RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-14 19:54:57 +00:00
Code Issues Activity Actions

Kernel: Stricter path checking in validate_path_against_process_veil

Browse source 
This change enforces that paths passed to
VFS::validate_path_against_process_veil are absolute and do not contain
any '..' or '.' parts. We should VERIFY here instead of returning EINVAL
since the code that calls this should resolve non-canonical paths before
calling this function.
This commit is contained in:
Max Wipfli 2021-07-05 18:03:54 +02:00 committed by Andreas Kling
parent 82c25aad01
commit 502436f9fc
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Kernel/FileSystem/VirtualFileSystem.cpp
View file

@ -852,9 +852,9 @@ KResult VFS::validate_path_against_process_veil(StringView path, int options)
if (path == "/usr/lib/Loader.so")
return KSuccess;
// FIXME: Figure out a nicer way to do this.
if (String(path).contains("/.."))
return EINVAL;
VERIFY(path.starts_with('/'));
VERIFY(!path.contains("/../"sv) && !path.ends_with("/.."sv));
VERIFY(!path.contains("/./"sv) && !path.ends_with("/."sv));
auto& unveiled_path = find_matching_unveiled_path(path);
if (unveiled_path.permissions() == UnveilAccess::None) {