commit: ccdc8ee975fe5b1bfab5194edd8d98b3bdf882d2
Author: Kerin Millar <kfm <AT> plushkava <DOT> net>
AuthorDate: Mon Jan 5 01:22:33 2026 +0000
Commit: Kerin Millar <kfm <AT> plushkava <DOT> net>
CommitDate: Mon Jan 5 01:22:33 2026 +0000
URL: https://gitweb.gentoo.org/proj/locale-gen.git/commit/?id=ccdc8ee9
Forbid <slash> characters within input fields
Should the parse_config() subroutine encounter a field that contains a
<slash> character, consider it as being malformed. This is intended to
improve the security posture of locale-gen(8), given that a lax
validation mode may now be activated by way of the
LOCALEGEN_ALLOW_UNSUPPORTED variable. It would be undesirable for the
localedef(1) utility to be given parameters that cause it to stray
outside of the directories that it is supposed to be reading from.
See-also: 8065bb9fedfe32df1762fe9ba190cf58cf6285d1
Signed-off-by: Kerin Millar <kfm <AT> plushkava.net>
locale-gen | 12 ++++--------
locale.gen.5 | 2 +-
2 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/locale-gen b/locale-gen
index 2dc6eec..be77855 100644
--- a/locale-gen
+++ b/locale-gen
@@ -365,9 +365,11 @@ sub parse_config ($fh, $path, $supported_by, $be_strict) {
$line =~ s/\h\K#\h.*//;
# Expect for two fields, separated by horizontal whitespace.
- my ($locale, $charmap);
+ # For the benefit of the lax validation mode, neither field may
+ # contain any <slash> characters.
chomp $line;
- if (2 != (($locale, $charmap) = split /\h+/, trim_line($line)))
{
+ my ($locale, $charmap);
+ if (2 != (($locale, $charmap) = $line =~
m/^\h*([^\h\/]+)\h+([^\h\/]+)\h*\z/)) {
$thrower->('Malformed locale declaration', $line, 1);
}
@@ -702,12 +704,6 @@ sub throw_child_error ($cmd, $status = $?) {
}
}
-sub trim_line ($line) {
- $line =~ s/^\h+//;
- $line =~ s/\h+$//;
- return $line;
-}
-
sub get_username () {
local $!;
return getpwuid($>) // $ENV{'LOGNAME'};
diff --git a/locale.gen.5 b/locale.gen.5
index 37eafa9..05049da 100644
--- a/locale.gen.5
+++ b/locale.gen.5
@@ -4,7 +4,7 @@ locale.gen - configuration file for locale\-gen
.SH "DESCRIPTION"
The \fBlocale\-gen\fR(8) utility compiles the locales specified by the
\fI/etc/locale.gen\fR file and integrates them into a locale archive.
.P
-If present, the file must be comprised by zero or more lines, each of which
must be comprised by two fields, separated by one or more <blank> characters.
Leading and trailing <blank> characters are permitted. The first field shall be
considered as a \fIlocalename\fR and the second field as a \fIcharmap\fR. The
\fI/usr/share/i18n/SUPPORTED\fR file contains a complete list of the supported
combinations.
+If present, the file must be comprised by zero or more lines, each of which
must be comprised by two fields, separated by one or more <blank> characters.
Leading and trailing <blank> characters are permitted. The first field shall be
considered as a \fIlocalename\fR and the second field as a \fIcharmap\fR. The
<slash> character is forbidden within both fields. The
\fI/usr/share/i18n/SUPPORTED\fR file contains a complete list of the supported
combinations.
.P
Lines that are empty, or which contain only <blank> characters, shall be
disregarded. Lines that begin with zero or more <blank> characters, followed by
a <number\-sign> character, shall be considered as comments and disregarded.
Further, the two fields that form a locale definition may be followed by a
comment, provided that its leading <number\-sign> character is enclosed by
<blank> characters.
.P
