Blacklist anything outside dapp or tmp root.

2018-10-09 16:39:45 -04:00 · 2018-10-09 16:39:45 -04:00 · 26ff48bb15
parent e229688508
commit 26ff48bb15
2 changed files with 119 additions and 44 deletions
--- a/lib/core/fs.js
+++ b/lib/core/fs.js
@ -1,70 +1,87 @@
 const parseJson = require('parse-json');
+const os = require('os');
+let path = require('path');
 let fs = require('fs-extra');
 let utils = require('../utils/utils.js');
 require('colors');

+function restrictPath(receiver, binding, count, args) {
+  const dapp = dappPath();
+  const tmp = os.tmpdir();
+  let allInsideRestricted = true;
+
+  for(let i = 0; i < count; i++) {
+    let resolved = path.resolve(dapp, args[i]);
+    allInsideRestricted = [dapp, tmp].some(p => { return resolved.indexOf(p) === 0; });
+    if(!allInsideRestricted) break;
+  }
+
+  if(allInsideRestricted) return receiver.apply(binding, args);
+  throw new Error('EPERM: Operation not permitted');
+}
+
 function mkdirpSync() {
-  return fs.mkdirpSync.apply(fs.mkdirpSync, arguments);
+  return restrictPath(fs.mkdirpSync, fs.mkdirpSync, 1, arguments);
 }

 function mkdirp() {
-  return fs.mkdirp.apply(fs.mkdirp, arguments);
+  return restrictPath(fs.mkdirp, fs.mkdirp, 1, arguments);
 }

 function readdir() {
-  return fs.readdir.apply(fs.readdir, arguments);
+  return restrictPath(fs.readdir, fs.readdir, 1, arguments);
 }

 function stat() {
-  return fs.stat.apply(fs.stat, arguments);
+  return restrictPath(fs.stat, fs.stat, 1, arguments);
 }

 function remove() {
-  return fs.remove.apply(fs.remove, arguments);
+  return restrictPath(fs.remove, fs.remove, 1, arguments);
 }

 function copy() {
-  return fs.copy.apply(fs.copy, arguments);
+  return restrictPath(fs.copy, fs.copy, 2, arguments);
 }

 function copySync() {
-  return fs.copySync.apply(fs.copySync, arguments);
+  return restrictPath(fs.copySync, fs.copySync, 2, arguments);
 }

 function move(){
-  return fs.move.apply(fs.move, arguments);
+  return restrictPath(fs.move, fs.move, 2, arguments);
 }

 function moveSync() {
-  return fs.moveSync.apply(fs.moveSync, arguments);
+  return restrictPath(fs.moveSync, fs.moveSync, 2, arguments);
 }

 function appendFileSync() {
-  return fs.appendFileSync.apply(fs.writeFileSync, arguments);
+  return restrictPath(fs.appendFileSync, fs.writeFileSync, 1, arguments);
 }

 function writeFile() {
-  return fs.writeFile.apply(fs.writeFileSync, arguments);
+  return restrictPath(fs.writeFile, fs.writeFileSync, 1, arguments);
 }

 function writeFileSync() {
-  return fs.writeFileSync.apply(fs.writeFileSync, arguments);
+  return restrictPath(fs.writeFileSync, fs.writeFileSync, 1, arguments);
 }

 function readFile() {
-  return fs.readFile.apply(fs.readFile, arguments);
+  return restrictPath(fs.readFile, fs.readFile, 1, arguments);
 }

 function readFileSync() {
-  return fs.readFileSync.apply(fs.readFileSync, arguments);
+  return restrictPath(fs.readFileSync, fs.readFileSync, 1, arguments);
 }

 function readdirSync() {
-  return fs.readdirSync.apply(fs.readdirSync, arguments);
+  return restrictPath(fs.readdirSync, fs.readdirSync, 1, arguments);
 }

 function statSync() {
-  return fs.statSync.apply(fs.statSync, arguments);
+  return restrictPath(fs.statSync, fs.statSync, 1, arguments);
 }

 function readJSONSync() {
@ -78,23 +95,23 @@ function readJSONSync() {
 }

 function writeJSONSync() {
-  return fs.writeJSONSync.apply(fs.writeJSONSync, arguments);
+  return restrictPath(fs.writeJSONSync, fs.writeJSONSync, 1, arguments);
 }

 function writeJson() {
-  return fs.writeJson.apply(fs.writeJson, arguments);
+  return restrictPath(fs.writeJson, fs.writeJson, 1, arguments);
 }

 function existsSync() {
-  return fs.existsSync.apply(fs.existsSync, arguments);
+  return restrictPath(fs.existsSync, fs.existsSync, 1, arguments);
 }

 function access() {
-  return fs.access.apply(fs.access, arguments);
+  return restrictPath(fs.access, fs.access, 1, arguments);
 }

 function removeSync() {
-  return fs.removeSync.apply(fs.removeSync, arguments);
+  return restrictPath(fs.removeSync, fs.removeSync, 1, arguments);
 }

 function anchoredPath(envAnchor, ...args) {
@ -119,7 +136,7 @@ function pkgPath() {
 }

 function createWriteStream() {
-  return fs.createWriteStream.apply(fs.createWriteStream, arguments);
+  return restrictPath(fs.createWriteStream, fs.createWriteStream, 1, arguments);
 }

 function tmpDir() {
@ -150,39 +167,33 @@ function outputFileSync(){
 }

 module.exports = {
-  mkdirpSync,
-  mkdirp,
-  readdir,
-  stat,
-  remove,
+  access,
+  appendFileSync,
  copy,
  copySync,
+  createWriteStream,
+  embarkPath,
+  existsSync,
+  mkdirp,
+  mkdirpSync,
  move,
  moveSync,
  readFile,
  readFileSync,
+  readJSONSync,
+  readdir,
  readdirSync,
+  remove,
+  removeSync,
+  stat,
  statSync,
-  appendFileSync,
+  tmpDir,
  writeFile,
  writeFileSync,
-  readJSONSync,
-  writeJson,
  writeJSONSync,
-  access,
-  existsSync,
-  removeSync,
-  embarkPath,
+  copyPreserve
  dappPath,
  pkgPath,
-  createWriteStream,
-<<<<<<< HEAD
-  tmpDir,
-  copyPreserve
-||||||| merged common ancestors
-  tmpDir
-=======
-  tmpDir,
-  outputFileSync
->>>>>>> Overwrite log file so .embark doesn’t bloat
+  outputFileSync,
+  writeJson
 };
--- a/test/fs.js
+++ b/test/fs.js
@ -0,0 +1,64 @@
+/*globals after, before, describe, it*/
+const {assert} = require('chai');
+const os = require('os');
+
+const fs = require('../lib/core/fs');
+
+describe('fs', () => {
+  before(() => {
+    this.oldDappPath = process.env.DAPP_PATH;
+    process.env.DAPP_PATH = '/home/testuser/src/dapp_path/';
+
+    this.oldProcessExit = process.exit;
+    process.exit = function() {};
+  });
+
+
+  after(() => {
+    process.env.DAPP_PATH = this.oldDappPath;
+    process.exit = this.oldProcessExit;
+  });
+
+  const helperFunctions = [
+    'dappPath',
+    'embarkPath',
+    'tmpDir'
+  ];
+
+  const paths = [
+    '/etc',
+    '/home/testuser/src',
+    '/usr',
+    '../'
+  ];
+
+  for(let func in fs) {
+    if(helperFunctions.includes(func)) continue;
+
+    describe(`fs.${func}`, () => {
+      it('should throw exceptions on paths outside the DApp root', (done) => {
+        paths.forEach(path => {
+          assert.throws(() => {
+            fs[func](path);
+          }, /EPERM: Operation not permitted/);
+        });
+
+        done();
+      });
+
+      if(func === 'stat') return;
+
+      it('should not throw exceptions on paths inside the temporary dir root', (done) => {
+        assert.doesNotThrow(async () => {
+          try {
+            await fs[func](os.tmpdir() + '/foo');
+          } catch(e) {
+            if(e.message.indexOf('EPERM') === 0) throw e;
+          }
+        }, /EPERM: Operation not permitted/);
+
+        done();
+      });
+    });
+  }
+});