From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 3/3] initscripts: readhash: Fix handling = signs
Date: Fri, 06 Dec 2024 16:42:17 +0000
Message-ID: <20241206164217.3840140-3-michael.tremer@ipfire.org>
In-Reply-To: <20241206164217.3840140-1-michael.tremer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5944303991603418640=="
List-Id: <development.lists.ipfire.org>

--===============5944303991603418640==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

The function expected that a line only contains exactly one equals sign
(=3D) which is not fit for purpose. In the WireGuard code we hold key
material that is encoded in base64 and therefore contains padding that
uses =3D.

This patch fixes that we expect exactly one equals sign immediately
after the key and we will then accept more =3D in the value - which was
already permitted.

Furthermore, this patch fixes the splitting if the key and value at the
first =3D.

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 src/initscripts/system/functions                     | 12 +++---------
 .../system/functions/data/2_output_stderr            |  8 ++++----
 2 files changed, 7 insertions(+), 13 deletions(-)

diff --git a/src/initscripts/system/functions b/src/initscripts/system/functi=
ons
index 094e35495..e486cc085 100644
--- a/src/initscripts/system/functions
+++ b/src/initscripts/system/functions
@@ -909,21 +909,15 @@ readhash() {
 			continue
 		fi
=20
-		# Skip lines without a =3D
-		if ! [[ ${line} =3D~ [^=3D]*=3D[^=3D]*$ ]]; then
+		# Check for a valid key followed by =3D
+		if ! [[ ${line} =3D~ ^[A-Za-z_][A-Za-z0-9_]*=3D ]]; then
 			echo "Invalid line '${line}'" >&2
 			continue
 		fi
=20
-		local key=3D"${line%=3D*}"
+		local key=3D"${line%%=3D*}"
 		local val=3D"${line#*=3D}"
=20
-		# Skip lines with an invalid key
-		if ! [[ ${key} =3D~ ^[A-Za-z_][A-Za-z0-9_]*$ ]]; then
-			echo "Invalid key '${key}'" >&2
-			continue
-		fi
-
 		# Skip lines with invalid values
 		if ! [[ ${val} =3D~ ^[\'][\ A-Za-z0-9=3D/,.:%_@#+-]*[\']$ ]] && ! [[ ${val=
} =3D~ ^[A-Za-z0-9=3D/,.:%_@#+-]*$ ]]; then
 			echo "Invalid value '${val}' for key '${key}'" >&2
diff --git a/tests/src/initscripts/system/functions/data/2_output_stderr b/te=
sts/src/initscripts/system/functions/data/2_output_stderr
index 82f035e26..7f4c5a944 100644
--- a/tests/src/initscripts/system/functions/data/2_output_stderr
+++ b/tests/src/initscripts/system/functions/data/2_output_stderr
@@ -2,8 +2,8 @@ Invalid value '?3' for key 'CONFIG_TYPE'
 Invalid value 'gree!n0' for key 'GREEN_DEV'
 Invalid value '00:c0:08:8a  :a0:47' for key 'GREEN_MACADDR'
 Invalid value '"r8175"' for key 'GREEN_DRIVER'
-Invalid key '-RED_DEV'
-Invalid key 'RE??D_MACADDR'
-Invalid key 'RED&&_DRIVER'
-Invalid key '0BLUE_DEV'
+Invalid line '-RED_DEV=3Dred0'
+Invalid line 'RE??D_MACADDR=3D00:c0:08:8a:a0:56'
+Invalid line 'RED&&_DRIVER=3Dr8283'
+Invalid line '0BLUE_DEV=3D'blue0 net0''
 Invalid line 'Line_without_a_equal_sign_is_also_invalid'
--=20
2.39.5


--===============5944303991603418640==--