OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (c) 2016 The Native Client Authors. All rights reserved. | 2 * Copyright (c) 2016 The Native Client Authors. All rights reserved. |
3 * Use of this source code is governed by a BSD-style license that can be | 3 * Use of this source code is governed by a BSD-style license that can be |
4 * found in the LICENSE file. | 4 * found in the LICENSE file. |
5 */ | 5 */ |
6 | 6 |
7 #include "native_client/src/trusted/service_runtime/sel_ldr_filename.h" | 7 #include "native_client/src/trusted/service_runtime/sel_ldr_filename.h" |
8 | 8 |
9 #include <errno.h> | 9 #include <errno.h> |
10 #include <string.h> | 10 #include <string.h> |
(...skipping 26 matching lines...) Expand all Loading... | |
37 return 0; | 37 return 0; |
38 return 1; | 38 return 1; |
39 } | 39 } |
40 | 40 |
41 #if !NACL_WINDOWS | 41 #if !NACL_WINDOWS |
42 /* | 42 /* |
43 * Given a |virtual_path| (a path supplied by the user with no knowledge of | 43 * Given a |virtual_path| (a path supplied by the user with no knowledge of |
44 * the mounted directory) transform it into an |absolute_path|, which is an | 44 * the mounted directory) transform it into an |absolute_path|, which is an |
45 * absolute path prefixed by the root mount directory. | 45 * absolute path prefixed by the root mount directory. |
46 * | 46 * |
47 * TODO(smklein): The virtual_path is assumed to be absolute. Change this. | |
48 * | |
49 * @param[in] virtual_path Virtual path supplied by user. | 47 * @param[in] virtual_path Virtual path supplied by user. |
50 * @param[out] absolute_path The absolute path referenced by the |virtual_path|. | 48 * @param[out] absolute_path The absolute path referenced by the |virtual_path|. |
51 * @param[in] absolute_path_size The size of the |absolute_path| buffer. | 49 * @param[in] absolute_path_size The size of the |absolute_path| buffer. |
52 * @return 0 on success, else a negated NaCl errno. | 50 * @return 0 on success, else a negated NaCl errno. |
53 */ | 51 */ |
54 static uint32_t VirtualToAbsolutePath(const char *virtual_path, | 52 static uint32_t VirtualToAbsolutePath(const char *virtual_path, |
55 char *absolute_path, | 53 char *absolute_path, |
56 size_t absolute_path_max_size) { | 54 size_t absolute_path_max_size) { |
55 size_t cwd_path_len; | |
57 size_t virtual_path_len = strlen(virtual_path); | 56 size_t virtual_path_len = strlen(virtual_path); |
58 /* Check that we have enough room to prepend the prefix (absolute case). */ | 57 if (virtual_path[0] == '/') { |
59 if (virtual_path_len + NaClRootDirLen + 1 > absolute_path_max_size) { | 58 /* Absolute Path = Prefix + Absolute Virtual Path + '\0' */ |
60 NaClLog(LOG_ERROR, "Pathname too long: %s\n", virtual_path); | 59 if (virtual_path_len + NaClRootDirLen + 1 > absolute_path_max_size) { |
61 return -NACL_ABI_ENAMETOOLONG; | 60 NaClLog(LOG_ERROR, "Pathname too long: %s\n", virtual_path); |
61 return -NACL_ABI_ENAMETOOLONG; | |
62 } | |
63 /* Prefix */ | |
64 memcpy(absolute_path, NaClRootDir, NaClRootDirLen); | |
65 /* Prefix + Virtual Path */ | |
66 memcpy(absolute_path + NaClRootDirLen, virtual_path, virtual_path_len); | |
67 /* Prefix + Virtual Path + Terminator */ | |
68 absolute_path[virtual_path_len + NaClRootDirLen] = '\0'; | |
69 } else { | |
70 /* Absolute Path = Cwd + '/' + Relative Virtual Path + '\0' */ | |
71 if (NaClHostDescGetcwd(absolute_path, absolute_path_max_size) != 0) { | |
72 NaClLog(LOG_ERROR, "NaClHostDescGetcwd failed\n"); | |
73 return -NaClXlateErrno(errno); | |
Sam Clegg
2016/02/11 22:45:26
NaClHostDescGetcwd returns the translated errno al
Sean Klein
2016/02/11 23:00:52
Done.
| |
74 } | |
75 cwd_path_len = strlen(absolute_path); | |
76 /* | |
77 * The prefix cannot be mounted at the root, so we can safely assume that | |
78 * the Cwd consists of some path component after "/", such as "/foo". This | |
79 * means that before inserting the relative path, we must insert an | |
80 * additional "/" at the end of the Cwd. | |
81 */ | |
82 CHECK(NaClRootDirLen > 1); | |
83 CHECK(strncmp(absolute_path, NaClRootDir, NaClRootDirLen) == 0); | |
84 /* | |
85 * While verifying that the Cwd is inside a root (such as "/root"), ensure | |
86 * that the Cwd is not only matching the prefix of the root (such as | |
87 * "/root_but_not_really"). | |
88 */ | |
89 CHECK((absolute_path[NaClRootDirLen] == '/') || | |
90 (absolute_path[NaClRootDirLen] == '\0')); | |
91 if (cwd_path_len + 1 + virtual_path_len + 1 > absolute_path_max_size) { | |
92 NaClLog(LOG_ERROR, "Pathname too long: %s\n", virtual_path); | |
93 return -NACL_ABI_ENAMETOOLONG; | |
94 } | |
95 /* Cwd + '/' */ | |
96 memcpy(absolute_path + cwd_path_len, "/", 1); | |
97 /* Cwd + '/' + Relative Path */ | |
98 memcpy(absolute_path + cwd_path_len + 1, virtual_path, virtual_path_len); | |
99 /* Cwd + '/' + Relative Path + Terminator */ | |
100 absolute_path[cwd_path_len + 1 + virtual_path_len] = '\0'; | |
Sam Clegg
2016/02/11 22:45:26
Is there some reason you are not using strcat here
Sean Klein
2016/02/11 23:00:52
Well, strcat is slower, since it requires scanning
| |
62 } | 101 } |
63 | 102 |
64 /* Prefix */ | |
65 memcpy(absolute_path, NaClRootDir, NaClRootDirLen); | |
66 /* Prefix + Virtual Path */ | |
67 memcpy(absolute_path + NaClRootDirLen, virtual_path, virtual_path_len); | |
68 /* Prefix + Virtual Path + Terminator */ | |
69 absolute_path[virtual_path_len + NaClRootDirLen] = '\0'; | |
70 | |
71 return 0; | 103 return 0; |
72 } | 104 } |
73 | 105 |
74 /* | 106 /* |
75 * Determine if |path| points to a symbolic link. | 107 * Determine if |path| points to a symbolic link. |
76 * | 108 * |
77 * @param[in] path Path of file to be checked. | 109 * @param[in] path Path of file to be checked. |
78 * @return Nonzero if path is symbolic link. | 110 * @return Nonzero if path is symbolic link. |
79 */ | 111 */ |
80 static int IsSymbolicLink(const char *path) { | 112 static int IsSymbolicLink(const char *path) { |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
127 * @param[in] dest_max_size The size of the buffer holding dest. | 159 * @param[in] dest_max_size The size of the buffer holding dest. |
128 * @return 0 on success, else a NaCl errno. | 160 * @return 0 on success, else a NaCl errno. |
129 */ | 161 */ |
130 static uint32_t CopyHostPathMounted(char *dest, size_t dest_max_size) { | 162 static uint32_t CopyHostPathMounted(char *dest, size_t dest_max_size) { |
131 uint32_t retval; | 163 uint32_t retval; |
132 char raw_path[NACL_CONFIG_PATH_MAX]; | 164 char raw_path[NACL_CONFIG_PATH_MAX]; |
133 | 165 |
134 if (dest_max_size <= 0 || dest[0] == '\0') { | 166 if (dest_max_size <= 0 || dest[0] == '\0') { |
135 NaClLog(LOG_ERROR, "Dest cannot be empty path\n"); | 167 NaClLog(LOG_ERROR, "Dest cannot be empty path\n"); |
136 return -NACL_ABI_ENOENT; | 168 return -NACL_ABI_ENOENT; |
137 } else if (dest[0] != '/') { | |
138 /* TODO(smklein): Allow usage of relative paths. */ | |
139 NaClLog(LOG_ERROR, "Pathname is not absolute: %s\n", dest); | |
140 return -NACL_ABI_EACCES; | |
141 } | 169 } |
142 | 170 |
143 CHECK(dest_max_size == NACL_CONFIG_PATH_MAX); | 171 CHECK(dest_max_size == NACL_CONFIG_PATH_MAX); |
144 CHECK(strlen(dest) < NACL_CONFIG_PATH_MAX); | 172 CHECK(strlen(dest) < NACL_CONFIG_PATH_MAX); |
145 strcpy(raw_path, dest); | 173 strcpy(raw_path, dest); |
146 | 174 |
147 /* Transform the user's raw path into an absolute path. */ | 175 /* |
176 * Transform the user's raw path into an absolute path. | |
177 * The path may be either absolute or relative here -- but it will | |
178 * be absolute once VirtualToAbsolutePath returns successfully. | |
179 */ | |
148 retval = VirtualToAbsolutePath(raw_path, dest, dest_max_size); | 180 retval = VirtualToAbsolutePath(raw_path, dest, dest_max_size); |
149 if (retval != 0) | 181 if (retval != 0) |
150 return retval; | 182 return retval; |
151 | 183 |
152 /* Verify that the path cannot escape root. */ | 184 /* Verify that the path cannot escape root. */ |
153 return ValidateAbsolutePath(dest); | 185 return ValidateAbsolutePath(dest); |
154 } | 186 } |
155 #endif /* !NACL_WINDOWS */ | 187 #endif /* !NACL_WINDOWS */ |
156 | 188 |
157 uint32_t CopyHostPathInFromUser(struct NaClApp *nap, | 189 uint32_t CopyHostPathInFromUser(struct NaClApp *nap, |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
218 return (uint32_t) -NACL_ABI_EFAULT; | 250 return (uint32_t) -NACL_ABI_EFAULT; |
219 return 0; | 251 return 0; |
220 } | 252 } |
221 | 253 |
222 /* Copy out everything after the root dir (including the slash). */ | 254 /* Copy out everything after the root dir (including the slash). */ |
223 if (!NaClCopyOutToUser(nap, dst_usr_addr, path + NaClRootDirLen, | 255 if (!NaClCopyOutToUser(nap, dst_usr_addr, path + NaClRootDirLen, |
224 path_len - NaClRootDirLen + 1)) | 256 path_len - NaClRootDirLen + 1)) |
225 return (uint32_t) -NACL_ABI_EFAULT; | 257 return (uint32_t) -NACL_ABI_EFAULT; |
226 return 0; | 258 return 0; |
227 } | 259 } |
OLD | NEW |