summaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'scripts')
-rw-r--r--scripts/lib/wic/plugins/source/rootfs.py41
1 files changed, 19 insertions, 22 deletions
diff --git a/scripts/lib/wic/plugins/source/rootfs.py b/scripts/lib/wic/plugins/source/rootfs.py
index 544e868b5e..f1db83f8a1 100644
--- a/scripts/lib/wic/plugins/source/rootfs.py
+++ b/scripts/lib/wic/plugins/source/rootfs.py
@@ -33,6 +33,22 @@ class RootfsPlugin(SourcePlugin):
33 name = 'rootfs' 33 name = 'rootfs'
34 34
35 @staticmethod 35 @staticmethod
36 def __validate_path(cmd, rootfs_dir, path):
37 if os.path.isabs(path):
38 logger.error("%s: Must be relative: %s" % (cmd, orig_path))
39 sys.exit(1)
40
41 # Disallow climbing outside of parent directory using '..',
42 # because doing so could be quite disastrous (we will delete the
43 # directory, or modify a directory outside OpenEmbedded).
44 full_path = os.path.realpath(os.path.join(rootfs_dir, path))
45 if not full_path.startswith(os.path.realpath(rootfs_dir)):
46 logger.error("%s: Must point inside the rootfs:" % (cmd, path))
47 sys.exit(1)
48
49 return full_path
50
51 @staticmethod
36 def __get_rootfs_dir(rootfs_dir): 52 def __get_rootfs_dir(rootfs_dir):
37 if os.path.isdir(rootfs_dir): 53 if os.path.isdir(rootfs_dir):
38 return os.path.realpath(rootfs_dir) 54 return os.path.realpath(rootfs_dir)
@@ -99,14 +115,7 @@ class RootfsPlugin(SourcePlugin):
99 cd = part.change_directory 115 cd = part.change_directory
100 if cd[-1] == '/': 116 if cd[-1] == '/':
101 cd = cd[:-1] 117 cd = cd[:-1]
102 if os.path.isabs(cd): 118 orig_dir = cls.__validate_path("--change-directory", part.rootfs_dir, cd)
103 logger.error("Must be relative: --change-directory=%s" % cd)
104 sys.exit(1)
105 orig_dir = os.path.realpath(os.path.join(part.rootfs_dir, cd))
106 if not orig_dir.startswith(part.rootfs_dir):
107 logger.error("'%s' points to a path outside the rootfs" % orig_dir)
108 sys.exit(1)
109
110 else: 119 else:
111 orig_dir = part.rootfs_dir 120 orig_dir = part.rootfs_dir
112 copyhardlinktree(orig_dir, new_rootfs) 121 copyhardlinktree(orig_dir, new_rootfs)
@@ -168,10 +177,7 @@ class RootfsPlugin(SourcePlugin):
168 177
169 #create destination 178 #create destination
170 if path: 179 if path:
171 destination = os.path.realpath(os.path.join(new_rootfs, path)) 180 destination = cls.__validate_path("--include-path", new_rootfs, path)
172 if not destination.startswith(new_rootfs):
173 logger.error("%s %s" % (destination, new_rootfs))
174 sys.exit(1)
175 Path(destination).mkdir(parents=True, exist_ok=True) 181 Path(destination).mkdir(parents=True, exist_ok=True)
176 else: 182 else:
177 destination = new_rootfs 183 destination = new_rootfs
@@ -187,17 +193,8 @@ class RootfsPlugin(SourcePlugin):
187 193
188 for orig_path in part.exclude_path or []: 194 for orig_path in part.exclude_path or []:
189 path = orig_path 195 path = orig_path
190 if os.path.isabs(path):
191 logger.error("Must be relative: --exclude-path=%s" % orig_path)
192 sys.exit(1)
193 196
194 full_path = os.path.realpath(os.path.join(new_rootfs, path)) 197 full_path = cls.__validate_path("--exclude-path", new_rootfs, path)
195 # Disallow climbing outside of parent directory using '..',
196 # because doing so could be quite disastrous (we will delete the
197 # directory).
198 if not full_path.startswith(new_rootfs):
199 logger.error("'%s' points to a path outside the rootfs" % orig_path)
200 sys.exit(1)
201 198
202 if not os.path.lexists(full_path): 199 if not os.path.lexists(full_path):
203 continue 200 continue