From dd0ef3403fa3b4c7e6f5a3e2959bef2333334160 Mon Sep 17 00:00:00 2001
From: Christian Prochaska <christian.prochaska@genode-labs.com>
Date: Thu, 12 Apr 2012 11:59:29 +0200
Subject: [PATCH] Limit core's ROM fs to current directory on Linux

This patch limits core's ROM file system to the current working directory
on Linux by rejecting file names which contain forward slashes.

Fixes #175.
---
 base-linux/src/core/rom_session_component.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/base-linux/src/core/rom_session_component.cc b/base-linux/src/core/rom_session_component.cc
index 97b7c84f7..4a864470c 100644
--- a/base-linux/src/core/rom_session_component.cc
+++ b/base-linux/src/core/rom_session_component.cc
@@ -48,6 +48,11 @@ Rom_session_component::Rom_session_component(Rom_fs         *rom_fs,
 	char fname_buf[Linux_dataspace::FNAME_LEN];
 	Arg_string::find_arg(args, "filename").string(fname_buf, sizeof(fname_buf), "");
 
+	/* only files inside the current working directory are allowed */
+	for (const char *c = fname_buf; *c; c++)
+		if (*c == '/')
+			throw Root::Invalid_args();
+
 	Genode::size_t fsize = file_size(fname_buf);
 
 	/* use invalid capability as default value */