OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (c) 2016 The Native Client Authors. All rights reserved. | 2 * Copyright (c) 2016 The Native Client Authors. All rights reserved. |
3 * Use of this source code is governed by a BSD-style license that can be | 3 * Use of this source code is governed by a BSD-style license that can be |
4 * found in the LICENSE file. | 4 * found in the LICENSE file. |
5 */ | 5 */ |
6 | 6 |
7 #include "native_client/src/trusted/service_runtime/sel_ldr_filename.h" | 7 #include "native_client/src/trusted/service_runtime/sel_ldr_filename.h" |
8 | 8 |
9 #include <errno.h> | 9 #include <errno.h> |
10 #include <string.h> | 10 #include <string.h> |
(...skipping 26 matching lines...) Expand all Loading... | |
37 return 0; | 37 return 0; |
38 return 1; | 38 return 1; |
39 } | 39 } |
40 | 40 |
41 #if !NACL_WINDOWS | 41 #if !NACL_WINDOWS |
42 /* | 42 /* |
43 * Given a |virtual_path| (a path supplied by the user with no knowledge of | 43 * Given a |virtual_path| (a path supplied by the user with no knowledge of |
44 * the mounted directory) transform it into an |absolute_path|, which is an | 44 * the mounted directory) transform it into an |absolute_path|, which is an |
45 * absolute path prefixed by the root mount directory. | 45 * absolute path prefixed by the root mount directory. |
46 * | 46 * |
47 * TODO(smklein): The virtual_path is assumed to be absolute. Change this. | |
48 * | |
49 * @param[in] virtual_path Virtual path supplied by user. | 47 * @param[in] virtual_path Virtual path supplied by user. |
50 * @param[out] absolute_path The absolute path referenced by the |virtual_path|. | 48 * @param[out] absolute_path The absolute path referenced by the |virtual_path|. |
51 * @param[in] absolute_path_size The size of the |absolute_path| buffer. | 49 * @param[in] absolute_path_size The size of the |absolute_path| buffer. |
52 * @return 0 on success, else a negated NaCl errno. | 50 * @return 0 on success, else a negated NaCl errno. |
53 */ | 51 */ |
54 static uint32_t VirtualToAbsolutePath(const char *virtual_path, | 52 static uint32_t VirtualToAbsolutePath(const char *virtual_path, |
55 char *absolute_path, | 53 char *absolute_path, |
56 size_t absolute_path_max_size) { | 54 size_t absolute_path_max_size) { |
55 size_t cwd_path_len; | |
57 size_t virtual_path_len = strlen(virtual_path); | 56 size_t virtual_path_len = strlen(virtual_path); |
58 /* Check that we have enough room to prepend the prefix (absolute case). */ | 57 absolute_path[0] = '\0'; /* Required to strcat from start of path. */ |
59 if (virtual_path_len + NaClRootDirLen + 1 > absolute_path_max_size) { | 58 if (virtual_path[0] == '/') { |
60 NaClLog(LOG_ERROR, "Pathname too long: %s\n", virtual_path); | 59 /* Absolute Path = Prefix + Absolute Virtual Path + '\0' */ |
61 return -NACL_ABI_ENAMETOOLONG; | 60 if (virtual_path_len + NaClRootDirLen + 1 > absolute_path_max_size) { |
61 NaClLog(LOG_ERROR, "Pathname too long: %s\n", virtual_path); | |
62 return -NACL_ABI_ENAMETOOLONG; | |
63 } | |
64 /* Prefix */ | |
65 strcat(absolute_path, NaClRootDir); | |
66 /* Prefix + Virtual Path */ | |
67 strcat(absolute_path, virtual_path); | |
68 } else { | |
69 /* Absolute Path = Cwd + '/' + Relative Virtual Path + '\0' */ | |
Mark Seaborn
2016/02/17 22:13:23
You don't actually need to do this concatenation.
Sean Klein
2016/02/17 22:42:39
Although I know it's technically not necessary now
Mark Seaborn
2016/02/18 19:32:02
So you plan to handle paths containing "..", but w
Sean Klein
2016/02/19 18:49:06
That is the short-term plan, yes.
| |
70 int retval = NaClHostDescGetcwd(absolute_path, absolute_path_max_size); | |
71 if (retval != 0) { | |
72 NaClLog(LOG_ERROR, "NaClHostDescGetcwd failed\n"); | |
73 return retval; | |
74 } | |
75 cwd_path_len = strlen(absolute_path); | |
76 /* | |
77 * The prefix cannot be mounted at the root, so we can safely assume that | |
78 * the Cwd consists of some path component after "/", such as "/foo". This | |
79 * means that before inserting the relative path, we must insert an | |
80 * additional "/" at the end of the Cwd. | |
81 */ | |
82 CHECK(NaClRootDirLen > 1); | |
83 CHECK(strncmp(absolute_path, NaClRootDir, NaClRootDirLen) == 0); | |
84 /* | |
85 * While verifying that the Cwd is inside a root (such as "/root"), ensure | |
86 * that the Cwd is not only matching the prefix of the root (such as | |
87 * "/root_but_not_really"). | |
88 */ | |
89 CHECK((absolute_path[NaClRootDirLen] == '/') || | |
90 (absolute_path[NaClRootDirLen] == '\0')); | |
91 if (cwd_path_len + 1 + virtual_path_len + 1 > absolute_path_max_size) { | |
92 NaClLog(LOG_ERROR, "Pathname too long: %s\n", virtual_path); | |
93 return -NACL_ABI_ENAMETOOLONG; | |
94 } | |
95 /* Cwd + '/' */ | |
96 strcat(absolute_path, "/"); | |
97 /* Cwd + '/' + Relative Path */ | |
98 strcat(absolute_path, virtual_path); | |
62 } | 99 } |
63 | 100 |
64 /* Prefix */ | |
65 memcpy(absolute_path, NaClRootDir, NaClRootDirLen); | |
66 /* Prefix + Virtual Path */ | |
67 memcpy(absolute_path + NaClRootDirLen, virtual_path, virtual_path_len); | |
68 /* Prefix + Virtual Path + Terminator */ | |
69 absolute_path[virtual_path_len + NaClRootDirLen] = '\0'; | |
70 | |
71 return 0; | 101 return 0; |
72 } | 102 } |
73 | 103 |
74 /* | 104 /* |
75 * Determine if |path| points to a symbolic link. | 105 * Determine if |path| points to a symbolic link. |
76 * | 106 * |
77 * @param[in] path Path of file to be checked. | 107 * @param[in] path Path of file to be checked. |
78 * @return Nonzero if path is symbolic link. | 108 * @return Nonzero if path is symbolic link. |
79 */ | 109 */ |
80 static int IsSymbolicLink(const char *path) { | 110 static int IsSymbolicLink(const char *path) { |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
127 * @param[in] dest_max_size The size of the buffer holding dest. | 157 * @param[in] dest_max_size The size of the buffer holding dest. |
128 * @return 0 on success, else a NaCl errno. | 158 * @return 0 on success, else a NaCl errno. |
129 */ | 159 */ |
130 static uint32_t CopyHostPathMounted(char *dest, size_t dest_max_size) { | 160 static uint32_t CopyHostPathMounted(char *dest, size_t dest_max_size) { |
131 uint32_t retval; | 161 uint32_t retval; |
132 char raw_path[NACL_CONFIG_PATH_MAX]; | 162 char raw_path[NACL_CONFIG_PATH_MAX]; |
133 | 163 |
134 if (dest_max_size <= 0 || dest[0] == '\0') { | 164 if (dest_max_size <= 0 || dest[0] == '\0') { |
135 NaClLog(LOG_ERROR, "Dest cannot be empty path\n"); | 165 NaClLog(LOG_ERROR, "Dest cannot be empty path\n"); |
136 return -NACL_ABI_ENOENT; | 166 return -NACL_ABI_ENOENT; |
137 } else if (dest[0] != '/') { | |
138 /* TODO(smklein): Allow usage of relative paths. */ | |
139 NaClLog(LOG_ERROR, "Pathname is not absolute: %s\n", dest); | |
140 return -NACL_ABI_EACCES; | |
141 } | 167 } |
142 | 168 |
143 CHECK(dest_max_size == NACL_CONFIG_PATH_MAX); | 169 CHECK(dest_max_size == NACL_CONFIG_PATH_MAX); |
144 CHECK(strlen(dest) < NACL_CONFIG_PATH_MAX); | 170 CHECK(strlen(dest) < NACL_CONFIG_PATH_MAX); |
145 strcpy(raw_path, dest); | 171 strcpy(raw_path, dest); |
146 | 172 |
147 /* Transform the user's raw path into an absolute path. */ | 173 /* |
174 * Transform the user's raw path into an absolute path. | |
175 * The path may be either absolute or relative here -- but it will | |
176 * be absolute once VirtualToAbsolutePath returns successfully. | |
177 */ | |
148 retval = VirtualToAbsolutePath(raw_path, dest, dest_max_size); | 178 retval = VirtualToAbsolutePath(raw_path, dest, dest_max_size); |
149 if (retval != 0) | 179 if (retval != 0) |
150 return retval; | 180 return retval; |
151 | 181 |
152 /* Verify that the path cannot escape root. */ | 182 /* Verify that the path cannot escape root. */ |
153 return ValidateAbsolutePath(dest); | 183 return ValidateAbsolutePath(dest); |
154 } | 184 } |
155 #endif /* !NACL_WINDOWS */ | 185 #endif /* !NACL_WINDOWS */ |
156 | 186 |
157 uint32_t CopyHostPathInFromUser(struct NaClApp *nap, | 187 uint32_t CopyHostPathInFromUser(struct NaClApp *nap, |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
218 return (uint32_t) -NACL_ABI_EFAULT; | 248 return (uint32_t) -NACL_ABI_EFAULT; |
219 return 0; | 249 return 0; |
220 } | 250 } |
221 | 251 |
222 /* Copy out everything after the root dir (including the slash). */ | 252 /* Copy out everything after the root dir (including the slash). */ |
223 if (!NaClCopyOutToUser(nap, dst_usr_addr, path + NaClRootDirLen, | 253 if (!NaClCopyOutToUser(nap, dst_usr_addr, path + NaClRootDirLen, |
224 path_len - NaClRootDirLen + 1)) | 254 path_len - NaClRootDirLen + 1)) |
225 return (uint32_t) -NACL_ABI_EFAULT; | 255 return (uint32_t) -NACL_ABI_EFAULT; |
226 return 0; | 256 return 0; |
227 } | 257 } |
OLD | NEW |