beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-22 23:50:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Kernel: Stricter path checking in validate_path_against_process_veil

Browse source 
This change enforces that paths passed to
VFS::validate_path_against_process_veil are absolute and do not contain
any '..' or '.' parts. We should VERIFY here instead of returning EINVAL
since the code that calls this should resolve non-canonical paths before
calling this function.
This commit is contained in:
Max Wipfli 2021-07-05 18:03:54 +02:00 committed by Andreas Kling
parent 82c25aad01
commit 502436f9fc
Notes: sideshowbarker 2024-07-18 10:22:31 +09:00 
Author: https://github.com/MaxWipfli
Commit: https://github.com/SerenityOS/serenity/commit/502436f9fc2
Pull-request: https://github.com/SerenityOS/serenity/pull/8462
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Kernel/FileSystem/VirtualFileSystem.cpp
View file

@ -852,9 +852,9 @@ KResult VFS::validate_path_against_process_veil(StringView path, int options)
if (path == "/usr/lib/Loader.so")
return KSuccess;
// FIXME: Figure out a nicer way to do this.
if (String(path).contains("/.."))
return EINVAL;
VERIFY(path.starts_with('/'));
VERIFY(!path.contains("/../"sv) && !path.ends_with("/.."sv));
VERIFY(!path.contains("/./"sv) && !path.ends_with("/."sv));
auto& unveiled_path = find_matching_unveiled_path(path);
if (unveiled_path.permissions() == UnveilAccess::None) {