Pino Toscano
2016-Jan-15 10:33 UTC
[Libguestfs] [PATCH] daemon: resolve paths for ll and llz
Resolve in the guest the given path, so absolute symlinks can be listed using appliance tools without resolution errors. Also remove the note about the possibility to escape the sysroot using ll and llz, since realpath won't return paths outside sysroot. Fixes part of RHBZ#1293276. --- daemon/ls.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/daemon/ls.c b/daemon/ls.c index d3689cd..0e2f110 100644 --- a/daemon/ls.c +++ b/daemon/ls.c @@ -95,21 +95,24 @@ do_ls0 (const char *path) return 0; } -/* Because we can't chroot and run the ls command (since 'ls' won't - * necessarily exist in the chroot), this command can be used to escape - * from the sysroot (eg. 'll /..'). This command is not meant for - * serious use anyway, just for quick interactive sessions. - */ - char * do_ll (const char *path) { int r; char *out; CLEANUP_FREE char *err = NULL; + CLEANUP_FREE char *rpath = NULL; CLEANUP_FREE char *spath = NULL; - spath = sysroot_path (path); + CHROOT_IN; + rpath = realpath (path, NULL); + CHROOT_OUT; + if (rpath == NULL) { + reply_with_perror ("%s", path); + return NULL; + } + + spath = sysroot_path (rpath); if (!spath) { reply_with_perror ("malloc"); return NULL; @@ -131,9 +134,18 @@ do_llz (const char *path) int r; char *out; CLEANUP_FREE char *err = NULL; + CLEANUP_FREE char *rpath = NULL; CLEANUP_FREE char *spath = NULL; - spath = sysroot_path (path); + CHROOT_IN; + rpath = realpath (path, NULL); + CHROOT_OUT; + if (rpath == NULL) { + reply_with_perror ("%s", path); + return NULL; + } + + spath = sysroot_path (rpath); if (!spath) { reply_with_perror ("malloc"); return NULL; -- 2.5.0
Richard W.M. Jones
2016-Jan-18 16:48 UTC
Re: [Libguestfs] [PATCH] daemon: resolve paths for ll and llz
On Fri, Jan 15, 2016 at 11:33:49AM +0100, Pino Toscano wrote:> Resolve in the guest the given path, so absolute symlinks can be listed > using appliance tools without resolution errors. > Also remove the note about the possibility to escape the sysroot using > ll and llz, since realpath won't return paths outside sysroot. > > Fixes part of RHBZ#1293276. > --- > daemon/ls.c | 28 ++++++++++++++++++++-------- > 1 file changed, 20 insertions(+), 8 deletions(-) > > diff --git a/daemon/ls.c b/daemon/ls.c > index d3689cd..0e2f110 100644 > --- a/daemon/ls.c > +++ b/daemon/ls.c > @@ -95,21 +95,24 @@ do_ls0 (const char *path) > return 0; > } > > -/* Because we can't chroot and run the ls command (since 'ls' won't > - * necessarily exist in the chroot), this command can be used to escape > - * from the sysroot (eg. 'll /..'). This command is not meant for > - * serious use anyway, just for quick interactive sessions. > - */ > - > char * > do_ll (const char *path) > { > int r; > char *out; > CLEANUP_FREE char *err = NULL; > + CLEANUP_FREE char *rpath = NULL; > CLEANUP_FREE char *spath = NULL; > > - spath = sysroot_path (path); > + CHROOT_IN; > + rpath = realpath (path, NULL); > + CHROOT_OUT; > + if (rpath == NULL) { > + reply_with_perror ("%s", path); > + return NULL; > + } > + > + spath = sysroot_path (rpath); > if (!spath) { > reply_with_perror ("malloc"); > return NULL; > @@ -131,9 +134,18 @@ do_llz (const char *path) > int r; > char *out; > CLEANUP_FREE char *err = NULL; > + CLEANUP_FREE char *rpath = NULL; > CLEANUP_FREE char *spath = NULL; > > - spath = sysroot_path (path); > + CHROOT_IN; > + rpath = realpath (path, NULL); > + CHROOT_OUT; > + if (rpath == NULL) { > + reply_with_perror ("%s", path); > + return NULL; > + } > + > + spath = sysroot_path (rpath); > if (!spath) { > reply_with_perror ("malloc"); > return NULL;Looks good, ACK. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-builder quickly builds VMs from scratch http://libguestfs.org/virt-builder.1.html