exec: use canonicalize to check for file existance too. better error message.
This commit is contained in:
parent
db4d3cafbb
commit
9f2f0e66b2
16
src/main.rs
16
src/main.rs
@ -253,18 +253,26 @@ fn exec(entryname: &str, cmdargs: &Vec<String>) -> std::io::Result<()> {
|
|||||||
let basedir: String = String::from("/etc/raou.d/");
|
let basedir: String = String::from("/etc/raou.d/");
|
||||||
let filepath: String = basedir.to_string() + entryname;
|
let filepath: String = basedir.to_string() + entryname;
|
||||||
|
|
||||||
let realpath = fs::canonicalize(&filepath)?;
|
let realpath = fs::canonicalize(&filepath);
|
||||||
if !realpath.starts_with(basedir) {
|
match realpath {
|
||||||
|
Ok(p) => {
|
||||||
|
if !p.starts_with(basedir) {
|
||||||
return Err(std::io::Error::new(
|
return Err(std::io::Error::new(
|
||||||
ErrorKind::InvalidInput,
|
ErrorKind::InvalidInput,
|
||||||
"Specified entry is outside base directory",
|
"Specified entry is outside base directory",
|
||||||
));
|
));
|
||||||
}
|
}
|
||||||
if !std::path::Path::new(&filepath).exists() {
|
}
|
||||||
|
Err(e) => {
|
||||||
|
if e.kind() == ErrorKind::NotFound {
|
||||||
return Err(std::io::Error::new(
|
return Err(std::io::Error::new(
|
||||||
ErrorKind::NotFound,
|
ErrorKind::NotFound,
|
||||||
format!("The entry {} does not exist", filepath),
|
format!("The entry {} does not exist", entryname),
|
||||||
));
|
));
|
||||||
|
} else {
|
||||||
|
return Err(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
let entry: Entry = create_entry_from_file(&filepath)?;
|
let entry: Entry = create_entry_from_file(&filepath)?;
|
||||||
let destuserpasswd: Passwd = getpwnam(&entry.dest_user)?;
|
let destuserpasswd: Passwd = getpwnam(&entry.dest_user)?;
|
||||||
|
Loading…
Reference in New Issue
Block a user