summaryrefslogtreecommitdiffstats
path: root/firmware/target/hosted
diff options
context:
space:
mode:
authorMarcin Bukat <marcin.bukat@gmail.com>2018-03-02 21:45:52 +0100
committerMarcin Bukat <marcin.bukat@gmail.com>2018-06-12 10:31:15 +0200
commit0538ba3d59a1a29adcee0b4656b204fda102ad89 (patch)
tree50f070b0dc506f160f4007c8e7943072e0ee00e6 /firmware/target/hosted
parent09fde79ec840ef9021ddbc28a58e6b1234d9de8f (diff)
downloadrockbox-0538ba3d59a1a29adcee0b4656b204fda102ad89.tar.gz
rockbox-0538ba3d59a1a29adcee0b4656b204fda102ad89.zip
Agptek Rocker: Restrict root directory to SD only
Actual / of underlying linux OS should not be available to user. I am still not sure if implementation is correct. It doesn't perform any relative path sandboxing for example. Change-Id: Ic577a10f3947f6e950e2c4d03173f9f207395eb7
Diffstat (limited to 'firmware/target/hosted')
-rw-r--r--firmware/target/hosted/filesystem-app.c8
-rw-r--r--firmware/target/hosted/lc-unix.c7
2 files changed, 14 insertions, 1 deletions
diff --git a/firmware/target/hosted/filesystem-app.c b/firmware/target/hosted/filesystem-app.c
index 4f1019c7a1..d9fcd64e2d 100644
--- a/firmware/target/hosted/filesystem-app.c
+++ b/firmware/target/hosted/filesystem-app.c
@@ -37,6 +37,10 @@
#include "logf.h"
+#if defined(AGPTEK_ROCKER) && !defined(BOOTLOADER)
+#define PIVOT_ROOT "/mnt/sd_0"
+#endif
+
#if (CONFIG_PLATFORM & PLATFORM_ANDROID)
static const char rbhome[] = "/sdcard";
#elif (CONFIG_PLATFORM & (PLATFORM_SDL|PLATFORM_MAEMO|PLATFORM_PANDORA)) \
@@ -206,6 +210,10 @@ const char * handle_special_dirs(const char *dir, unsigned flags,
#ifdef HAVE_MULTIDRIVE
dir = handle_special_links(dir, flags, buf, bufsize);
#endif
+#ifdef PIVOT_ROOT
+ snprintf(buf, bufsize, "%s/%s", PIVOT_ROOT, dir);
+ dir = buf;
+#endif
return dir;
}
diff --git a/firmware/target/hosted/lc-unix.c b/firmware/target/hosted/lc-unix.c
index 810dc9f92c..1061883832 100644
--- a/firmware/target/hosted/lc-unix.c
+++ b/firmware/target/hosted/lc-unix.c
@@ -21,6 +21,7 @@
#include <string.h> /* size_t */
#include <dlfcn.h>
+#include "file.h"
#include "debug.h"
#include "load_code.h"
@@ -28,7 +29,11 @@ void *lc_open(const char *filename, unsigned char *buf, size_t buf_size)
{
(void)buf;
(void)buf_size;
- void *handle = dlopen(filename, RTLD_NOW);
+ char path[MAX_PATH];
+
+ const char *fpath = handle_special_dirs(filename, 0, path, sizeof(path));
+
+ void *handle = dlopen(fpath, RTLD_NOW);
if (handle == NULL)
{
DEBUGF("failed to load %s\n", filename);