Skip to content

Commit

Permalink
Validate server arguments
Browse files Browse the repository at this point in the history 
Some command line arguments are passed as is to "adb shell". Therefore,
they must not contain special shell characters.
  • Loading branch information
@rom1v
rom1v committed Sep 13, 2024
1 parent dea1fe3 commit bec3321
Showing 1 changed file with 28 additions and 0 deletions.
28 changes: 28 additions & 0 deletions app/src/server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,21 @@ sc_server_get_audio_source_name(enum sc_audio_source audio_source) {
}
}

static bool
validate_string(const char *s) {
// The parameters values are passed as command line arguments to adb, so
// they must either be properly escaped, or they must not contain any
// special shell characters.
// Since they are not properly escaped on Windows anyway (see
// sys/win/process.c), just forbid special shell characters.
if (strpbrk(s, " ;'\"*$?&`#\\|<>[]{}()!~")) {
LOGE("Invalid server param: [%s]", s);
return false;
}

return true;
}

static sc_pid
execute_server(struct sc_server *server,
const struct sc_server_params *params) {
Expand Down Expand Up @@ -260,6 +275,11 @@ execute_server(struct sc_server *server,
} \
cmd[count++] = p; \
} while(0)
#define VALIDATE_STRING(s) do { \
if (!validate_string(s)) { \
goto end; \
} \
} while(0)

ADD_PARAM("scid=%08x", params->scid);
ADD_PARAM("log_level=%s", log_level_to_server_string(params->log_level));
Expand Down Expand Up @@ -311,6 +331,7 @@ execute_server(struct sc_server *server,
ADD_PARAM("tunnel_forward=true");
}
if (params->crop) {
VALIDATE_STRING(params->crop);
ADD_PARAM("crop=%s", params->crop);
}
if (!params->control) {
Expand All @@ -321,16 +342,19 @@ execute_server(struct sc_server *server,
ADD_PARAM("display_id=%" PRIu32, params->display_id);
}
if (params->camera_id) {
VALIDATE_STRING(params->camera_id);
ADD_PARAM("camera_id=%s", params->camera_id);
}
if (params->camera_size) {
VALIDATE_STRING(params->camera_size);
ADD_PARAM("camera_size=%s", params->camera_size);
}
if (params->camera_facing != SC_CAMERA_FACING_ANY) {
ADD_PARAM("camera_facing=%s",
sc_server_get_camera_facing_name(params->camera_facing));
}
if (params->camera_ar) {
VALIDATE_STRING(params->camera_ar);
ADD_PARAM("camera_ar=%s", params->camera_ar);
}
if (params->camera_fps) {
Expand All @@ -346,15 +370,19 @@ execute_server(struct sc_server *server,
ADD_PARAM("stay_awake=true");
}
if (params->video_codec_options) {
VALIDATE_STRING(params->video_codec_options);
ADD_PARAM("video_codec_options=%s", params->video_codec_options);
}
if (params->audio_codec_options) {
VALIDATE_STRING(params->audio_codec_options);
ADD_PARAM("audio_codec_options=%s", params->audio_codec_options);
}
if (params->video_encoder) {
VALIDATE_STRING(params->video_encoder);
ADD_PARAM("video_encoder=%s", params->video_encoder);
}
if (params->audio_encoder) {
VALIDATE_STRING(params->audio_encoder);
ADD_PARAM("audio_encoder=%s", params->audio_encoder);
}
if (params->power_off_on_close) {
Expand Down

0 comments on commit bec3321

Please sign in to comment.