[jira] [Comment Edited] (SSHD-605) VirtualFileSystemFactory allows escaping from root

Tue, 01 Dec 2015 05:28:01 -0800 

    [ 
https://issues.apache.org/jira/browse/SSHD-605?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15033667#comment-15033667
 ] 

Damien B edited comment on SSHD-605 at 12/1/15 1:26 PM:
--------------------------------------------------------

The issue seems to lie in RootedFileSystemProvider::resolveLocalPath:
{code:java}
    protected Path resolveLocalPath(RootedPath path) {
        Path absPath = path.toAbsolutePath();
        String r = absPath.toString();
        RootedFileSystem rfs = path.getFileSystem();
        Path root = rfs.getRoot();
        return root.resolve(r.substring(1));
    }
{code}
root is a WindowsPath pointing on myRootDir,
r.substring(1) is c:/Windows/.

Maybe forcing a relative path by prepending "./"?


was (Author: damienb):
The issue seems to lie in RootedFileSystemProvider::resolveLocalPath:

    protected Path resolveLocalPath(RootedPath path) {
        Path absPath = path.toAbsolutePath();
        String r = absPath.toString();
        RootedFileSystem rfs = path.getFileSystem();
        Path root = rfs.getRoot();
        return root.resolve(r.substring(1));
    }

root is a WindowsPath pointing on myRootDir,
r.substring(1) is c:/Windows/.

Maybe forcing a relative path by prepending "./"?

> VirtualFileSystemFactory allows escaping from root
> --------------------------------------------------
>
>                 Key: SSHD-605
>                 URL: https://issues.apache.org/jira/browse/SSHD-605
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 1.0.0
>         Environment: Windows, JDK 7
>            Reporter: Damien B
>            Assignee: Goldstein Lyor
>              Labels: security
>
> Possibly Windows only.
> I start a SFTP server like this:
> sshd = SshServer.setUpDefaultServer();
> [...]
> sshd.setFileSystemFactory(new 
> VirtualFileSystemFactory(myRootDir.getCanonicalPath()));
> [...]
> sshd.setSubsystemFactories(Arrays.<NamedFactory<Command>>asList(new 
> SftpSubsystemFactory()));
> I connect to the server with FileZilla.
> Upon connexion, the files in myRooDir correctly appear under the server path 
> '/'. But if I cd to '/c:/Windows/', the files in C:\Windows\ appear, escaping 
> the VFS root.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to