crtxcr
/
raou
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

exec: use canonicalize to check for file existance too. better error message.

This commit is contained in:
Albert S. 2020-09-26 18:37:48 +02:00
parent db4d3cafbb
commit 9f2f0e66b2
1 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/main.rs
View File

@ -253,18 +253,26 @@ fn exec(entryname: &str, cmdargs: &Vec<String>) -> std::io::Result<()> {
let basedir: String = String::from("/etc/raou.d/"); let basedir: String = String::from("/etc/raou.d/");
let filepath: String = basedir.to_string() + entryname; let filepath: String = basedir.to_string() + entryname;
let realpath = fs::canonicalize(&filepath)?; let realpath = fs::canonicalize(&filepath);
if !realpath.starts_with(basedir) { match realpath {
Ok(p) => {
if !p.starts_with(basedir) {
return Err(std::io::Error::new( return Err(std::io::Error::new(
ErrorKind::InvalidInput, ErrorKind::InvalidInput,
"Specified entry is outside base directory", "Specified entry is outside base directory",
)); ));
} }
if !std::path::Path::new(&filepath).exists() { }
Err(e) => {
if e.kind() == ErrorKind::NotFound {
return Err(std::io::Error::new( return Err(std::io::Error::new(
ErrorKind::NotFound, ErrorKind::NotFound,
format!("The entry {} does not exist", filepath), format!("The entry {} does not exist", entryname),
)); ));
} else {
return Err(e);
}
}
} }
let entry: Entry = create_entry_from_file(&filepath)?; let entry: Entry = create_entry_from_file(&filepath)?;
let destuserpasswd: Passwd = getpwnam(&entry.dest_user)?; let destuserpasswd: Passwd = getpwnam(&entry.dest_user)?;