Limit core's ROM fs to current directory on Linux

This patch limits core's ROM file system to the current working directory on Linux by rejecting file names which contain forward slashes. Fixes #175.
2012-04-12 11:59:29 +02:00 · 2012-04-12 11:59:29 +02:00 · dd0ef3403f
parent d1cc263427
commit dd0ef3403f
1 changed files with 5 additions and 0 deletions
--- a/base-linux/src/core/rom_session_component.cc
+++ b/base-linux/src/core/rom_session_component.cc
@ -48,6 +48,11 @@ Rom_session_component::Rom_session_component(Rom_fs         *rom_fs,
 	char fname_buf[Linux_dataspace::FNAME_LEN];
 	Arg_string::find_arg(args, "filename").string(fname_buf, sizeof(fname_buf), "");

+	/* only files inside the current working directory are allowed */
+	for (const char *c = fname_buf; *c; c++)
+		if (*c == '/')
+			throw Root::Invalid_args();
+
 	Genode::size_t fsize = file_size(fname_buf);

 	/* use invalid capability as default value */