mirror of
https://github.com/ethereum/solidity
synced 2023-10-03 13:03:40 +00:00
Merge pull request #2145 from ethereum/cli-readfile-permissions
Check for path permissions before opening file in the CLI file reader
This commit is contained in:
commit
ed64c849f5
@ -660,8 +660,6 @@ bool CommandLineInterface::processInput()
|
|||||||
ReadFile::Callback fileReader = [this](string const& _path)
|
ReadFile::Callback fileReader = [this](string const& _path)
|
||||||
{
|
{
|
||||||
auto path = boost::filesystem::path(_path);
|
auto path = boost::filesystem::path(_path);
|
||||||
if (!boost::filesystem::exists(path))
|
|
||||||
return ReadFile::Result{false, "File not found."};
|
|
||||||
auto canonicalPath = boost::filesystem::canonical(path);
|
auto canonicalPath = boost::filesystem::canonical(path);
|
||||||
bool isAllowed = false;
|
bool isAllowed = false;
|
||||||
for (auto const& allowedDir: m_allowedDirectories)
|
for (auto const& allowedDir: m_allowedDirectories)
|
||||||
@ -678,6 +676,8 @@ bool CommandLineInterface::processInput()
|
|||||||
}
|
}
|
||||||
if (!isAllowed)
|
if (!isAllowed)
|
||||||
return ReadFile::Result{false, "File outside of allowed directories."};
|
return ReadFile::Result{false, "File outside of allowed directories."};
|
||||||
|
else if (!boost::filesystem::exists(path))
|
||||||
|
return ReadFile::Result{false, "File not found."};
|
||||||
else if (!boost::filesystem::is_regular_file(canonicalPath))
|
else if (!boost::filesystem::is_regular_file(canonicalPath))
|
||||||
return ReadFile::Result{false, "Not a valid file."};
|
return ReadFile::Result{false, "Not a valid file."};
|
||||||
else
|
else
|
||||||
|
Loading…
Reference in New Issue
Block a user