[PATCH openbmc 14/16] initfs: update: Sanitize whitelist directory entries
OpenBMC Patches
openbmc-patches at stwcx.xyz
Fri Jul 1 09:50:31 AEST 2016
From: Milton Miller <miltonm at us.ibm.com>
Repeatedly strip trailing "/" and "/." from whitelist entries
and fail if an entry includes "/../", ends with "/..", or doesn't
start with a "/". Also use the entries quoted to avoid any glob.
It was noticed the save code was saving directories that ended
in "/" into a subdirectory of the last component name. This was
traced the the code creating the directory just stripping the last
"/" and then copying to the directory.
Choose to sanitize the entry where possible for ease of use verses
a small performance penalty.
Signed-off-by: Milton Miller <miltonm at us.ibm.com>
---
.../obmc-phosphor-initfs/files/obmc-update.sh | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/meta-phosphor/common/recipes-phosphor/obmc-phosphor-initfs/files/obmc-update.sh b/meta-phosphor/common/recipes-phosphor/obmc-phosphor-initfs/files/obmc-update.sh
index 97d4402..f0c41a7 100755
--- a/meta-phosphor/common/recipes-phosphor/obmc-phosphor-initfs/files/obmc-update.sh
+++ b/meta-phosphor/common/recipes-phosphor/obmc-phosphor-initfs/files/obmc-update.sh
@@ -173,13 +173,24 @@ then
while read f
do
- if ! test -e $upper/$f
+ # Entries shall start with /, no trailing /.. or embedded /../
+ if test "/${f#/}" != "$f" -o "${f%/..}" != "${f#*/../}"
+ then
+ echo 1>&2 "WARNING: Skipping bad whitelist entry $f."
+ continue
+ fi
+ if ! test -e "$upper/$f"
then
continue
fi
d="$save/$f"
+ while test "${d%/}" != "${d%/.}"
+ do
+ d="${d%/.}"
+ d="${d%/}"
+ done
mkdir -p "${d%/*}"
- cp -rp $upper/$f "${d%/*}/"
+ cp -rp "$upper/$f" "${d%/*}/"
done < $whitelist
if test -n "$mounted"
--
2.9.0
More information about the openbmc
mailing list