1
0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2025-01-18 04:58:51 +02:00

Allow adhoc enforcement in storagePath().

The ability to disable enforcement (i.e., the requested absolute path is within the storage path) globally will be removed after the Perl migration.

The feature will still be needed occasionally so allow it in an adhoc fashion.
This commit is contained in:
David Steele 2019-11-21 10:34:32 -05:00
parent e1dad720a1
commit d3b1897625
3 changed files with 17 additions and 7 deletions

View File

@ -646,11 +646,12 @@ storageNewWrite(const Storage *this, const String *fileExp, StorageNewWriteParam
Get the absolute path in the storage Get the absolute path in the storage
***********************************************************************************************************************************/ ***********************************************************************************************************************************/
String * String *
storagePath(const Storage *this, const String *pathExp) storagePath(const Storage *this, const String *pathExp, StoragePathParam param)
{ {
FUNCTION_TEST_BEGIN(); FUNCTION_TEST_BEGIN();
FUNCTION_TEST_PARAM(STORAGE, this); FUNCTION_TEST_PARAM(STORAGE, this);
FUNCTION_TEST_PARAM(STRING, pathExp); FUNCTION_TEST_PARAM(STRING, pathExp);
FUNCTION_TEST_PARAM(BOOL, param.noEnforce);
FUNCTION_TEST_END(); FUNCTION_TEST_END();
ASSERT(this != NULL); ASSERT(this != NULL);
@ -670,7 +671,7 @@ storagePath(const Storage *this, const String *pathExp)
// Make sure the base storage path is contained within the path expression // Make sure the base storage path is contained within the path expression
if (!strEqZ(this->path, "/")) if (!strEqZ(this->path, "/"))
{ {
if (this->pathEnforce && (!strBeginsWith(pathExp, this->path) || if (this->pathEnforce && !param.noEnforce && (!strBeginsWith(pathExp, this->path) ||
!(strSize(pathExp) == strSize(this->path) || *(strPtr(pathExp) + strSize(this->path)) == '/'))) !(strSize(pathExp) == strSize(this->path) || *(strPtr(pathExp) + strSize(this->path)) == '/')))
{ {
THROW_FMT(AssertError, "absolute path '%s' is not in base path '%s'", strPtr(pathExp), strPtr(this->path)); THROW_FMT(AssertError, "absolute path '%s' is not in base path '%s'", strPtr(pathExp), strPtr(this->path));

View File

@ -176,10 +176,16 @@ StorageWrite *storageNewWrite(const Storage *this, const String *fileExp, Storag
/*********************************************************************************************************************************** /***********************************************************************************************************************************
storagePath storagePath
***********************************************************************************************************************************/ ***********************************************************************************************************************************/
#define storagePathP(this, pathExp) \ typedef struct StoragePathParam
storagePath(this, pathExp) {
VAR_PARAM_HEADER;
bool noEnforce;
} StoragePathParam;
String *storagePath(const Storage *this, const String *pathExp); #define storagePathP(this, pathExp, ...) \
storagePath(this, pathExp, (StoragePathParam){VAR_PARAM_INIT, __VA_ARGS__})
String *storagePath(const Storage *this, const String *pathExp, StoragePathParam param);
/*********************************************************************************************************************************** /***********************************************************************************************************************************
storagePathCreate storagePathCreate

View File

@ -534,11 +534,14 @@ testRun(void)
storagePathP(storageTest, strNew("/path/toot")), AssertError, storagePathP(storageTest, strNew("/path/toot")), AssertError,
"absolute path '/path/toot' is not in base path '/path/to'"); "absolute path '/path/toot' is not in base path '/path/to'");
// Path enforcement disabled // Path enforcement disabled globally
storagePathEnforceSet(storageTest, false); storagePathEnforceSet(storageTest, false);
TEST_RESULT_STR(strPtr(storagePathP(storageTest, strNew("/bogus"))), "/bogus", "path enforce disabled"); TEST_RESULT_STR(strPtr(storagePathP(storageTest, strNew("/bogus"))), "/bogus", "path enforce disabled globally");
storagePathEnforceSet(storageTest, true); storagePathEnforceSet(storageTest, true);
// Path enforcement disabled for a single call
TEST_RESULT_STR(strPtr(storagePathP(storageTest, strNew("/bogus"), .noEnforce = true)), "/bogus", "path enforce disabled");
TEST_ERROR(storagePathP(storageTest, strNew("<TEST")), AssertError, "end > not found in path expression '<TEST'"); TEST_ERROR(storagePathP(storageTest, strNew("<TEST")), AssertError, "end > not found in path expression '<TEST'");
TEST_ERROR( TEST_ERROR(
storagePathP(storageTest, strNew("<TEST>" BOGUS_STR)), AssertError, storagePathP(storageTest, strNew("<TEST>" BOGUS_STR)), AssertError,