Normalize the allowed paths as well (fix Windows breakage)
This commit is contained in:
Rebecca N. Palmer
parent
817297699f
commit
196c667266
1 changed files with 62 additions and 61 deletions
|
|
@ -72,67 +72,6 @@ fgGetLowPass (double current, double target, double timeratio)
|
||||||
return current;
|
return current;
|
||||||
}
|
}
|
||||||
|
|
||||||
static string_list read_allowed_paths;
|
|
||||||
static string_list write_allowed_paths;
|
|
||||||
|
|
||||||
// Allowed paths here are absolute, and may contain _one_ *,
|
|
||||||
// which matches any string
|
|
||||||
// FG_SCENERY is deliberately not allowed, as it would make
|
|
||||||
// /sim/terrasync/scenery-dir a security hole
|
|
||||||
void fgInitAllowedPaths()
|
|
||||||
{
|
|
||||||
read_allowed_paths.clear();
|
|
||||||
write_allowed_paths.clear();
|
|
||||||
read_allowed_paths.push_back(globals->get_fg_root() + "/*");
|
|
||||||
read_allowed_paths.push_back(globals->get_fg_home() + "/*");
|
|
||||||
string_list const aircraft_paths = globals->get_aircraft_paths();
|
|
||||||
for( string_list::const_iterator it = aircraft_paths.begin();
|
|
||||||
it != aircraft_paths.end();
|
|
||||||
++it )
|
|
||||||
{
|
|
||||||
read_allowed_paths.push_back(*it + "/*");
|
|
||||||
}
|
|
||||||
|
|
||||||
for( string_list::const_iterator it = read_allowed_paths.begin();
|
|
||||||
it != read_allowed_paths.end();
|
|
||||||
++it )
|
|
||||||
{ // if we get the initialization order wrong, better to have an
|
|
||||||
// obvious error than a can-read-everything security hole...
|
|
||||||
if (!(it->compare("/*"))){
|
|
||||||
flightgear::fatalMessageBox("Nasal initialization error",
|
|
||||||
"Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT",
|
|
||||||
"or fgInitAllowedPaths() called too early");
|
|
||||||
exit(-1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
write_allowed_paths.push_back("/tmp/*.xml");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/*.sav");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/*.log");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/cache/*");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/Export/*");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/state/*.xml");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/aircraft-data/*.xml");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/Wildfire/*.xml");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/runtime-jetways/*.xml");
|
|
||||||
write_allowed_paths.push_back(globals->get_fg_home() + "/Input/Joysticks/*.xml");
|
|
||||||
|
|
||||||
// Check that it works
|
|
||||||
if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() ||
|
|
||||||
!fgValidatePath(globals->get_fg_home() + "/no.lot",true).empty() ||
|
|
||||||
!fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() ||
|
|
||||||
!fgValidatePath(globals->get_fg_home() + "no.log",true).empty() ||
|
|
||||||
!fgValidatePath("..\\" + globals->get_fg_home() + "/no.log",false).empty() ||
|
|
||||||
!fgValidatePath(std::string("/tmp/no.xml"),false).empty() ||
|
|
||||||
fgValidatePath(globals->get_fg_home() + "/./ff/../Export\\yes..gg",true).empty() ||
|
|
||||||
fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() ||
|
|
||||||
fgValidatePath(globals->get_fg_root() + "/./\\yes.bmp",false).empty()) {
|
|
||||||
flightgear::fatalMessageBox("Nasal initialization error",
|
|
||||||
"fgInitAllowedPaths() does not work",
|
|
||||||
"");
|
|
||||||
exit(-1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Normalize a path
|
// Normalize a path
|
||||||
// Unlike SGPath::realpath, does not require that the file already exists,
|
// Unlike SGPath::realpath, does not require that the file already exists,
|
||||||
// but does require that it be below the starting point
|
// but does require that it be below the starting point
|
||||||
|
|
@ -166,6 +105,68 @@ static std::string fgNormalizePath (const std::string& path)
|
||||||
return normed_path;
|
return normed_path;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static string_list read_allowed_paths;
|
||||||
|
static string_list write_allowed_paths;
|
||||||
|
|
||||||
|
// Allowed paths here are absolute, and may contain _one_ *,
|
||||||
|
// which matches any string
|
||||||
|
// FG_SCENERY is deliberately not allowed, as it would make
|
||||||
|
// /sim/terrasync/scenery-dir a security hole
|
||||||
|
void fgInitAllowedPaths()
|
||||||
|
{
|
||||||
|
read_allowed_paths.clear();
|
||||||
|
write_allowed_paths.clear();
|
||||||
|
std::string fg_root = fgNormalizePath(globals->get_fg_root());
|
||||||
|
std::string fg_home = fgNormalizePath(globals->get_fg_home());
|
||||||
|
read_allowed_paths.push_back(fg_root + "/*");
|
||||||
|
read_allowed_paths.push_back(fg_home + "/*");
|
||||||
|
string_list const aircraft_paths = globals->get_aircraft_paths();
|
||||||
|
for( string_list::const_iterator it = aircraft_paths.begin();
|
||||||
|
it != aircraft_paths.end();
|
||||||
|
++it )
|
||||||
|
{
|
||||||
|
read_allowed_paths.push_back(fgNormalizePath(*it) + "/*");
|
||||||
|
}
|
||||||
|
|
||||||
|
for( string_list::const_iterator it = read_allowed_paths.begin();
|
||||||
|
it != read_allowed_paths.end();
|
||||||
|
++it )
|
||||||
|
{ // if we get the initialization order wrong, better to have an
|
||||||
|
// obvious error than a can-read-everything security hole...
|
||||||
|
if (!(it->compare("/*"))){
|
||||||
|
flightgear::fatalMessageBox("Nasal initialization error",
|
||||||
|
"Empty string in FG_ROOT, FG_HOME or FG_AIRCRAFT",
|
||||||
|
"or fgInitAllowedPaths() called too early");
|
||||||
|
exit(-1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
write_allowed_paths.push_back("/tmp/*.xml");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/*.sav");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/*.log");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/cache/*");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/Export/*");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/state/*.xml");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/aircraft-data/*.xml");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/Wildfire/*.xml");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/runtime-jetways/*.xml");
|
||||||
|
write_allowed_paths.push_back(fg_home + "/Input/Joysticks/*.xml");
|
||||||
|
|
||||||
|
// Check that it works
|
||||||
|
if(!fgValidatePath(globals->get_fg_home() + "/../no.log",true).empty() ||
|
||||||
|
!fgValidatePath(globals->get_fg_home() + "/no.lot",true).empty() ||
|
||||||
|
!fgValidatePath(globals->get_fg_home() + "/nolog",true).empty() ||
|
||||||
|
!fgValidatePath(globals->get_fg_home() + "no.log",true).empty() ||
|
||||||
|
!fgValidatePath("..\\" + globals->get_fg_home() + "/no.log",false).empty() ||
|
||||||
|
!fgValidatePath(std::string("/tmp/no.xml"),false).empty() ||
|
||||||
|
fgValidatePath(globals->get_fg_home() + "/./ff/../Export\\yes..gg",true).empty() ||
|
||||||
|
fgValidatePath(globals->get_fg_home() + "/aircraft-data/yes..xml",true).empty() ||
|
||||||
|
fgValidatePath(globals->get_fg_root() + "/./\\yes.bmp",false).empty()) {
|
||||||
|
flightgear::fatalMessageBox("Nasal initialization error",
|
||||||
|
"fgInitAllowedPaths() does not work",
|
||||||
|
"");
|
||||||
|
exit(-1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Check whether Nasal is allowed to access a path
|
// Check whether Nasal is allowed to access a path
|
||||||
std::string fgValidatePath (const std::string& path, bool write)
|
std::string fgValidatePath (const std::string& path, bool write)
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue