Commit e822de15 authored by Mike Hibler's avatar Mike Hibler

Realpath strikes again.

Perl realpath returns undef or '' (take your pick) if the path does not
exist, rendering it pretty much useless for our check. So we run realpath
on the directory part of the path (which should exist) and then do some
other paranoid checks on the filename part (no funky chars, cannot be a
symlink).
parent 8032bf4e
......@@ -682,19 +682,38 @@ if ($srcsigfile && ($srcsigfile =~ /^$TB/)) {
# image is created on the nodes, and it NFS mounts directories on ops.
# Writing the image to anyplace else is just going to break things.
#
# Use realpath to validate the path. The still use the original path
# for passing to the client-side since boss and the client may not have
# the same real path for a file.
# Use realpath on the directory part of the path to validate. If we ran
# realpath on the filename, it would return null since $filename (a temp
# file) won't exist. Note that we can use dirname/basename here since
# $filename is well formed (both dir and file components).
#
# We still use the original path for passing to the client-side since
# boss and the client may not have the same real path for a file.
#
my $ofilename = $filename;
my $translated = realpath($filename);
if ($translated =~ /^([-\w\.\/\+:]+)$/) {
my $tdir = dirname($filename);
my $translated = realpath($tdir);
if ($translated && $translated =~ /^([-\w\.\/\+:]+)$/) {
my $tfile = basename($filename);
$filename = $1;
# XXX check the last component
if ($tfile =~ /^([-\w\.\+:]+)$/) {
$filename = "$filename/$1";
} else {
fatal("Bad characters in image filename");
}
}
else {
fatal("Bad data returned by realpath: $translated");
if ($translated) {
fatal("Bad characters in image pathname");
}
fatal("Image directory does not exist");
}
# Make sure the result (really the final component) is not a symlink or dir
if (-l $filename) {
fatal("$filename is a symlink! Must be a plain file.");
}
# Make sure not a directory.
if (-d $filename) {
fatal("$filename is a directory! Must be a plain file.");
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment