libbrillo: Reject LVM command arguments that don't round trip This restricts the LvmCommandRunner::RunCommand operation to only support commands where the arguments won't be transformed by the join+resplit operation that happens (i.e. one arg will be interpreted as one arg). This is intended to prevent argument injection. What this means is that these command arguments must either use no whitespace or quotes, or they must be completely pre-quoted. BUG=b:510067752 TEST=unit tests Change-Id: Ia98f322d63f7d3cdb860373e3f99ecae92a8fc97 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/7823495 Reviewed-by: Sarthak Kukreti <sarthakkukreti@google.com> Commit-Queue: John Admanski <jadmanski@chromium.org> Tested-by: John Admanski <jadmanski@chromium.org> Reviewed-by: Aashay Shringarpure <aashay@google.com> NOKEYCHECK=True GitOrigin-RevId: 8ce289db870d6af65728334fbc34198cf3e2e0fd
libbrillo is a shared library meant to hold common utility code that we deem useful for platform projects. It supplements the functionality provided by libbase/libchrome since that project, by design, only holds functionality that Chromium (the browser) needs. As a result, this tends to be more OS-centric code.
This project is also used by Update Engine which is maintained in AOSP. However, AOSP doesn't use this codebase directly, it maintains its own libbrillo fork.
To help keep the projects in sync, we have a gsubtree set up on our GoB: https://chromium.googlesource.com/chromiumos/platform2/libbrillo/
This allows AOSP to cherry pick or merge changes directly back into their fork.