From d8b7236f585e5bdcc8446b4cc73a8ec1b32aa887 Mon Sep 17 00:00:00 2001 From: Wouter van Kesteren Date: Thu, 10 Dec 2015 23:25:20 +0100 Subject: Let merger check dirnames instead of actual dirs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This should be safe because we dont allow empty directories. So installing a directory into an illegal place would error. The moment a keepdir is done it gets a file in it and then we validate this file instead. So this all works out nicely. Change-Id: I205b21d21a08f0e6afa702f0dc28b8f1d54f047b Reviewed-on: https://galileo.mailstation.de/gerrit/4660 Reviewed-by: Bo Ørsted Andresen --- paludis/merger.cc | 25 ++++++++++++++++--------- paludis/repositories/e/permitted_directories.cc | 4 ---- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/paludis/merger.cc b/paludis/merger.cc index 333c64edf..04f16da94 100644 --- a/paludis/merger.cc +++ b/paludis/merger.cc @@ -160,9 +160,6 @@ Merger::do_dir_recursive(bool is_check, const FSPath & src, const FSPath & dst) else on_error(is_check, "Attempted to install empty directory '" + stringify(dst) + "'"); } - - if (! _imp->params.permit_destination()(dst.strip_leading(_imp->params.root().realpath()))) - on_error(is_check, "Not allowed to merge '" + stringify(src) + "' to '" + stringify(dst) + "'"); } for ( ; d != d_end ; ++d) @@ -243,13 +240,18 @@ Merger::on_file(bool is_check, const FSPath & src, const FSPath & dst) Context context("When handling file '" + stringify(src) + "' to '" + stringify(dst) + "':"); const auto staged(dst / src.basename()); - if (is_check && - 0 != _imp->params.environment()->perform_hook(extend_hook( + if (is_check) + { + if (0 != _imp->params.environment()->perform_hook(extend_hook( Hook("merger_check_file_pre") ("INSTALL_SOURCE", stringify(src)) ("INSTALL_DESTINATION", stringify(staged))), _imp->params.maybe_output_manager()).max_exit_status()) - make_check_fail(); + make_check_fail(); + + if (! _imp->params.permit_destination()(dst.strip_leading(_imp->params.root().realpath()))) + on_error(is_check, "Not allowed to merge '" + stringify(src) + "' to '" + stringify(dst) + "'"); + } if (! is_check) { @@ -338,13 +340,18 @@ Merger::on_sym(bool is_check, const FSPath & src, const FSPath & dst) Context context("When handling sym '" + stringify(src) + "' to '" + stringify(dst) + "':"); const auto staged(dst / src.basename()); - if (is_check && - 0 != _imp->params.environment()->perform_hook(extend_hook( + if (is_check) + { + if (0 != _imp->params.environment()->perform_hook(extend_hook( Hook("merger_check_sym_pre") ("INSTALL_SOURCE", stringify(src)) ("INSTALL_DESTINATION", stringify(staged))), _imp->params.maybe_output_manager()).max_exit_status()) - make_check_fail(); + make_check_fail(); + + if (! _imp->params.permit_destination()(dst.strip_leading(_imp->params.root().realpath()))) + on_error(is_check, "Not allowed to merge '" + stringify(src) + "' to '" + stringify(dst) + "'"); + } if (! is_check) { diff --git a/paludis/repositories/e/permitted_directories.cc b/paludis/repositories/e/permitted_directories.cc index 5a178439c..bb2d76f8a 100644 --- a/paludis/repositories/e/permitted_directories.cc +++ b/paludis/repositories/e/permitted_directories.cc @@ -51,10 +51,6 @@ PermittedDirectories::add(const FSPath & p, bool b) bool PermittedDirectories::permit(const FSPath & p) const { - /* otherwise we can't just -/ for "explicit only" */ - if (p == FSPath("/")) - return true; - bool result(true); for (auto r(_imp->rules.begin()), r_end(_imp->rules.end()) ; -- cgit v1.2.3