fedir/ICFS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed arbitrary permission order

Browse Source
This commit is contained in:
fedir
2025-05-20 11:07:28 +02:00
parent a7e5d7d92d
commit b550c93884
1 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/temp_permissions_table.c
View File

@@ -192,26 +192,32 @@ access_t check_temp_access_noparent(const char *filename, pid_t pid) {
// the process is the same as the one that was granted temporary access
// to the file
size_t filename_len = strlen(filename);
access_t ret = NDEF;
size_t maxlen = 0;
for_each(&permission_entry->denied_files, denied_file) {
size_t denied_file_len = strlen(*denied_file);
if (strncmp(*denied_file, filename, denied_file_len) == 0 &&
if ((strncmp(*denied_file, filename, denied_file_len) == 0 &&
((denied_file_len < filename_len &&
(*denied_file)[denied_file_len - 1] == '/') ||
(denied_file_len == filename_len))) {
pthread_rwlock_unlock(&temp_permissions_table_lock);
return DENY;
(denied_file_len == filename_len))) &&
denied_file_len > maxlen) {
maxlen = denied_file_len;
ret = DENY;
}
}
for_each(&permission_entry->allowed_files, allowed_file) {
size_t allowed_file_len = strlen(*allowed_file);
if (strncmp(*allowed_file, filename, allowed_file_len) == 0 &&
if ((strncmp(*allowed_file, filename, allowed_file_len) == 0 &&
((allowed_file_len < filename_len &&
(*allowed_file)[allowed_file_len - 1] == '/') ||
(allowed_file_len == filename_len))) {
(allowed_file_len == filename_len))) &&
allowed_file > maxlen) {
maxlen = allowed_file_len;
ret = ALLOW;
}
}
pthread_rwlock_unlock(&temp_permissions_table_lock);
return ALLOW;
}
}
return ret;
}
}
pthread_rwlock_unlock(&temp_permissions_table_lock);