restrict soundfont loading to regular files only

i.e. forbid to load directories, block devices, dangling symlinks, etc.
2025-02-18 18:11:05 +00:00 · 2019-02-01 11:22:14 +01:00 · 2019-02-01 11:22:14 +01:00 · 64c90a6c49
commit 64c90a6c49
parent 72cb4504bc
3 changed files with 24 additions and 1 deletions
--- a/src/sfloader/fluid_sffile.c
+++ b/src/sfloader/fluid_sffile.c
@ -344,6 +344,13 @@ int fluid_is_soundfont(const char *filename)
        {
            return retcode;
        }
+        
+        // file exists and we have permission to open it
+        // now, test whether it's acutally a regular file or a symlink to such
+        if(!fluid_file_test(filename, G_FILE_TEST_IS_REGULAR))
+        {
+            break;
+        }

        if(FLUID_FREAD(&fcc, sizeof(fcc), 1, fp) != 1)
        {
--- a/src/sfloader/fluid_sfont.c
+++ b/src/sfloader/fluid_sfont.c
@ -24,7 +24,22 @@

 void *default_fopen(const char *path)
 {
-    return FLUID_FOPEN(path, "rb");
+    FILE* handle = FLUID_FOPEN(path, "rb");
+    
+    if(handle == NULL)
+    {
+        FLUID_LOG(FLUID_ERR, "fluid_sfloader_load(): Specified file does not exists or insufficient permissions to open it! ('%s')", path);
+        return NULL;
+    }
+    
+    if(!fluid_file_test(path, G_FILE_TEST_IS_REGULAR))
+    {
+        FLUID_FCLOSE(handle);
+        FLUID_LOG(FLUID_ERR, "fluid_sfloader_load(): Refusing to load non-regular file! ('%s')", path);
+        return NULL;
+    }
+    
+    return handle;
 }

 int default_fclose(void *handle)
--- a/src/utils/fluid_sys.h
+++ b/src/utils/fluid_sys.h
@ -393,6 +393,7 @@ typedef GStatBuf fluid_stat_buf_t;
 #endif
 #define fluid_stat(_filename, _statbuf)   g_stat((_filename), (_statbuf))

+#define fluid_file_test g_file_test

 /* Profiling */
 #if WITH_PROFILING