From f9986f96408cc4a6188b9a0c1da37129ee46e9ea Mon Sep 17 00:00:00 2001 From: wbaumann Date: Sat, 25 Jun 2011 15:44:06 +0000 Subject: [PATCH] Always canonicalize mount point --- ChangeLog | 4 +++ src/mount_davfs.c | 66 +++++++++++++++++++++-------------------------- 2 files changed, 34 insertions(+), 36 deletions(-) diff --git a/ChangeLog b/ChangeLog index 066e1c5..d5cb023 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,10 @@ ChangeLog for davfs2 -------------------- +2011-06-25 Werner Baumann (werner.baumann@onlinehome.de) + * mount_davfs.c: + Always canonicalize mount point. + 2011-06-23 Werner Baumann (werner.baumann@onlinehome.de) * mount_davfs.c, parse_line, read_config, read_secrets: Remove fixed length buffer, parse config line in place diff --git a/src/mount_davfs.c b/src/mount_davfs.c index 7875019..43cfa8e 100644 --- a/src/mount_davfs.c +++ b/src/mount_davfs.c @@ -95,7 +95,7 @@ /* The URL of the WebDAV server as taken from commandline. */ static char *url; -/* The mointpoint as taken from the command line. */ +/* The canonicalized mointpoint. */ static char *mpoint; /* The type of the kernel file system used. */ @@ -678,18 +678,23 @@ check_fstab(const dav_args *args) if (!fstab) error(EXIT_FAILURE, errno, _("can't open file %s"), _PATH_MNTTAB); - char *mp = NULL; - if (asprintf(&mp, "%s/", mpoint) < 0) abort(); struct mntent *ft = getmntent(fstab); while (ft && ft->mnt_dir) { - if (strcmp(ft->mnt_dir, mpoint) == 0 || strcmp(ft->mnt_dir, mp) == 0) - break; + if (ft->mnt_dir) { + char *mp = canonicalize_file_name(ft->mnt_dir); + if (mp) { + if (strcmp(mp, mpoint) == 0) { + free(mp); + break; + } + free(mp); + } + } ft = getmntent(fstab); } - if (!ft || !ft->mnt_dir) - error(EXIT_FAILURE, 0, _("no entry for %s found in %s"), url, + if (!ft) + error(EXIT_FAILURE, 0, _("no entry for %s found in %s"), mpoint, _PATH_MNTTAB); - if (mp) free(mp); if (strcmp(url, ft->mnt_fsname) != 0) { char *fstab_url = decode_octal(ft->mnt_fsname); @@ -738,16 +743,13 @@ check_fstab(const dav_args *args) } -/* Checks if a valid mountpoint is specified. - For non root users this must meet the additional conditions: +/* Checks whether the mountpoint is valid. + For non root users it must meet the additional condition: - if the mount point is given as relative path, it must lie within the mounting users home directory (so a relative path in fstab - which might be useful in some cases - will not allow to to gain access to directories not intended). - - if given as an absulute path it must not lie within another users - home directory (even the administrator can't give the right to mount - into another users home directory). - If this conditions are not met or an error occurs, an error message is + If this condition is not met or an error occurs, an error message is printed and exit(EXIT_FAILURE) is called. */ static void check_mountpoint(dav_args *args) @@ -756,29 +758,16 @@ check_mountpoint(dav_args *args) struct passwd *pw; int relative = (*mpoint != '/'); - char *mp = canonicalize_file_name(mpoint); - if (!mp) - error(EXIT_FAILURE, 0, - _("can't evaluate path of mount point %s"), mpoint); - free(mpoint); - mpoint = mp; - if (relative && getuid() != 0) { pw = getpwuid(getuid()); if (!pw || !pw->pw_dir) error(EXIT_FAILURE, 0, _("can't get home directory for uid %i"), getuid()); - if (strstr(mp, pw->pw_dir) != mp) + if (strstr(mpoint, pw->pw_dir) != mpoint) error(EXIT_FAILURE, 0, _("A relative mount point must lie " "within your home directory")); } - if (strcmp(mpoint, "/") == 0 || strlen(mpoint) < 2) - error(EXIT_FAILURE, 0, _("invalid mount point %s"), mpoint); - - if (access(mpoint, F_OK) != 0) - error(EXIT_FAILURE, 0, _("mount point %s does not exist"), mpoint); - if (args->debug & DAV_DBG_CONFIG) syslog(LOG_MAKEPRI(LOG_DAEMON, LOG_DEBUG), "mountpoint: %s", mpoint); } @@ -974,7 +963,10 @@ parse_commandline(int argc, char *argv[]) url = ne_strdup(argv[i]); } i++; - mpoint = ne_strdup(argv[i]); + mpoint = canonicalize_file_name(argv[i]); + if (!mpoint) + error(EXIT_FAILURE, 0, + _("can't evaluate path of mount point %s"), mpoint); break; default: error(0, 0, _("too many arguments")); @@ -984,8 +976,6 @@ parse_commandline(int argc, char *argv[]) if (!mpoint) error(EXIT_FAILURE, 0, _("no mountpoint specified")); - while (strlen(mpoint) > 1 && *(mpoint + strlen(mpoint) -1) == '/') - *(mpoint + strlen(mpoint) -1) = '\0'; if (!url) error(EXIT_FAILURE, 0, _("no WebDAV-server specified")); @@ -2108,7 +2098,11 @@ read_config(dav_args *args, const char * filename, int system) error_at_line(EXIT_FAILURE, 0, filename, lineno, _("malformed line")); *(parmv[0] + strlen(parmv[0]) - 1) = '\0'; - applies = (strcmp(parmv[0] + 1, mpoint) == 0); + char *mp = canonicalize_file_name(parmv[0] + 1); + if (mp) { + applies = (strcmp(mp, mpoint) == 0); + free(mp); + } } else if (applies && count == 2) { @@ -2343,6 +2337,8 @@ read_secrets(dav_args *args, const char *filename) if (scheme && !port) port = ne_uri_defaultport(scheme); + char *mp = canonicalize_file_name(parmv[0]); + char *ccert = NULL; if (args->clicert) { ccert = strrchr(args->clicert, '/'); @@ -2352,10 +2348,7 @@ read_secrets(dav_args *args, const char *filename) ccert++; } - if ((mpoint && strcmp(parmv[0], mpoint) == 0) - || (mpoint && strstr(parmv[0], mpoint) == parmv[0] - && *(parmv[0] + strlen(mpoint)) == '/' - && *(parmv[0] + strlen(mpoint) + 1) == '\0') + if ((mp && strcmp(mp, mpoint) == 0) || (scheme && args->scheme && strcmp(scheme, args->scheme) == 0 && host && args->host && strcmp(host, args->host) == 0 @@ -2409,6 +2402,7 @@ read_secrets(dav_args *args, const char *filename) if (scheme) free(scheme); if (host) free(host); if (path) free(path); + if (mp) free(mp); } memset(line, '\0', strlen(line));