpak-remote.c
+++ b/common/flatpak-remote.c
@@ -786,6 +786,25 @@ flatpak_remote_new (const char *name)
   return flatpak_remote_new_with_dir (name, NULL);
 }
 
+/* copied from GLib */
+static gboolean
+g_key_file_is_group_name (const gchar *name)
+{
+  gchar *p, *q;
+
+  if (name == NULL)
+    return FALSE;
+
+  p = q = (gchar *) name;
+  while (*q && *q != ']' && *q != '[' && !g_ascii_iscntrl (*q))
+    q = g_utf8_find_next_char (q, NULL);
+
+  if (*q != '\0' || q == p)
+    return FALSE;
+
+  return TRUE;
+}
+
 gboolean
 flatpak_remote_commit (FlatpakRemote *self,
                        FlatpakDir    *dir,
@@ -799,6 +818,9 @@ flatpak_remote_commit (FlatpakRemote *self,
   g_autoptr(GKeyFile) config = NULL;
   g_autofree char *group = g_strdup_printf ("remote \"%s\"", priv->name);
 
+  if (!g_key_file_is_group_name (group))
+    return flatpak_fail_error (error, FLATPAK_ERROR_INVALID_DATA, _("Bad remote name: %s"), priv->name);
+    
   url = flatpak_remote_get_url (self);
   if (url == NULL || *url == 0)
     return flatpak_fail_error (error, FLATPAK_ERROR_INVALID_DATA, _("No url specified"));