ExternalVendorCode/genode
1
0
Fork 0
mirror of https://github.com/genodelabs/genode.git synced 2025-01-29 15:44:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Limit core's ROM fs to current directory on Linux

Browse Source 
This patch limits core's ROM file system to the current working directory
on Linux by rejecting file names which contain forward slashes.

Fixes #175.
This commit is contained in:
Christian Prochaska 2012-04-12 11:59:29 +02:00 committed by Norman Feske
parent d1cc263427
commit dd0ef3403f
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
base-linux/src/core/rom_session_component.cc
View File

@ -48,6 +48,11 @@ Rom_session_component::Rom_session_component(Rom_fs *rom_fs,
char fname_buf[Linux_dataspace::FNAME_LEN];
Arg_string::find_arg(args, "filename").string(fname_buf, sizeof(fname_buf), "");
/* only files inside the current working directory are allowed */
for (const char *c = fname_buf; *c; c++)
if (*c == '/')
throw Root::Invalid_args();
Genode::size_t fsize = file_size(fname_buf);
/* use invalid capability as default value */