From c15cb6cc7ac68e539dd3969e614be52e9a943ec7 Mon Sep 17 00:00:00 2001
From: Daniel Kirchner <daniel@ekpyron.org>
Date: Thu, 5 Apr 2018 14:25:14 +0200
Subject: Prevent information about file existence outside the allowed paths to
 leak by mimicing boost::filesystem::weakly_canonical.

---
 solc/CommandLineInterface.cpp | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'solc')

diff --git a/solc/CommandLineInterface.cpp b/solc/CommandLineInterface.cpp
index 93203de6..4da394b2 100644
--- a/solc/CommandLineInterface.cpp
+++ b/solc/CommandLineInterface.cpp
@@ -700,13 +700,7 @@ bool CommandLineInterface::processInput()
 		try
 		{
 			auto path = boost::filesystem::path(_path);
-			if (!boost::filesystem::exists(path))
-				return ReadCallback::Result{false, "File not found."};
-
-			auto canonicalPath = boost::filesystem::canonical(path);
-			if (!boost::filesystem::is_regular_file(canonicalPath))
-				return ReadCallback::Result{false, "Not a valid file."};
-
+			auto canonicalPath = weaklyCanonicalFilesystemPath(path);
 			bool isAllowed = false;
 			for (auto const& allowedDir: m_allowedDirectories)
 			{
@@ -723,6 +717,12 @@ bool CommandLineInterface::processInput()
 			if (!isAllowed)
 				return ReadCallback::Result{false, "File outside of allowed directories."};
 
+			if (!boost::filesystem::exists(canonicalPath))
+				return ReadCallback::Result{false, "File not found."};
+
+			if (!boost::filesystem::is_regular_file(canonicalPath))
+				return ReadCallback::Result{false, "Not a valid file."};
+
 			auto contents = dev::readFileAsString(canonicalPath.string());
 			m_sourceCodes[path.string()] = contents;
 			return ReadCallback::Result{true, contents};
-- 
cgit v1.2.3