aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2017-09-25 20:42:03 +0200
committerMichał Górny <mgorny@gentoo.org>2017-10-03 18:38:51 +0200
commit9ed52ff7daa39cdf4748f5b9c91358f421c8be7a (patch)
tree1146540a4d23f6d0937043ae180b97df39514a12 /libsandbox/libsandbox.c
parentRemove no-longer-necessary symlink hack in ACL (diff)
downloadsandbox-9ed52ff7daa39cdf4748f5b9c91358f421c8be7a.tar.gz
sandbox-9ed52ff7daa39cdf4748f5b9c91358f421c8be7a.tar.bz2
sandbox-9ed52ff7daa39cdf4748f5b9c91358f421c8be7a.zip
libsandbox: Fix path matching not to dumbly match prefixes
Fix the path matching code to match prefixes component-wide rather than literally. This means that a path such as '/foo' will no longer match '/foobar' but only '/foo' and its subdirectories (if it is a directory).
Diffstat (limited to 'libsandbox/libsandbox.c')
-rw-r--r--libsandbox/libsandbox.c22
1 files changed, 19 insertions, 3 deletions
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index e164dcf..962690e 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -632,9 +632,25 @@ static int check_prefixes(char **prefixes, int num_prefixes, const char *path)
return 0;
size_t i;
- for (i = 0; i < num_prefixes; ++i)
- if (prefixes[i] && !strncmp(path, prefixes[i], strlen(prefixes[i])))
- return 1;
+ for (i = 0; i < num_prefixes; ++i) {
+ if (unlikely(!prefixes[i]))
+ continue;
+
+ size_t prefix_len = strlen(prefixes[i]);
+ /* Start with a regular prefix match for speed */
+ if (strncmp(path, prefixes[i], prefix_len))
+ continue;
+
+ /* Now, if prefix did not end with a slash, we need to make sure
+ * we are not matching in the middle of a filename. So check
+ * whether the match is followed by a slash, or NUL.
+ */
+ if (prefixes[i][prefix_len-1] != '/'
+ && path[prefix_len] != '/' && path[prefix_len] != '\0')
+ continue;
+
+ return 1;
+ }
return 0;
}