diff options
Diffstat (limited to 'safepath.c')
| -rw-r--r-- | safepath.c | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -377,6 +377,15 @@ int safepath_check(const char *name) goto free_out; } + /* A symlink with a link count > 1 is suspicious; it looks like a + * hard link attack: an attacker hard linking a symlink into a + * /tmp-like directory. + */ + if (st.st_nlink > 1) { + ret = SAFEPATH_UNSAFE; + goto free_out; + } + if ((len = readlink(copy, link, sizeof link)) < 0) { ret = safepath_err(errno); goto free_out; |