From b30fad4a49b911577c0c04ef9dadaf7ea0617b28 Mon Sep 17 00:00:00 2001
From: Alex Beregszaszi <alex@rtfs.hu>
Date: Thu, 20 Apr 2017 20:01:17 +0100
Subject: Check for path permissions before opening file in the CLI file reader

---
 solc/CommandLineInterface.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'solc')

diff --git a/solc/CommandLineInterface.cpp b/solc/CommandLineInterface.cpp
index 76102b53..d115d5ab 100644
--- a/solc/CommandLineInterface.cpp
+++ b/solc/CommandLineInterface.cpp
@@ -638,8 +638,6 @@ bool CommandLineInterface::processInput()
 	ReadFile::Callback fileReader = [this](string const& _path)
 	{
 		auto path = boost::filesystem::path(_path);
-		if (!boost::filesystem::exists(path))
-			return ReadFile::Result{false, "File not found."};
 		auto canonicalPath = boost::filesystem::canonical(path);
 		bool isAllowed = false;
 		for (auto const& allowedDir: m_allowedDirectories)
@@ -656,6 +654,8 @@ bool CommandLineInterface::processInput()
 		}
 		if (!isAllowed)
 			return ReadFile::Result{false, "File outside of allowed directories."};
+		else if (!boost::filesystem::exists(path))
+			return ReadFile::Result{false, "File not found."};
 		else if (!boost::filesystem::is_regular_file(canonicalPath))
 			return ReadFile::Result{false, "Not a valid file."};
 		else
-- 
cgit v1.2.3