diff options
| author | Reiner Herrmann <reiner@reiner-h.de> | 2019-03-09 23:00:25 +0100 |
|---|---|---|
| committer | Reiner Herrmann <reiner@reiner-h.de> | 2019-03-09 23:00:25 +0100 |
| commit | 9ed187c426a2cf5916c4e91e3d8a1662c2ca5eed (patch) | |
| tree | 6934c7b58367ebeaf8a34d87bf543e839a5f0558 /src/tftpd.rs | |
| parent | 98a2c4257e240aaa83e874b60dbaa91ddb72737e (diff) | |
Use configured dir for allowed file check
Diffstat (limited to 'src/tftpd.rs')
| -rw-r--r-- | src/tftpd.rs | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/src/tftpd.rs b/src/tftpd.rs index b84b86e..024b105 100644 --- a/src/tftpd.rs +++ b/src/tftpd.rs @@ -64,7 +64,7 @@ impl Tftpd { fn file_allowed(&self, filename: &Path) -> Option<PathBuf> { /* get parent to check dir where file should be read/written */ - let path = Path::new(".").join(filename); + let path = self.conf.dir.join(filename); let path = match path.parent() { Some(p) => p, None => return None, @@ -81,14 +81,9 @@ impl Tftpd { }; let path = path.join(filename); - let cwd = match env::current_dir() { - Ok(p) => p, - Err(_) => return None, - }; - - match path.strip_prefix(cwd) { - Ok(p) => Some(p.to_path_buf()), - Err(_) => None, + match path.strip_prefix(&self.conf.dir) { + Ok(p) if p != PathBuf::new() => Some(p.to_path_buf()), + _ => None, } } @@ -380,3 +375,32 @@ fn main() { Tftpd::new(conf).start(); } + +#[cfg(test)] +mod test { + use super::*; + + #[test] + fn test_file_allowed() { + let conf: Configuration = Default::default(); + let tftpd = Tftpd::new(conf); + + /* allowed */ + assert!(tftpd.file_allowed(Path::new("testfile")).is_some()); + assert!(tftpd.file_allowed(&tftpd.conf.dir.join(Path::new("testfile"))).is_some()); + + /* forbidden */ + assert!(tftpd.file_allowed(Path::new("nonexisting_dir/testfile")).is_none()); + assert!(tftpd.file_allowed(Path::new("/nonexisting_dir/testfile")).is_none()); + assert!(tftpd.file_allowed(Path::new("../testfile")).is_none()); + assert!(tftpd.file_allowed(Path::new("testfile/../")).is_none()); + assert!(tftpd.file_allowed(Path::new("testfile/../testfile")).is_none()); + assert!(tftpd.file_allowed(Path::new("/root/testfile")).is_none()); + assert!(tftpd.file_allowed(Path::new("/testfile")).is_none()); + assert!(tftpd.file_allowed(Path::new("/dev/null")).is_none()); + assert!(tftpd.file_allowed(Path::new("../../../../../../../../../../../../../etc/motd")).is_none()); + assert!(tftpd.file_allowed(Path::new("")).is_none()); + assert!(tftpd.file_allowed(Path::new("./")).is_none()); + assert!(tftpd.file_allowed(&tftpd.conf.dir).is_none()); + } +} |