mirror of
https://github.com/ethereum/solidity
synced 2023-10-03 13:03:40 +00:00
Do not whitelist any paths if remapping target is empty
This commit is contained in:
parent
8a8471d9cc
commit
c0b8378782
@ -356,14 +356,17 @@ bool CommandLineParser::parseInputPathsAndRemappings()
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the target is a directory, whitelist it. Otherwise whitelist containing dir.
|
if (!remapping->target.empty())
|
||||||
// NOTE: /a/b/c/ is a directory while /a/b/c is not.
|
{
|
||||||
boost::filesystem::path remappingDir = remapping->target;
|
// If the target is a directory, whitelist it. Otherwise whitelist containing dir.
|
||||||
if (remappingDir.filename() != "..")
|
// NOTE: /a/b/c/ is a directory while /a/b/c is not.
|
||||||
// As an exception we'll treat /a/b/c/.. as a directory too. It would be
|
boost::filesystem::path remappingDir = remapping->target;
|
||||||
// unintuitive to whitelist /a/b/c when the target is equivalent to /a/b/.
|
if (remappingDir.filename() != "..")
|
||||||
remappingDir.remove_filename();
|
// As an exception we'll treat /a/b/c/.. as a directory too. It would be
|
||||||
m_options.input.allowedDirectories.insert(remappingDir.empty() ? "." : remappingDir);
|
// unintuitive to whitelist /a/b/c when the target is equivalent to /a/b/.
|
||||||
|
remappingDir.remove_filename();
|
||||||
|
m_options.input.allowedDirectories.insert(remappingDir.empty() ? "." : remappingDir);
|
||||||
|
}
|
||||||
|
|
||||||
m_options.input.remappings.emplace_back(move(remapping.value()));
|
m_options.input.remappings.emplace_back(move(remapping.value()));
|
||||||
}
|
}
|
||||||
|
@ -418,7 +418,7 @@ BOOST_FIXTURE_TEST_CASE(allow_path_automatic_whitelisting_remappings, AllowPaths
|
|||||||
// Adding a remapping with an empty target does not whitelist anything
|
// Adding a remapping with an empty target does not whitelist anything
|
||||||
BOOST_TEST(checkImport("import '" + m_portablePrefix + "/a/b/c.sol'", {m_portablePrefix + "="}) == ImportCheck::PathDisallowed());
|
BOOST_TEST(checkImport("import '" + m_portablePrefix + "/a/b/c.sol'", {m_portablePrefix + "="}) == ImportCheck::PathDisallowed());
|
||||||
BOOST_TEST(checkImport("import '" + m_portablePrefix + "/a/b/c.sol'", {"../code/="}) == ImportCheck::PathDisallowed());
|
BOOST_TEST(checkImport("import '" + m_portablePrefix + "/a/b/c.sol'", {"../code/="}) == ImportCheck::PathDisallowed());
|
||||||
BOOST_TEST(checkImport("import '/../work/a/b/c.sol'", {"../code/=", "--base-path", m_portablePrefix}));
|
BOOST_TEST(checkImport("import '/../work/a/b/c.sol'", {"../code/=", "--base-path", m_portablePrefix}) == ImportCheck::PathDisallowed());
|
||||||
|
|
||||||
// Adding a remapping that includes .. or . segments whitelists the parent dir and subdirectories
|
// Adding a remapping that includes .. or . segments whitelists the parent dir and subdirectories
|
||||||
// of the resolved target
|
// of the resolved target
|
||||||
|
@ -168,7 +168,7 @@ BOOST_AUTO_TEST_CASE(cli_mode_options)
|
|||||||
|
|
||||||
expectedOptions.input.addStdin = true;
|
expectedOptions.input.addStdin = true;
|
||||||
expectedOptions.input.basePath = "/home/user/";
|
expectedOptions.input.basePath = "/home/user/";
|
||||||
expectedOptions.input.allowedDirectories = {"/tmp", "/home", "project", "../contracts", ".", "c", "/usr/lib"};
|
expectedOptions.input.allowedDirectories = {"/tmp", "/home", "project", "../contracts", "c", "/usr/lib"};
|
||||||
expectedOptions.input.ignoreMissingFiles = true;
|
expectedOptions.input.ignoreMissingFiles = true;
|
||||||
expectedOptions.input.errorRecovery = (inputMode == InputMode::Compiler);
|
expectedOptions.input.errorRecovery = (inputMode == InputMode::Compiler);
|
||||||
expectedOptions.output.dir = "/tmp/out";
|
expectedOptions.output.dir = "/tmp/out";
|
||||||
@ -307,7 +307,7 @@ BOOST_AUTO_TEST_CASE(assembly_mode_options)
|
|||||||
};
|
};
|
||||||
expectedOptions.input.addStdin = true;
|
expectedOptions.input.addStdin = true;
|
||||||
expectedOptions.input.basePath = "/home/user/";
|
expectedOptions.input.basePath = "/home/user/";
|
||||||
expectedOptions.input.allowedDirectories = {"/tmp", "/home", "project", "../contracts", ".", "c", "/usr/lib"};
|
expectedOptions.input.allowedDirectories = {"/tmp", "/home", "project", "../contracts", "c", "/usr/lib"};
|
||||||
expectedOptions.input.ignoreMissingFiles = true;
|
expectedOptions.input.ignoreMissingFiles = true;
|
||||||
expectedOptions.output.overwriteFiles = true;
|
expectedOptions.output.overwriteFiles = true;
|
||||||
expectedOptions.output.evmVersion = EVMVersion::spuriousDragon();
|
expectedOptions.output.evmVersion = EVMVersion::spuriousDragon();
|
||||||
|
Loading…
Reference in New Issue
Block a user