GNU bug report logs -
#53676
[PATCH 0/5] *** PulseAudio service improvements ***
Previous Next
Full log
Message #92 received at 53676 <at> debbugs.gnu.org (full text, mbox):
Hi,
Am Montag, dem 07.02.2022 um 17:29 -0500 schrieb Maxim Cournoyer:
> Thanks for this! I wasn't aware of the history; I tried it and it
> failed the same. The following fix I attempted in webkitgtk did not
> seem to do anything:
>
> --8<---------------cut here---------------start------------->8---
> modified
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
> @@ -24,6 +24,7 @@
> #include <fcntl.h>
> #include <glib.h>
> #include <seccomp.h>
> +#include <string.h>
> #include <sys/ioctl.h>
> #include <sys/mman.h>
> #include <unistd.h>
> @@ -337,7 +338,16 @@ static void bindIfExists(Vector<CString>& args,
> const char* path, BindFlags bind
> bindType = "--ro-bind-try";
> else
> bindType = "--bind-try";
> - args.appendVector(Vector<CString>({ bindType, path, path }));
> +
> + // Canonicalize the source path, otherwise a symbolic link could
> + // point to a location outside of the namespace.
> + char canonicalPath[PATH_MAX];
> + if (!realpath(path, canonicalPath)) {
> + if (strlen(path) + 1 > PATH_MAX)
> + return; // too long of a path
> + strcpy(path, canonicalPath); // no-op
> + }
> + args.appendVector(Vector<CString>({ bindType, canonicalPath,
> path }));
> }
Apart from raw char arrays and string.h looking funny (and wrong) in
C++, what is strcpy supposed to do here? Would it work if we mapped
canonicalPath to path (i.e. `ls path' in the container would be `ls
canonicalPath' under the hood)?
Cheers
This bug report was last modified 3 years and 118 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.