status-im
/
embark-area-51
mirror of https://github.com/status-im/embark-area-51.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove another attack vector

This commit is contained in:
Andre Medeiros 2018-10-10 15:26:01 -04:00 committed by Pascal Precht
parent 5db8185e5a
commit 4678359ce0
No known key found for this signature in database
GPG Key ID: 0EE28D8D6FD85D7D
2 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/core/fs.js
View File

@ -5,6 +5,11 @@ let fs = require('fs-extra');
let utils = require('../utils/utils.js'); let utils = require('../utils/utils.js');
require('colors'); require('colors');
const pathConfigs = {
DAPP_PATH: process.env.DAPP_PATH,
EMBARK_PATH: process.env.EMBARK_PATH
};
function restrictPath(receiver, binding, count, args) { function restrictPath(receiver, binding, count, args) {
const dapp = dappPath(); const dapp = dappPath();
const allowedRoots = [ const allowedRoots = [
@ -119,8 +124,8 @@ function removeSync() {
} }
function anchoredPath(envAnchor, ...args) { function anchoredPath(envAnchor, ...args) {
const anchor = process.env[envAnchor]; let anchor = pathConfigs[envAnchor];
if (!anchor) { if (!pathConfigs[envAnchor]) {
console.error(`process.env.${envAnchor} was not set`.bold.red); console.error(`process.env.${envAnchor} was not set`.bold.red);
process.exit(1); process.exit(1);
} }

5
test/fs.js
View File

@ -2,20 +2,17 @@
const {assert} = require('chai'); const {assert} = require('chai');
const os = require('os'); const os = require('os');
process.env.DAPP_PATH = '/home/testuser/src/dapp_path/';
const fs = require('../lib/core/fs'); const fs = require('../lib/core/fs');
describe('fs', () => { describe('fs', () => {
before(() => { before(() => {
this.oldDappPath = process.env.DAPP_PATH;
process.env.DAPP_PATH = '/home/testuser/src/dapp_path/';
this.oldProcessExit = process.exit; this.oldProcessExit = process.exit;
process.exit = function() {}; process.exit = function() {};
}); });
after(() => { after(() => {
process.env.DAPP_PATH = this.oldDappPath;
process.exit = this.oldProcessExit; process.exit = this.oldProcessExit;
}); });