cerc-io/solidity
10
0
Fork 0
mirror of https://github.com/ethereum/solidity synced 2023-10-03 13:03:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2145 from ethereum/cli-readfile-permissions

Browse Source 
Check for path permissions before opening file in the CLI file reader
This commit is contained in:
Alex Beregszaszi 2017-04-20 20:31:27 +01:00 committed by GitHub
commit ed64c849f5
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
solc/CommandLineInterface.cpp
View File

@ -660,8 +660,6 @@ bool CommandLineInterface::processInput()
ReadFile::Callback fileReader = [this](string const& _path) ReadFile::Callback fileReader = [this](string const& _path)
{ {
auto path = boost::filesystem::path(_path); auto path = boost::filesystem::path(_path);
if (!boost::filesystem::exists(path))
return ReadFile::Result{false, "File not found."};
auto canonicalPath = boost::filesystem::canonical(path); auto canonicalPath = boost::filesystem::canonical(path);
bool isAllowed = false; bool isAllowed = false;
for (auto const& allowedDir: m_allowedDirectories) for (auto const& allowedDir: m_allowedDirectories)
@ -678,6 +676,8 @@ bool CommandLineInterface::processInput()
} }
if (!isAllowed) if (!isAllowed)
return ReadFile::Result{false, "File outside of allowed directories."}; return ReadFile::Result{false, "File outside of allowed directories."};
else if (!boost::filesystem::exists(path))
return ReadFile::Result{false, "File not found."};
else if (!boost::filesystem::is_regular_file(canonicalPath)) else if (!boost::filesystem::is_regular_file(canonicalPath))
return ReadFile::Result{false, "Not a valid file."}; return ReadFile::Result{false, "Not a valid file."};
else else