[Pkg-libvirt-commits] [libguestfs] 69/165: daemon: scrub-file: resolve the path before calling scrub (RHBZ#1099490).

Hilko Bengen bengen at moszumanska.debian.org
Sat Aug 30 08:24:38 UTC 2014 

This is an automated email from the git hooks/post-receive script.

bengen pushed a commit to branch experimental
in repository libguestfs.

commit 5d5e66ce334bf61bcc2e672d17d84dd0dd0dd364
Author: Pino Toscano <ptoscano at redhat.com>
Date:   Wed May 21 15:03:17 2014 +0200

    daemon: scrub-file: resolve the path before calling scrub (RHBZ#1099490).
    
    Resolve the given path within the chroot, so scrub can be invoked
    outside the chroot on an already-resolved path.
    
    Add few tests in scrub-file for this and other similar issues.
---
 daemon/scrub.c       |  7 +++++--
 generator/actions.ml | 13 ++++++++++++-
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/daemon/scrub.c b/daemon/scrub.c
index cd880b9..c10b0a0 100644
--- a/daemon/scrub.c
+++ b/daemon/scrub.c
@@ -58,8 +58,11 @@ do_scrub_file (const char *file)
   CLEANUP_FREE char *err = NULL;
   int r;
 
-  /* Make the path relative to /sysroot. */
-  buf = sysroot_path (file);
+  /* Resolve the path to the file, and make the result relative to /sysroot.
+   * If it fails, then the file most probably does not exist or "file" is
+   * a symlink pointing outside the chroot.
+   */
+  buf = sysroot_realpath (file);
   if (!buf) {
     reply_with_perror ("malloc");
     return -1;
diff --git a/generator/actions.ml b/generator/actions.ml
index 85503ce..ed65c6e 100644
--- a/generator/actions.ml
+++ b/generator/actions.ml
@@ -5719,7 +5719,18 @@ manual page for more details." };
     tests = [
       InitScratchFS, Always, TestRun (
         [["write"; "/scrub_file"; "content"];
-         ["scrub_file"; "/scrub_file"]]), []
+         ["scrub_file"; "/scrub_file"]]), [];
+      InitScratchFS, Always, TestRun (
+        [["write"; "/scrub_file_2"; "content"];
+         ["ln_s"; "/scrub_file_2"; "/scrub_file_2_link"];
+         ["scrub_file"; "/scrub_file_2_link"]]), [];
+      InitScratchFS, Always, TestLastFail (
+        [["ln_s"; "/scrub_file_3_notexisting"; "/scrub_file_3_link"];
+         ["scrub_file"; "/scrub_file_3_link"]]), [];
+      InitScratchFS, Always, TestLastFail (
+        [["write"; "/scrub_file_4"; "content"];
+         ["ln_s"; "../sysroot/scrub_file_4"; "/scrub_file_4_link"];
+         ["scrub_file"; "/scrub_file_4_link"]]), [];
     ];
     shortdesc = "scrub (securely wipe) a file";
     longdesc = "\

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libguestfs.git

More information about the Pkg-libvirt-commits mailing list