backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2025-12-16 23:31:24 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

reject overlapping non-canonical paths too

Browse source 
For example, if the database path is `/foo` and the media path is
`/foo/bar`, but `/foo/bar` is a symlink or hardlink to `/baz`, the
previous check would pass. The whole point of this check is to ensure
that the database and media data can't step on each other, so this check
is needed to deny that kind of situation as well.

It would probably be good to add a test for this behavior.
This commit is contained in:
Charles Hall 2025-03-21 16:18:40 -07:00
parent b01b70fc20
commit 50583bc93e
No known key found for this signature in database
GPG key ID: 7B8E0645816E07CF
1 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/config.rs
View file

@ -540,6 +540,10 @@ where
match &config.media.backend {
MediaBackendConfig::Filesystem(x) => {
if overlap(&x.path, &config.database.path) {
return Err(Error::DatabaseMediaOverlap);
}
let media_path = x
.path
.canonicalize()
@ -550,11 +554,7 @@ where
Error::Canonicalize(e, config.database.path.clone())
})?;
let overlap = media_path == database_path
|| media_path.starts_with(&database_path)
|| database_path.starts_with(&media_path);
if overlap {
if overlap(&media_path, &database_path) {
return Err(Error::DatabaseMediaOverlap);
}
}
@ -562,3 +562,8 @@ where
Ok(config)
}
/// Returns `true` if two paths overlap.
fn overlap(a: &Path, b: &Path) -> bool {
a == b || a.starts_with(b) || b.starts_with(a)
}