fly/flightgear
1
0
Fork 0
Code Activity

Nasal security: make directory() use fgValidatePath

Browse source 
Being able to list arbitrary directories is a privacy violation;
existing in-fgdata uses of this are all permitted paths
(i.e. not Terrasync; FileSelector doesn't use it)
This commit is contained in:
Rebecca N. Palmer 2016-02-06 21:26:05 +00:00
parent c72309360e
commit 74356e84f7
1 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/Scripting/NasalSys.cxx
View file

@ -575,7 +575,18 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args)
if(argc != 1 || !naIsString(args[0]))
naRuntimeError(c, "bad arguments to directory()");
simgear::Dir d(SGPath(naStr_data(args[0])));
std::string dirname = fgValidatePath(naStr_data(args[0]), false);
if(dirname.empty()) {
SG_LOG(SG_NASAL, SG_ALERT, "directory(): listing '" <<
naStr_data(args[0]) << "' denied (unauthorized directory - authorization"
" no longer follows symlinks; to authorize reading additional "
"directories, add them to --fg-aircraft)");
naRuntimeError(c, "directory(): access denied (unauthorized directory)");
return naNil();
}
SGPath d0(dirname);
simgear::Dir d(d0);
if(!d.exists()) return naNil();
naRef result = naNewVector(c);