Function cap_primitives::fs::read_link_contents

source · 
pub fn read_link_contents(start: &File, path: &Path) -> Result<PathBuf>
Expand description

Perform a readlinkat-like operation, ensuring that the resolution of the link path never escapes the directory tree rooted at start.

Examples found in repository?
src/fs/read_link.rs (line 34)
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

pub fn read_link(start: &fs::File, path: &Path) -> io::Result<PathBuf> {
    // Call the underlying implementation.
    let result = read_link_contents(start, path);

    // Don't allow reading symlinks to absolute paths. This isn't strictly
    // necessary to preserve the sandbox, since `open` will refuse to follow
    // absolute paths in any case. However, it is useful to enforce this
    // restriction to avoid leaking information about the host filesystem
    // outside the sandbox.
    if let Ok(path) = &result {
        if path.has_root() {
            return Err(errors::escape_attempt());
        }
    }

    result
}