ExternalCommandHelper::ReadData should not follow symlinks.

Resolve all symlinks in the userspace application and make sure that helper only deals with root owned path in /dev but not in /dev/shm.
2022-06-20 00:02:07 +01:00 · 2022-06-20 00:02:07 +01:00 · 83a865411d
parent 26e069d6cd
commit 83a865411d
2 changed files with 14 additions and 1 deletions
--- a/src/util/externalcommand.cpp
+++ b/src/util/externalcommand.cpp
@ -193,7 +193,9 @@ QByteArray ExternalCommand::readData(const CopySourceDevice& source)
    if (!interface)
        return {};

-    QDBusPendingCall pcall = interface->ReadData(source.path(), source.firstByte(), source.length());
+    // Helper is restricted not to resolve symlinks
+    QFileInfo sourceInfo(source.path());
+    QDBusPendingCall pcall = interface->ReadData(sourceInfo.canonicalFilePath(), source.firstByte(), source.length());

    QDBusPendingCallWatcher *watcher = new QDBusPendingCallWatcher(pcall, this);

--- a/src/util/externalcommandhelper.cpp
+++ b/src/util/externalcommandhelper.cpp
@ -304,6 +304,17 @@ QByteArray ExternalCommandHelper::ReadData(const QString& device, const qint64 o
        return {};
    }

+    // Do not follow symlinks
+    QFileInfo info(device);
+    if (info.isSymbolicLink()) {
+        qWarning() << "ReadData: device should not be symbolic link";
+        return {};
+    }
+    if (device.left(5) != QStringLiteral("/dev/") || device.left(9) != QStringLiteral("/dev/shm/")) {
+        qWarning() << "Error: trying to read data from device not in /dev";
+        return {};
+    }
+
    QByteArray buffer;
    QFile sourceDevice(device);
    bool rval = readData(sourceDevice, buffer, offset, length);