Mercurial > hg > dhcpcd

changeset 5267:95976721c27d draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
privsep: Avoid the /proc/../ escape
author Roy Marples <roy@marples.name>
date Sun, 24 May 2020 14:49:41 +0100
parents 9ea5c678d8a6
children a96dc3692fce
files src/privsep-root.c
diffstat 1 files changed, 5 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/privsep-root.c	Sun May 24 14:32:15 2020 +0100
+++ b/src/privsep-root.c	Sun May 24 14:49:41 2020 +0100
@@ -288,6 +288,11 @@
 ps_root_validpath(const struct dhcpcd_ctx *ctx, uint16_t cmd, const char *path)
 {
 
+	/* Avoid a previous directory attack to avoid /proc/../
+	 * dhcpcd should never use a path with double dots. */
+	if (strstr(path, "..") != NULL)
+		return false;
+
 	if (cmd == PS_READFILE) {
 		if (strcmp(ctx->cffile, path) == 0)
 			return true;