From 64c90a6c497805945cef9a28e9b085cd2d529d48 Mon Sep 17 00:00:00 2001 From: derselbst Date: Fri, 1 Feb 2019 11:22:14 +0100 Subject: [PATCH] restrict soundfont loading to regular files only i.e. forbid to load directories, block devices, dangling symlinks, etc. --- src/sfloader/fluid_sffile.c | 7 +++++++ src/sfloader/fluid_sfont.c | 17 ++++++++++++++++- src/utils/fluid_sys.h | 1 + 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/src/sfloader/fluid_sffile.c b/src/sfloader/fluid_sffile.c index 302eea72..99da1a9a 100644 --- a/src/sfloader/fluid_sffile.c +++ b/src/sfloader/fluid_sffile.c @@ -344,6 +344,13 @@ int fluid_is_soundfont(const char *filename) { return retcode; } + + // file exists and we have permission to open it + // now, test whether it's acutally a regular file or a symlink to such + if(!fluid_file_test(filename, G_FILE_TEST_IS_REGULAR)) + { + break; + } if(FLUID_FREAD(&fcc, sizeof(fcc), 1, fp) != 1) { diff --git a/src/sfloader/fluid_sfont.c b/src/sfloader/fluid_sfont.c index 548a80ab..8de6ce07 100644 --- a/src/sfloader/fluid_sfont.c +++ b/src/sfloader/fluid_sfont.c @@ -24,7 +24,22 @@ void *default_fopen(const char *path) { - return FLUID_FOPEN(path, "rb"); + FILE* handle = FLUID_FOPEN(path, "rb"); + + if(handle == NULL) + { + FLUID_LOG(FLUID_ERR, "fluid_sfloader_load(): Specified file does not exists or insufficient permissions to open it! ('%s')", path); + return NULL; + } + + if(!fluid_file_test(path, G_FILE_TEST_IS_REGULAR)) + { + FLUID_FCLOSE(handle); + FLUID_LOG(FLUID_ERR, "fluid_sfloader_load(): Refusing to load non-regular file! ('%s')", path); + return NULL; + } + + return handle; } int default_fclose(void *handle) diff --git a/src/utils/fluid_sys.h b/src/utils/fluid_sys.h index 72b32302..5b1d7acc 100644 --- a/src/utils/fluid_sys.h +++ b/src/utils/fluid_sys.h @@ -393,6 +393,7 @@ typedef GStatBuf fluid_stat_buf_t; #endif #define fluid_stat(_filename, _statbuf) g_stat((_filename), (_statbuf)) +#define fluid_file_test g_file_test /* Profiling */ #if WITH_PROFILING