patch symlink vuln and properly test
Signed-off-by: Parker Moore <parkrmoore@gmail.com>
This commit is contained in:
Ben Balter
Parker Moore
parent
4e318cd192
commit
a799e41b70
|
|
@ -96,13 +96,12 @@ eos
|
||||||
|
|
||||||
def render(context)
|
def render(context)
|
||||||
dir = File.join(context.registers[:site].source, INCLUDES_DIR)
|
dir = File.join(context.registers[:site].source, INCLUDES_DIR)
|
||||||
validate_dir(dir, context.registers[:site].safe)
|
|
||||||
|
|
||||||
file = render_variable(context) || @file
|
file = render_variable(context) || @file
|
||||||
validate_file_name(file)
|
validate_file_name(file)
|
||||||
|
|
||||||
path = File.join(dir, file)
|
path = File.join(dir, file)
|
||||||
validate_file(path, context.registers[:site].safe)
|
validate_path(path, context.registers[:site].safe)
|
||||||
|
|
||||||
begin
|
begin
|
||||||
partial = Liquid::Template.parse(source(path, context))
|
partial = Liquid::Template.parse(source(path, context))
|
||||||
|
|
@ -116,17 +115,11 @@ eos
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def validate_dir(dir, safe)
|
def validate_path(path, safe)
|
||||||
if File.symlink?(dir) && safe
|
if !File.exist?(path)
|
||||||
raise IOError.new "Includes directory '#{dir}' cannot be a symlink"
|
raise IOError.new "Included file '#{path}' not found"
|
||||||
end
|
elsif path != File.realpath(path) && safe
|
||||||
end
|
raise IOError.new "The included file '#{path}' should not be a symlink"
|
||||||
|
|
||||||
def validate_file(file, safe)
|
|
||||||
if !File.exists?(file)
|
|
||||||
raise IOError.new "Included file '#{file}' not found"
|
|
||||||
elsif File.symlink?(file) && safe
|
|
||||||
raise IOError.new "The included file '#{file}' should not be a symlink"
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -366,8 +366,10 @@ CONTENT
|
||||||
|
|
||||||
context "with symlink'd include" do
|
context "with symlink'd include" do
|
||||||
|
|
||||||
setup do
|
should "not allow symlink includes" do
|
||||||
content = <<CONTENT
|
File.open("/tmp/pages-test", 'w') { |file| file.write("SYMLINK TEST") }
|
||||||
|
assert_raise IOError do
|
||||||
|
content = <<CONTENT
|
||||||
---
|
---
|
||||||
title: Include symlink
|
title: Include symlink
|
||||||
---
|
---
|
||||||
|
|
@ -375,11 +377,8 @@ title: Include symlink
|
||||||
{% include tmp/pages-test %}
|
{% include tmp/pages-test %}
|
||||||
|
|
||||||
CONTENT
|
CONTENT
|
||||||
create_post(content, {'permalink' => 'pretty', 'source' => source_dir, 'destination' => dest_dir, 'read_posts' => true, 'safe' => true })
|
create_post(content, {'permalink' => 'pretty', 'source' => source_dir, 'destination' => dest_dir, 'read_posts' => true, 'safe' => true })
|
||||||
end
|
end
|
||||||
|
|
||||||
should "not allow symlink includes" do
|
|
||||||
File.open("/tmp/pages-test", 'w') { |file| file.write("SYMLINK TEST") }
|
|
||||||
assert_no_match /SYMLINK TEST/, @result
|
assert_no_match /SYMLINK TEST/, @result
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue