[PATCH 2/2] daemon: Verify base-path and interpolated-path early

Johannes Sixt <j.sixt@xxxxxxxxxxxxx> · Mon, 25 Feb 2008 14:27:25 +0100

Any request to the daemon would fail if either interpolated-path or
base-path (if specified) would not be absolute. Hence, we can check those
paths for validity upfront and not start the daemon at all if the paths are
invalid.

Additionally, we now check that the base-path is an existing directory.

Signed-off-by: Johannes Sixt <johannes.sixt@xxxxxxxxxx>
---
 daemon.c |   24 +++++++++++++-----------
 1 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/daemon.c b/daemon.c
index dd0177f..64c7fff 100644
--- a/daemon.c
+++ b/daemon.c
@@ -220,12 +220,6 @@ static char *path_ok(struct interp *itable)
 		}
 	}
 	else if (interpolated_path && saw_extended_args) {
-		if (*dir != '/') {
-			/* Allow only absolute */
-			logerror("'%s': Non-absolute path denied (interpolated-path active)", dir);
-			return NULL;
-		}
-
 		interpolate(interp_path, PATH_MAX, interpolated_path,
 			    interp_table, ARRAY_SIZE(interp_table));
 		loginfo("Interpolated dir '%s'", interp_path);
@@ -233,11 +227,6 @@ static char *path_ok(struct interp *itable)
 		dir = interp_path;
 	}
 	else if (base_path) {
-		if (*dir != '/') {
-			/* Allow only absolute */
-			logerror("'%s': Non-absolute path denied (base-path active)", dir);
-			return NULL;
-		}
 		snprintf(rpath, PATH_MAX, "%s%s", base_path, dir);
 		dir = rpath;
 	}
@@ -1184,6 +1173,19 @@ int main(int argc, char **argv)
 	if (strict_paths && (!ok_paths || !*ok_paths))
 		die("option --strict-paths requires a whitelist");

+	if (base_path) {
+		struct stat st;
+
+		if (!is_absolute_path(base_path))
+			die("base-path must be absolute");
+		if (stat(base_path, &st) || !S_ISDIR(st.st_mode))
+			die("base-path '%s' does not exist or "
+			    "is not a directory", base_path);
+	}
+
+	if (interpolated_path && !is_absolute_path(interpolated_path))
+		die("interpolated-path must be absolute");
+
 	if (inetd_mode) {
 		struct sockaddr_storage ss;
 		struct sockaddr *peer = (struct sockaddr *)&ss;
-- 
1.5.4.3.229.g5c72

-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




