From c0d5ace640ad6cdd2a1adcdc02b0765a065cb7f2 Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Sun, 27 Feb 2022 18:39:09 +0530 Subject: [PATCH] Prevent invalid root paths --- kittens/ssh/options/definition.py | 5 +++-- kittens/ssh/options/utils.py | 11 +++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/kittens/ssh/options/definition.py b/kittens/ssh/options/definition.py index 980dc7a7a..7ddcb285a 100644 --- a/kittens/ssh/options/definition.py +++ b/kittens/ssh/options/definition.py @@ -26,9 +26,10 @@ against is the hostname used by the remote computer, not the name you pass to SSH to connect to it. ''') -opt('remote_dir', '.local/share/kitty-ssh-kitten', long_text=''' +opt('remote_dir', '.local/share/kitty-ssh-kitten', option_type='relative_dir', long_text=''' The location on the remote computer where the files needed for this kitten -are installed. The location is relative to the HOME directory for relative paths. +are installed. The location is relative to the HOME directory. Absolute paths or paths +that resolve to a location outside the HOME are not allowed. ''') opt('shell_integration', 'inherit', long_text=''' diff --git a/kittens/ssh/options/utils.py b/kittens/ssh/options/utils.py index 490bdd96f..9eeca2185 100644 --- a/kittens/ssh/options/utils.py +++ b/kittens/ssh/options/utils.py @@ -2,11 +2,22 @@ # License: GPLv3 Copyright: 2022, Kovid Goyal from typing import Any, Dict, Optional, Iterable, Tuple +import posixpath DELETE_ENV_VAR = '_delete_this_env_var_' +def relative_dir(val: str) -> str: + if posixpath.isabs(val): + raise ValueError(f'Absolute paths not allowed. {val} is invalid.') + base = '/ffjdg' + q = posixpath.normpath(posixpath.join(base, val)) + if q == base or not q.startswith(base): + raise ValueError(f'Paths that escape their parent dir are not allowed. {val} is not valid') + return posixpath.normpath(val) + + def env(val: str, current_val: Dict[str, str]) -> Iterable[Tuple[str, str]]: val = val.strip() if val: