# HG changeset patch
# Parent 8a2f8cf2cae4658ec472c0bd59f8bf3962946ac8
Sanitize pidfile name, provide %iface_file_name% that is safe to use as filename fragment

diff --git a/execute.c b/execute.c
--- a/execute.c
+++ b/execute.c
@@ -215,7 +215,7 @@
 {
     if (!no_act) {
         char pidfilename[100];
-        snprintf(pidfilename, sizeof(pidfilename), RUN_DIR "ifup-%s.pid", iface->real_iface);
+        make_pidfile_name(pidfilename, sizeof pidfilename, "ifup", iface);
         FILE *pidfile = fopen(pidfilename, "r");
         if (pidfile) {
             int pid;
@@ -442,6 +442,14 @@
         return strdup(ifd->real_iface);
     }
 
+    if (strncmpz(id, "iface_file_name", idlen) == 0) {
+        char *p = strdup(ifd->real_iface);
+        if (p) {
+            sanitize_file_name(p);
+        }
+        return p;
+    }
+
     {
         for (i = 0; i < ifd->n_options; i++) {
             if (strncmpz(id, ifd->option[i].name, idlen) == 0) {
diff --git a/header.h b/header.h
--- a/header.h
+++ b/header.h
@@ -130,6 +130,8 @@
 int var_set(char *id, interface_defn * ifd);
 int var_set_anywhere(char *id, interface_defn * ifd);
 int run_mapping(char *physical, char *logical, int len, mapping_defn * map);
+void sanitize_file_name(char *name);
+int make_pidfile_name(char *name, size_t size, const char *command, interface_defn *ifd);
 extern int no_act;
 extern int verbose;
 extern int run_scripts;
diff --git a/main.c b/main.c
--- a/main.c
+++ b/main.c
@@ -356,6 +356,33 @@
     return 0;
 }
 
+void sanitize_file_name(char *name)
+{
+    for (; *name; name++) {
+        if (*name == '/') {
+            *name = '-';
+        }
+    }
+}
+
+int make_pidfile_name(char *name, size_t size,
+                      const char *command, interface_defn *ifd)
+{
+    char *interface = strdup(ifd->real_iface);
+    if (!interface) {
+        return 0;
+    }
+    sanitize_file_name(interface);
+
+    int n = snprintf(name, size, RUN_DIR "%s-%s.pid", command, interface);
+    if (n < 0 || (size_t) n >= size) {
+        free(interface);
+        return 0;
+    }
+
+    return 1;
+}
+
 int main(int argc, char **argv)
 {
     int (*cmds) (interface_defn *) = NULL;
@@ -813,7 +840,9 @@
                                 } else {
                                     command = argv[0];  /* no /'s in argv[0] */
                                 }
-                                snprintf(pidfilename, sizeof(pidfilename), RUN_DIR "%s-%s.pid", command, currif->real_iface);
+                                make_pidfile_name(pidfilename,
+                                                  sizeof pidfilename,
+                                                  command, currif);
                                 if (!no_act) {
                                     FILE *pidfile = fopen(pidfilename, "w");
                                     if (pidfile) {