commit a06626d1ad963f6998237a332eab9ac9392b7c7a
author Krzysztof Grobelny <krzysztof.grobelny@intel.com> Thu Nov 24 15:22:40 2022 +0000
committer Krzysztof Grobelny <krzysztof.grobelny@intel.com> Mon Jan 23 10:54:37 2023 +0000
tree b640aad4acbc93e2060758d7b3fbb1915d874582
parent 0452976942f7c9e9a3ace74bf71b946d53ead203

Added security checks for symlinks

Added security checks which prevents service from interacting with
symlinks. It is not possible to list/delete/read/write to symlinks.

Tested:
Added unit tests which confirm that:
- Symlinks cannot be removed
- Symlinks are not listed
- Symlinks cannot be overwritten
- Symlinks cannot be read

Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: I50d6d10dac81fd454e7e30520a7c47d5146be58c

src/persistent_json_storage.cpp

diff --git a/src/persistent_json_storage.cpp b/src/persistent_json_storage.cpp
index 896c8a9..0dc66ad 100644
--- a/src/persistent_json_storage.cpp
+++ b/src/persistent_json_storage.cpp
@@ -5,6 +5,8 @@
 #include <fstream>
 #include <stdexcept>
 
+using namespace std::literals::string_literals;
+
 PersistentJsonStorage::PersistentJsonStorage(const DirectoryPath& directory) :
     directory(directory)
 {}
@@ -28,6 +30,8 @@
                 ", ec=" + std::to_string(ec.value()) + ": " + ec.message());
         }
 
+        assertThatPathIsNotSymlink(path);
+
         std::ofstream file(path);
         file << data;
         if (!file)
@@ -48,6 +52,12 @@
 bool PersistentJsonStorage::remove(const FilePath& filePath)
 {
     const auto path = join(directory, filePath);
+
+    if (std::filesystem::is_symlink(path))
+    {
+        return false;
+    }
+
     std::error_code ec;
 
     auto removed = std::filesystem::remove(path, ec);
@@ -79,6 +89,7 @@
 
     try
     {
+        assertThatPathIsNotSymlink(path);
         std::ifstream file(path);
         file >> result;
     }
@@ -103,7 +114,7 @@
     for (const auto& p :
          std::filesystem::recursive_directory_iterator(directory))
     {
-        if (p.is_regular_file())
+        if (p.is_regular_file() && !p.is_symlink())
         {
             auto item = std::filesystem::relative(p.path(), directory);
             result.emplace_back(std::move(item));
@@ -134,3 +145,14 @@
 {
     return std::filesystem::exists(join(directory, subPath));
 }
+
+void PersistentJsonStorage::assertThatPathIsNotSymlink(
+    const std::filesystem::path& path)
+{
+    if (std::filesystem::is_symlink(path))
+    {
+        throw std::runtime_error(
+            "Source/Target file is a symlink! Operation canceled on path "s +
+            path.c_str());
+    }
+}

src/persistent_json_storage.hpp

diff --git a/src/persistent_json_storage.hpp b/src/persistent_json_storage.hpp
index 2b0f365..064a4c6 100644
--- a/src/persistent_json_storage.hpp
+++ b/src/persistent_json_storage.hpp
@@ -19,4 +19,5 @@
     static std::filesystem::path join(const std::filesystem::path&,
                                       const std::filesystem::path&);
     static void limitPermissions(const std::filesystem::path& path);
+    static void assertThatPathIsNotSymlink(const std::filesystem::path& path);
 };