From dec7cd13b2b7f0596ff1b9c1a84cd0c9bdd144d4 Mon Sep 17 00:00:00 2001 From: Pierre Krieger Date: Wed, 10 Oct 2018 13:17:26 +0200 Subject: [PATCH] Deny relative addresses for UNIX domain sockets (#548) --- transports/uds/src/lib.rs | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/transports/uds/src/lib.rs b/transports/uds/src/lib.rs index f0564aa4..c2b76e11 100644 --- a/transports/uds/src/lib.rs +++ b/transports/uds/src/lib.rs @@ -138,6 +138,10 @@ impl Transport for UdsConfig { } } +/// Turns a `Multiaddr` containing a single `Unix` component into a path. +/// +/// Also returns an error if the path is not absolute, as we don't want to dial/listen on relative +/// paths. // This type of logic should probably be moved into the multiaddr package fn multiaddr_to_path(addr: &Multiaddr) -> Result { let mut iter = addr.iter(); @@ -147,10 +151,16 @@ fn multiaddr_to_path(addr: &Multiaddr) -> Result { return Err(()); } - match path { - Some(Protocol::Unix(ref path)) => Ok(path.as_ref().into()), - _ => Err(()) + let out: PathBuf = match path { + Some(Protocol::Unix(ref path)) => path.as_ref().into(), + _ => return Err(()) + }; + + if !out.is_absolute() { + return Err(()); } + + Ok(out) } #[cfg(test)] @@ -234,4 +244,10 @@ mod tests { .unwrap(); assert!(tcp.listen_on(addr).is_err()); } + + #[test] + #[ignore] // TODO: for the moment unix addresses fail to parse + fn relative_addr_denied() { + assert!("/ip4/127.0.0.1/tcp/12345/unix/./foo/bar".parse::().is_err()); + } }