VirtualBox

Changeset 66842 in vbox for trunk/src/VBox


Ignore:
Timestamp:
May 8, 2017 9:03:57 PM (8 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
115296
Message:

Support/Hardening: Use realpath() to get absolute paths upon encountering the first symlinks

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp

    r66632 r66842  
    8686/** The max path length acceptable for a trusted path. */
    8787#define SUPR3HARDENED_MAX_PATH      260U
     88
     89/** Enable to resolve symlinks using realpath() instead of cooking our own stuff. */
     90#define SUP_HARDENED_VERIFY_FOLLOW_SYMLINKS_USE_REALPATH 1
    8891
    8992#ifdef RT_OS_SOLARIS
     
    10921095
    10931096
    1094 #if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
     1097#ifndef SUP_HARDENED_VERIFY_FOLLOW_SYMLINKS_USE_REALPATH
     1098# if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
    10951099/**
    10961100 * Copies the error message to the error buffer and returns @a rc.
     
    11051109    return supR3HardenedSetErrorN(rc, pErrInfo, 1, pszMsg);
    11061110}
     1111# endif
    11071112#endif
    11081113
     
    18941899     * Verify each component from the root up.
    18951900     */
     1901#ifndef SUP_HARDENED_VERIFY_FOLLOW_SYMLINKS_USE_REALPATH
    18961902    uint32_t                iLoops = 0;
     1903#endif
    18971904    SUPR3HARDENEDFSOBJSTATE FsObjState;
    18981905    uint32_t                iComponent = 0;
     
    19161923                && S_ISLNK(FsObjState.Stat.st_mode))
    19171924            {
     1925#if SUP_HARDENED_VERIFY_FOLLOW_SYMLINKS_USE_REALPATH /* Another approach using realpath() and verifying the result when encountering a symlink. */
     1926                char *pszFilenameResolved = realpath(pszFilename, NULL);
     1927                if (pszFilenameResolved)
     1928                {
     1929                    rc = supR3HardenedVerifyFile(pszFilenameResolved, hNativeFile, fMaybe3rdParty, pErrInfo);
     1930                    free(pszFilenameResolved);
     1931                    return rc;
     1932                }
     1933                else
     1934                {
     1935                    int iErr = errno;
     1936                    supR3HardenedError(VERR_ACCESS_DENIED, false /*fFatal*/,
     1937                                       "supR3HardenedVerifyFileFollowSymlinks: Failed to resolve the real path '%s': %s (%d)\n",
     1938                                       pszFilename, strerror(iErr), iErr);
     1939                    return supR3HardenedSetError4(VERR_ACCESS_DENIED, pErrInfo,
     1940                                                  "realpath failed for '", pszFilename, "': ", strerror(iErr));
     1941                }
     1942#else
    19181943                /* Don't loop forever. */
    19191944                iLoops++;
     
    19902015                    return supR3HardenedSetError3(VERR_TOO_MANY_SYMLINKS, pErrInfo,
    19912016                                                  "Too many symbolic links: '", pszFilename, "'");
     2017#endif
    19922018            }
    19932019        }
Note: See TracChangeset for help on using the changeset viewer.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette