Deny relative addresses for UNIX domain sockets (#548)

2025-06-25 15:51:34 +00:00 · 2018-10-10 13:17:26 +02:00
parent 9bdaabc884
commit dec7cd13b2
1 changed files with 19 additions and 3 deletions
--- a/transports/uds/src/lib.rs
+++ b/transports/uds/src/lib.rs
@ -138,6 +138,10 @@ impl Transport for UdsConfig {
    }
 }

+/// Turns a `Multiaddr` containing a single `Unix` component into a path.
+///
+/// Also returns an error if the path is not absolute, as we don't want to dial/listen on relative
+/// paths.
 // This type of logic should probably be moved into the multiaddr package
 fn multiaddr_to_path(addr: &Multiaddr) -> Result<PathBuf, ()> {
    let mut iter = addr.iter();
@ -147,10 +151,16 @@ fn multiaddr_to_path(addr: &Multiaddr) -> Result<PathBuf, ()> {
        return Err(());
    }

-    match path {
-        Some(Protocol::Unix(ref path)) => Ok(path.as_ref().into()),
-        _ => Err(())
+    let out: PathBuf = match path {
+        Some(Protocol::Unix(ref path)) => path.as_ref().into(),
+        _ => return Err(())
+    };
+
+    if !out.is_absolute() {
+        return Err(());
    }
+
+    Ok(out)
 }

 #[cfg(test)]
@ -234,4 +244,10 @@ mod tests {
            .unwrap();
        assert!(tcp.listen_on(addr).is_err());
    }
+
+    #[test]
+    #[ignore]       // TODO: for the moment unix addresses fail to parse
+    fn relative_addr_denied() {
+        assert!("/ip4/127.0.0.1/tcp/12345/unix/./foo/bar".parse::<Multiaddr>().is_err());
+    }
 }