fly/flightgear
1
0
Fork 0
Code Activity

Nasal: move IOrules check to better place and exit on failure.

Browse source
This commit is contained in:
Thomas Geymayer 2014-09-19 18:21:42 +02:00
parent bb38e59ba2
commit 0b9e72eb87
3 changed files with 62 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
src/Main/fg_init.cxx
View file

@ -882,29 +882,6 @@ void fgPostInitSubsystems()
nasal->init(); nasal->init();
SG_LOG(SG_GENERAL, SG_INFO, "Nasal init took:" << st.elapsedMSec()); SG_LOG(SG_GENERAL, SG_INFO, "Nasal init took:" << st.elapsedMSec());
// Ensure IOrules and path validation are working properly by trying to
// access a folder/file which should never be accessible.
const char* no_access_path =
#ifdef _WIN32
"Z:"
#endif
"/do-not-access";
if( fgValidatePath(no_access_path, true) )
SG_LOG
(
SG_GENERAL,
SG_ALERT,
"Check your IOrules! (write to '" << no_access_path << "' is allowed)"
);
if( fgValidatePath(no_access_path, false) )
SG_LOG
(
SG_GENERAL,
SG_ALERT,
"Check your IOrules! (read from '" << no_access_path << "' is allowed)"
);
// initialize methods that depend on other subsystems. // initialize methods that depend on other subsystems.
st.stamp(); st.stamp();
globals->get_subsystem_mgr()->postinit(); globals->get_subsystem_mgr()->postinit();

47
src/Scripting/NasalSys.cxx
View file

@ -855,6 +855,12 @@ void FGNasalSys::init()
signal->setBoolValue(s, true); signal->setBoolValue(s, true);
signal->removeChildren(s); signal->removeChildren(s);
if( !checkIOrules() )
{
SG_LOG(SG_NASAL, SG_ALERT, "Required IOrules check failed.");
exit(-1);
}
// Pull scripts out of the property tree, too // Pull scripts out of the property tree, too
loadPropertyScripts(); loadPropertyScripts();
@ -1284,6 +1290,47 @@ void FGNasalSys::gcRelease(int key)
naGCRelease(key); naGCRelease(key);
} }
//------------------------------------------------------------------------------
bool FGNasalSys::checkIOrules()
{
// Ensure IOrules and path validation are working properly by trying to
// access a folder/file which should never be accessible.
const char* no_access_path =
#ifdef _WIN32
"Z:"
#endif
"/do-not-access";
bool success = true;
// write access
if( fgValidatePath(no_access_path, true) )
{
success = false;
SG_LOG
(
SG_GENERAL,
SG_ALERT,
"Check your IOrules! (write to '" << no_access_path << "' is allowed)"
);
}
// read access
if( fgValidatePath(no_access_path, false) )
{
success = false;
SG_LOG
(
SG_GENERAL,
SG_ALERT,
"Check your IOrules! (read from '" << no_access_path << "' is allowed)"
);
}
return success;
}
//------------------------------------------------------------------------------
void FGNasalSys::NasalTimer::timerExpired() void FGNasalSys::NasalTimer::timerExpired()
{ {
nasal->handleTimer(this); nasal->handleTimer(this);

14
src/Scripting/NasalSys.hxx
View file

@ -129,6 +129,20 @@ public:
int gcSave(naRef r); int gcSave(naRef r);
void gcRelease(int key); void gcRelease(int key);
/**
* Check if IOrules correctly work to limit access from Nasal scripts to the
* file system.
*
* @note Just a simple test is performed to check if access to a path is
* possible which should never be possible (The actual path refers to
* a file/folder named 'do-not-access' in the file system root).
*
* @see http://wiki.flightgear.org/IOrules
*
* @return Whether the check was successful.
*/
bool checkIOrules();
/// retrive the associated log object, for displaying log /// retrive the associated log object, for displaying log
/// output somewhere (a UI, presumably) /// output somewhere (a UI, presumably)
simgear::BufferedLogCallback* log() const simgear::BufferedLogCallback* log() const