From: Rebecca N. Palmer Date: Sat, 6 Feb 2016 21:26:05 +0000 (+0000) Subject: Nasal security: make directory() use fgValidatePath X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=74356e84f70c7c6504fd6711b8e3272184c6ad56;p=flightgear.git Nasal security: make directory() use fgValidatePath Being able to list arbitrary directories is a privacy violation; existing in-fgdata uses of this are all permitted paths (i.e. not Terrasync; FileSelector doesn't use it) --- diff --git a/src/Scripting/NasalSys.cxx b/src/Scripting/NasalSys.cxx index 1a320d567..dcd996540 100644 --- a/src/Scripting/NasalSys.cxx +++ b/src/Scripting/NasalSys.cxx @@ -574,8 +574,19 @@ static naRef f_directory(naContext c, naRef me, int argc, naRef* args) { if(argc != 1 || !naIsString(args[0])) naRuntimeError(c, "bad arguments to directory()"); - - simgear::Dir d(SGPath(naStr_data(args[0]))); + + std::string dirname = fgValidatePath(naStr_data(args[0]), false); + if(dirname.empty()) { + SG_LOG(SG_NASAL, SG_ALERT, "directory(): listing '" << + naStr_data(args[0]) << "' denied (unauthorized directory - authorization" + " no longer follows symlinks; to authorize reading additional " + "directories, add them to --fg-aircraft)"); + naRuntimeError(c, "directory(): access denied (unauthorized directory)"); + return naNil(); + } + + SGPath d0(dirname); + simgear::Dir d(d0); if(!d.exists()) return naNil(); naRef result = naNewVector(c);