From 446cf2eb0597f8a118870f64a633c7383582f01c Mon Sep 17 00:00:00 2001 From: Erik Hofman Date: Mon, 23 Jan 2023 11:52:17 +0100 Subject: [PATCH] Run the SQLite path through the path validation mechanism --- src/Main/CMakeLists.txt | 2 +- src/Scripting/CMakeLists.txt | 2 +- src/Scripting/{sqlitelib.c => sqlitelib.cxx} | 47 +++++++++++++++----- 3 files changed, 38 insertions(+), 13 deletions(-) rename src/Scripting/{sqlitelib.c => sqlitelib.cxx} (81%) diff --git a/src/Main/CMakeLists.txt b/src/Main/CMakeLists.txt index 40e715e74..0c24c8bcd 100644 --- a/src/Main/CMakeLists.txt +++ b/src/Main/CMakeLists.txt @@ -110,7 +110,7 @@ endif() add_executable(nasal nasal-bin.cxx - ${CMAKE_SOURCE_DIR}/src/Scripting/sqlitelib.c + ${CMAKE_SOURCE_DIR}/src/Scripting/sqlitelib.cxx ) setup_fgfs_libraries(nasal) install(TARGETS nasal RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}) diff --git a/src/Scripting/CMakeLists.txt b/src/Scripting/CMakeLists.txt index bd2b15808..b62bfcb7b 100644 --- a/src/Scripting/CMakeLists.txt +++ b/src/Scripting/CMakeLists.txt @@ -14,7 +14,7 @@ set(SOURCES NasalModelData.cxx NasalSGPath.cxx NasalFlightPlan.cxx - sqlitelib.c + sqlitelib.cxx # we don't add this here becuase we need to exclude it the testSuite # so it can't go nto fgfsObjects library # NasalUnitTesting.cxx diff --git a/src/Scripting/sqlitelib.c b/src/Scripting/sqlitelib.cxx similarity index 81% rename from src/Scripting/sqlitelib.c rename to src/Scripting/sqlitelib.cxx index 3afd7a5b2..c2faa7d3f 100644 --- a/src/Scripting/sqlitelib.c +++ b/src/Scripting/sqlitelib.cxx @@ -1,7 +1,13 @@ -#include -#include +#include +#include #include + +#include + #include +#include +#include +#include // Ghost types struct DBGhost { sqlite3* db; }; @@ -32,8 +38,27 @@ static naRef f_open(naContext c, naRef me, int argc, naRef* args) struct DBGhost* g; if(argc < 1 || !naIsString(args[0])) naRuntimeError(c, "Bad/missing argument to sqlite.open"); - g = malloc(sizeof(struct DBGhost)); - if(sqlite3_open(naStr_data(args[0]), &g->db)) { + g = (DBGhost*)malloc(sizeof(struct DBGhost)); + + const auto path = SGPath::fromUtf8(naStr_data(args[0])); + if (!path.exists()) { + return naNil(); + } + + const SGPath filename = SGPath(path).validate(false); + if (filename.isNull()) { + SG_LOG(SG_NASAL, SG_ALERT, "stat(): reading '" << + naStr_data(args[0]) << "' denied (unauthorized directory - authorization" + " no longer follows symlinks; to authorize reading additional " + "directories, pass them to --allow-nasal-read)"); + naRuntimeError(c, "stat(): access denied (unauthorized directory)"); + return naNil(); + } + + int openFlags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE; + std::string pathUtf8 = path.utf8Str(); + if(sqlite3_open_v2(pathUtf8.c_str(), &g->db, openFlags, NULL)) + { const char* msg = sqlite3_errmsg(g->db); sqlite3_close(g->db); free(g); @@ -61,7 +86,7 @@ static naRef f_prepare(naContext c, naRef me, int argc, naRef* args) struct DBGhost* dbg = DBG(db); if(!naIsString(s) || !dbg) naRuntimeError(c, "bad/missing argument to sqlite.prepare"); - g = malloc(sizeof(struct StmtGhost)); + g = (StmtGhost*)malloc(sizeof(struct StmtGhost)); if(sqlite3_prepare(dbg->db, naStr_data(s), naStr_len(s), &g->stmt, &tail)) { const char* msg = sqlite3_errmsg(dbg->db); @@ -86,7 +111,7 @@ static naRef run_query(naContext c, sqlite3* db, sqlite3_stmt* stmt, naRuntimeError(c, "sqlite step error: %s", sqlite3_errmsg(db)); if(!fields) { cols = sqlite3_column_count(stmt); - fields = malloc(cols * sizeof(naRef)); + fields = (naRef*)malloc(cols * sizeof(naRef)); for(i=0; i