[OE-core] [PATCH v1] wic: Add --exclude-path option to rootfs source plugin.
Ed Bartosh
ed.bartosh at linux.intel.com
Mon Nov 28 10:46:24 UTC 2016
On Mon, Nov 28, 2016 at 08:07:05AM +0100, Kristian Amlie wrote:
> On 25/11/16 17:33, Ed Bartosh wrote:
> > On Fri, Nov 25, 2016 at 01:35:53PM +0100, Kristian Amlie wrote:
> >> On 25/11/16 13:28, Maciej Borzęcki wrote:
> >>> On Fri, Nov 25, 2016 at 11:15 AM, Kristian Amlie
> >>>> + # Disallow '..', because doing so could be quite disastrous
> >>>> + # (we will delete the directory).
> >>>> + remaining = path
> >>>> + while True:
> >>>> + (head, tail) = os.path.split(remaining)
> >>>> + if tail == '..':
> >>>> + msger.error("'..' not allowed: --exclude-path=%s" % orig_path)
> >>>> + elif head == "":
> >>>> + break
> >>>> + remaining = head
> >>>
> >>> Why not do this instead?
> >>>
> >>> if '..' in path:
> >>> msger.error("'..' not allowed: --exclude-path=%s" % orig_path)
> >>>
> > would "'/..' in path" or something similar work?
>
> '/..my-file' is a valid file name, so no, it wouldn't work. I realize
> that this would be uncommon, and it makes the check more complex, so I'm
> ok with making it simpler if you want me to, but we have to trade
> simplicity for correctness in that case.
>
OK, makes sense.
Would something like this work for you?
> mkdir -p /tmp/rootfs/bla/bla/bla/bla
> python -c "import os;print os.path.realpath('/tmp/rootfs/bla/../bla/../bla/../bla/../').startswith('/tmp/rootfs/')"
False
> python -c "import os;print os.path.realpath('/tmp/rootfs/bla/../bla/../bla/bla/../').startswith('/tmp/rootfs/')"
True
--
Regards,
Ed
More information about the Openembedded-core
mailing list