diff --git a/.gitignore b/.gitignore index 328a541..5e496a9 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,5 @@ devel/test.out.stdout devel/test.out.stderr devel/test_make_safe_uri devel/test_password_equal +devel/test_get_wwwroot_parent devel/tmp.httpd.tests diff --git a/darkhttpd.c b/darkhttpd.c index dab4fab..e34ffc7 100644 --- a/darkhttpd.c +++ b/darkhttpd.c @@ -2916,6 +2916,38 @@ static void pidfile_create(void) { } /* [<-] end of pidfile helpers. */ +/* In the --single-file case, wwwroot is a path to a file. + * Return the parent dir of the wwwroot and mutate the wwwroot + * to just the filename. Caller must free the return value. */ +char* get_wwwroot_parent() { + off_t ofs; + size_t len = strlen(wwwroot) + 1; + if (len == 1) return xstrdup("."); + char *path = xstrdup(wwwroot); + for (ofs = strlen(wwwroot); + (ofs >= 0) && (wwwroot[ofs] != '/'); + ofs--) + ; + /* wwwroot file is not in current directory */ + if (ofs >= 0) { + path[ofs + 1] = '\0'; + memmove(wwwroot, &wwwroot[ofs], len - ofs); + } else { + path[0] = '.'; + path[1] = '\0'; + } + return path; +} + +static void xchroot(const char *path) { + if (chdir(path) == -1) + err(1, "chdir(%s)", path); + if (chroot(path) == -1) + err(1, "chroot(%s)", path); + printf("chrooted to `%s'\n", path); +} + +/* chroot() into wwwroot. */ static void change_root(void) { #ifdef HAVE_NON_ROOT_CHROOT /* We run this even as root, which should never be a bad thing. */ @@ -2927,33 +2959,11 @@ static void change_root(void) { tzset(); /* read /etc/localtime before we chroot */ if (want_single_file) { - off_t ofs; - size_t len = strlen(wwwroot) + 1; - char *path = xstrdup(wwwroot); - for (ofs = strlen(wwwroot); - (ofs >= 0) && (wwwroot[ofs] != '/'); - ofs--) - ; - /* wwwroot file is not in current directory */ - if (ofs >= 0) { - path[ofs + 1] = '\0'; - if (chdir(path) == -1) - err(1, "chdir(%s)", path); - memmove(wwwroot, &wwwroot[ofs], len - ofs); - } else { - path[0] = '.'; - path[1] = '\0'; - } - if (chroot(path) == -1) - err(1, "chroot(%s)", path); - printf("chrooted to `%s'\n", path); + char *path = get_wwwroot_parent(); + xchroot(path); free(path); } else { - if (chdir(wwwroot) == -1) - err(1, "chdir(%s)", wwwroot); - if (chroot(wwwroot) == -1) - err(1, "chroot(%s)", wwwroot); - printf("chrooted to `%s'\n", wwwroot); + xchroot(wwwroot); wwwroot[0] = '\0'; /* empty string */ } } diff --git a/devel/Makefile b/devel/Makefile index ae1e45c..d0e7c4f 100644 --- a/devel/Makefile +++ b/devel/Makefile @@ -9,6 +9,12 @@ clean: test.pyc \ test_make_safe_uri \ test_password_equal \ - a.out darkhttpd.gcda darkhttpd.gcno \ - fuzz_darkhttpd.o fuzz_llvm_make_safe_uri fuzz_socket + test_get_wwwroot_parent \ + a.out \ + darkhttpd.gcda \ + darkhttpd.gcno \ + fuzz_darkhttpd.o \ + fuzz_llvm_make_safe_uri \ + fuzz_socket \ + fuzz_get_wwwroot_parent rm -rf tmp.fuzz tmp.httpd.tests diff --git a/devel/fuzz_get_wwwroot_parent.c b/devel/fuzz_get_wwwroot_parent.c new file mode 100644 index 0000000..f20c6c5 --- /dev/null +++ b/devel/fuzz_get_wwwroot_parent.c @@ -0,0 +1,20 @@ +#define main darkhttpd_main +#include "../darkhttpd.c" +#undef main + +char* sdup(const uint8_t *data, size_t size) { + char *buf = malloc(size + 1); + memcpy(buf, data, size); + buf[size] = 0; + return buf; +} + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + wwwroot = sdup(data, size); + char *path = get_wwwroot_parent(); + free(path); + free(wwwroot); + return 0; +} + +/* vim:set ts=2 sw=2 sts=2 expandtab tw=78: */ diff --git a/devel/fuzz_get_wwwroot_parent.sh b/devel/fuzz_get_wwwroot_parent.sh new file mode 100755 index 0000000..f2d331a --- /dev/null +++ b/devel/fuzz_get_wwwroot_parent.sh @@ -0,0 +1,6 @@ +#!/bin/bash -e +set -x +clang -g -O -fsanitize=fuzzer,address \ + fuzz_get_wwwroot_parent.c -o fuzz_get_wwwroot_parent +mkdir -p fuzz_get_wwwroot_parent_testcases +./fuzz_get_wwwroot_parent -only_ascii=1 $* fuzz_get_wwwroot_parent_testcases/ diff --git a/devel/run-tests b/devel/run-tests index 847780f..bd17561 100755 --- a/devel/run-tests +++ b/devel/run-tests @@ -196,6 +196,14 @@ if ./test_password_equal | egrep '^FAIL:'; then exit 1 fi +echo "===> test_get_wwwroot_parent" +$CC -g -O2 -fsanitize=address -fsanitize=undefined \ + test_get_wwwroot_parent.c -o test_get_wwwroot_parent | exit 1 +if ./test_get_wwwroot_parent | egrep '^FAIL:'; then + echo test_get_wwwroot_parent failed >&2 + exit 1 +fi + # Check that the code builds with various defines. echo "===> building without -DDEBUG" $CC -O2 -Wall ../darkhttpd.c || exit 1 @@ -239,7 +247,7 @@ $CC -g -O2 -fprofile-arcs -ftest-coverage -fsanitize=address \ exit 1 } echo "===> generating report" -gcov darkhttpd +gcov a-darkhttpd chmod 755 $DIR/forbidden chmod 755 $DIR/unreadable rm -rf $DIR diff --git a/devel/test_get_wwwroot_parent.c b/devel/test_get_wwwroot_parent.c new file mode 100644 index 0000000..54a997e --- /dev/null +++ b/devel/test_get_wwwroot_parent.c @@ -0,0 +1,29 @@ +#define main _main_disabled_ +#include "../darkhttpd.c" +#undef main + +static void test(const char* input_wwwroot, const char* expected_path, + const char* expected_wwwroot) { + wwwroot = xstrdup(input_wwwroot); + char* path = get_wwwroot_parent(); + int pass = (strcmp(path, expected_path) == 0) && + (strcmp(wwwroot, expected_wwwroot) == 0); + printf("%s: \"%s\" -> \"%s\" : \"%s\"", pass ? "PASS" : "FAIL", input_wwwroot, + path, wwwroot); + if (!pass) { + printf(" (expected \"%s\" : \"%s\")", expected_path, expected_wwwroot); + } + printf("\n"); + free(path); + free(wwwroot); +} + +int main(void) { + test("", ".", ""); + test(".", ".", "."); + test("dir/file", "dir/", "/file"); + test("./a/b/c", "./a/b/", "/c"); + return 0; +} + +/* vim:set tabstop=4 shiftwidth=4 expandtab tw=78: */