From fed2216d997d57c2931fd59946c6d48bc9544311 Mon Sep 17 00:00:00 2001 From: danieldg Date: Mon, 25 May 2009 22:50:49 +0000 Subject: [PATCH] Remove the ServerConfig::DirValid check that breaks symlinks This was included as a security check to prevent symlink attacks, but this is no longer useful; anyone who can exploit the attack now can just modify the ircd itself. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@11390 e03df62e-2008-0410-955e-edbf42e46eb7 --- include/configreader.h | 6 ----- src/configreader.cpp | 58 ------------------------------------------ src/modules.cpp | 7 ----- 3 files changed, 71 deletions(-) diff --git a/include/configreader.h b/include/configreader.h index 3eb456b1f..d0feaccbb 100644 --- a/include/configreader.h +++ b/include/configreader.h @@ -905,12 +905,6 @@ class CoreExport ServerConfig : public Extensible */ std::string GetFullProgDir(); - /** Returns true if a directory is valid (within the modules directory). - * @param dirandfile The directory and filename to check - * @return True if the directory is valid - */ - static bool DirValid(const char* dirandfile); - /** Clean a filename, stripping the directories (and drives) from string. * @param name Directory to tidy * @return The cleaned filename diff --git a/src/configreader.cpp b/src/configreader.cpp index 0fcf88e9d..51045ef58 100644 --- a/src/configreader.cpp +++ b/src/configreader.cpp @@ -2046,64 +2046,6 @@ char* ServerConfig::CleanFilename(char* name) } -bool ServerConfig::DirValid(const char* dirandfile) -{ -#ifdef WINDOWS - return true; -#else - - char work[1024]; - char buffer[1024]; - char otherdir[1024]; - int p; - - strlcpy(work, dirandfile, 1024); - p = strlen(work); - - // we just want the dir - while (*work) - { - if (work[p] == '/') - { - work[p] = '\0'; - break; - } - - work[p--] = '\0'; - } - - // Get the current working directory - if (getcwd(buffer, 1024 ) == NULL ) - return false; - - if (chdir(work) == -1) - return false; - - if (getcwd(otherdir, 1024 ) == NULL ) - return false; - - if (chdir(buffer) == -1) - return false; - - size_t t = strlen(work); - - if (strlen(otherdir) >= t) - { - otherdir[t] = '\0'; - if (!strcmp(otherdir,work)) - { - return true; - } - - return false; - } - else - { - return false; - } -#endif -} - std::string ServerConfig::GetFullProgDir() { char buffer[PATH_MAX]; diff --git a/src/modules.cpp b/src/modules.cpp index 5d61812c0..71f4d7524 100644 --- a/src/modules.cpp +++ b/src/modules.cpp @@ -397,13 +397,6 @@ bool ModuleManager::Load(const char* filename) snprintf(modfile,MAXBUF,"%s/%s",Instance->Config->ModPath,filename); std::string filename_str = filename; - if (!ServerConfig::DirValid(modfile)) - { - LastModuleError = "Module " + std::string(filename) + " is not in the module directory that i am configured to look in (is "+Instance->Config->ModPath+" really a symlink?)"; - Instance->Logs->Log("MODULE", DEFAULT, LastModuleError); - return false; - } - if (!ServerConfig::FileExists(modfile)) { LastModuleError = "Module file could not be found: " + filename_str; -- 2.39.5