|
|
|
|
@ -79,17 +79,18 @@ static bool CloseFileHandle(u32 handle)
|
|
|
|
|
|
|
|
|
|
static std::string ResolveHostPath(const std::string& path)
|
|
|
|
|
{
|
|
|
|
|
// Double-check that it falls within the directory of the elf.
|
|
|
|
|
// Double-check that it falls within the directory of the root.
|
|
|
|
|
// Not a real sandbox, but emulators shouldn't be treated as such. Don't run untrusted code!
|
|
|
|
|
const std::string& root = g_settings.pcdrv_root;
|
|
|
|
|
std::string canonicalized_path = Path::Canonicalize(Path::Combine(root, path));
|
|
|
|
|
std::string canonicalized_path =
|
|
|
|
|
Path::IsAbsolute(path) ? Path::Canonicalize(path) : Path::Canonicalize(Path::Combine(root, path));
|
|
|
|
|
if (canonicalized_path.length() < root.length() || // Length has to be longer (a file),
|
|
|
|
|
!canonicalized_path.starts_with(root) || // and start with the host root,
|
|
|
|
|
canonicalized_path[root.length()] != FS_OSPATH_SEPARATOR_CHARACTER) // and we can't access a sibling.
|
|
|
|
|
{
|
|
|
|
|
ERROR_LOG("Denying access to path outside of PCDrv directory. Requested path: '{}', "
|
|
|
|
|
"Resolved path: '{}', Root directory: '{}'",
|
|
|
|
|
path, root, canonicalized_path);
|
|
|
|
|
path, canonicalized_path, root);
|
|
|
|
|
canonicalized_path.clear();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
Stenzek
8 months ago