search

ThaumicMekanism / venus

RISC-V instruction set simulator built for education
https://ThaumicMekanism.github.io/venus/
MIT License
149 stars 22 forks source link

Add file path sanitization for mounting #16

Closed noloerino closed 4 years ago

noloerino commented 4 years ago

Adds file path sanitization so that requests to a mounted file system cannot modify files in the parent directory. Also forces javalin to mount with 127.0.0.1 as host. Here's a jank shell script to test the file system boundary, which should be run in a directory named "temp":

#!/usr/bin/env bash
ROOT_URL=http://127.0.0.1:6161/api/fs

WD_NAME=temp # Assumes we're running in a dir named "temp"

CURL='curl -w \n'

echo "TESTING TOUCH"
echo "Should succeed:"
$CURL "$ROOT_URL/touch" --data-binary '{"path":"./../temp/test_file"}'
echo "Should fail:"
$CURL "$ROOT_URL/touch" --data-binary '{"path":"./../test_file"}'

echo -e "\nTESTING WRITE"
touch test.txt
echo "Should succeed:"
$CURL "$ROOT_URL/file/write" --data-binary '{"path":"/test.txt","data":"malicious"}'
echo "Should fail:"
$CURL "$ROOT_URL/file/write" --data-binary '{"path":"/../test", "data": "malicious"}'
rm test.txt

echo -e "\nTESTING LS"
mkdir -p tempdir
echo "Should succeed:"
$CURL "$ROOT_URL/ls/names" --data-binary '{"data":"."}'
echo "Should fail:"
$CURL "$ROOT_URL/ls/names" --data-binary '{"data":"/../"}'
rmdir tempdir

echo -e "\nTESTING RM"
touch test.txt
echo "Should succeed:"
$CURL "$ROOT_URL/rm" --data-binary '{"path":"./test.txt"}'
echo "Should fail:"
$CURL "$ROOT_URL/rm" --data-binary '{"path":"/../test.txt"}'