From eb2a40ffef0876e0618ca7bb39170d6922b6354f Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Thu, 3 Nov 2011 07:22:44 +0530 Subject: [PATCH] calibre-mount-helper: Validate dev arg as well as mount --- src/calibre/devices/linux_mount_helper.c | 26 +++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/calibre/devices/linux_mount_helper.c b/src/calibre/devices/linux_mount_helper.c index 79c974f915..9fda0e9401 100644 --- a/src/calibre/devices/linux_mount_helper.c +++ b/src/calibre/devices/linux_mount_helper.c @@ -33,6 +33,25 @@ void ensure_root() { } } +int check_args(const char *dev, const char *mp) { + if (dev == NULL || strlen(dev) < strlen("/dev/") || mp == NULL || strlen(mp) < strlen("/media/")) { + fprintf(stderr, "Invalid arguments\n"); + return False; + } + + if (strncmp("/media/", mp, 6) != 0) { + fprintf(stderr, "Trying to operate on a mount point not under /media is not allowed\n"); + return False; + } + + if (strncmp("/dev/", dev, 5) != 0) { + fprintf(stderr, "Trying to operate on a dev node not under /dev\n"); + return False; + } + + return True; +} + int do_mount(const char *dev, const char *mp) { char options[1000], marker[2000]; #ifdef __NetBSD__ @@ -45,11 +64,6 @@ int do_mount(const char *dev, const char *mp) { return EXIT_FAILURE; } - if (strncmp("/usr", mp, 4) == 0 || strncmp("/bin", mp, 4) == 0 || strncmp("/sbin", mp, 5) == 0) { - fprintf(stderr, "Trying to mount to a mount point under /usr, /bin, /sbin is not allowed\n"); - return EXIT_FAILURE; - } - if (!exists(mp)) { if (mkdir(mp, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH) != 0) { errsv = errno; @@ -226,6 +240,8 @@ int main(int argc, char** argv) exit(EXIT_FAILURE); } + if (!check_args(dev, mp)) exit(EXIT_FAILURE); + if (strncmp(action, "mount", 5) == 0) { status = do_mount(dev, mp); } else if (strncmp(action, "eject", 5) == 0) {