diff options
| author | Casper Beyer <caspervonb@pm.me> | 2020-10-24 22:04:59 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-10-24 16:04:59 +0200 |
| commit | 2a83b223857722ffe63aeaa35b44aec8659a910d (patch) | |
| tree | 6b1a3d9981350f57082e8b0784dd2cc2fbd63c96 /std/wasi/snapshot_preview1.ts | |
| parent | 35f184cdcca806bda72f65b73c774c53db132a3b (diff) | |
fix(std/wasi): disallow path_open outside of pre-opened dirfd (#8078)
Diffstat (limited to 'std/wasi/snapshot_preview1.ts')
| -rw-r--r-- | std/wasi/snapshot_preview1.ts | 36 |
1 files changed, 31 insertions, 5 deletions
diff --git a/std/wasi/snapshot_preview1.ts b/std/wasi/snapshot_preview1.ts index dc2648efc..c8246b280 100644 --- a/std/wasi/snapshot_preview1.ts +++ b/std/wasi/snapshot_preview1.ts @@ -1,6 +1,6 @@ // Copyright 2018-2020 the Deno authors. All rights reserved. MIT license. -import { resolve } from "../path/mod.ts"; +import { relative, resolve } from "../path/mod.ts"; const CLOCKID_REALTIME = 0; const CLOCKID_MONOTONIC = 1; @@ -83,7 +83,7 @@ const _ERRNO_STALE = 72; const ERRNO_TIMEDOUT = 73; const _ERRNO_TXTBSY = 74; const _ERRNO_XDEV = 75; -const _ERRNO_NOTCAPABLE = 76; +const ERRNO_NOTCAPABLE = 76; const RIGHTS_FD_DATASYNC = 0x0000000000000001n; const RIGHTS_FD_READ = 0x0000000000000002n; @@ -1201,9 +1201,35 @@ export default class Context { return ERRNO_INVAL; } - const text = new TextDecoder(); - const data = new Uint8Array(this.memory.buffer, pathOffset, pathLength); - const path = resolve(entry.path!, text.decode(data)); + const textDecoder = new TextDecoder(); + const pathData = new Uint8Array( + this.memory.buffer, + pathOffset, + pathLength, + ); + const resolvedPath = resolve(entry.path!, textDecoder.decode(pathData)); + + if (relative(entry.path, resolvedPath).startsWith("..")) { + return ERRNO_NOTCAPABLE; + } + + let path; + if ( + (dirflags & LOOKUPFLAGS_SYMLINK_FOLLOW) == LOOKUPFLAGS_SYMLINK_FOLLOW + ) { + try { + path = Deno.realPathSync(resolvedPath); + + console.log("RESOLVED REAL PATH: %s", path); + if (relative(entry.path, path).startsWith("..")) { + return ERRNO_NOTCAPABLE; + } + } catch (_err) { + path = resolvedPath; + } + } else { + path = resolvedPath; + } if ((oflags & OFLAGS_DIRECTORY) !== 0) { // XXX (caspervonb) this isn't ideal as we can't get a rid for the |