core: validate input cgroup path more prudently

YHNdnzj · bluca · commit 3cee294fe8cf · 2026-02-26T21:26:10.000Z
(cherry picked from commit efa6ba2)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
@@ -652,6 +652,12 @@ static int method_get_unit_by_control_group(sd_bus_message *message, void *userd
         if (r < 0)
                 return r;
 
+        if (!path_is_absolute(cgroup))
+                return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not absolute: %s", cgroup);
+
+        if (!path_is_normalized(cgroup))
+                return sd_bus_error_setf(reterr_error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not normalized: %s", cgroup);
+
         u = manager_get_unit_by_cgroup(m, cgroup);
         if (!u)
                 return sd_bus_error_setf(reterr_error, BUS_ERROR_NO_SUCH_UNIT,
diff --git a/src/core/varlink-unit.c b/src/core/varlink-unit.c
@@ -467,7 +467,7 @@ static int lookup_unit_by_parameters(sd_varlink *link, Manager *manager, UnitLoo
         }
 
         if (p->cgroup) {
-                if (!path_is_safe(p->cgroup))
+                if (!path_is_absolute(p->cgroup) || !path_is_normalized(p->cgroup))
                         return sd_varlink_error_invalid_parameter_name(link, "cgroup");
 
                 Unit *cgroup_unit = manager_get_unit_by_cgroup(manager, p->cgroup);

Original file line number	Diff line number	Diff line change
`@@ -467,7 +467,7 @@ static int lookup_unit_by_parameters(sd_varlink link, Manager manager, UnitLoo`
`467`	`467`	`}`
`468`	`468`
`469`	`469`	`if (p->cgroup) {`
`470`		`- if (!path_is_safe(p->cgroup))`
	`470`	`+ if (!path_is_absolute(p->cgroup) \|\| !path_is_normalized(p->cgroup))`
`471`	`471`	`return sd_varlink_error_invalid_parameter_name(link, "cgroup");`
`472`	`472`
`473`	`473`	`Unit *cgroup_unit = manager_get_unit_by_cgroup(manager, p->cgroup);`