diff --git a/src/basic/path-util.c b/src/basic/path-util.c index f5f506ccf57..fbf69d12eb9 100644 --- a/src/basic/path-util.c +++ b/src/basic/path-util.c @@ -90,6 +90,24 @@ char *path_make_absolute(const char *p, const char *prefix) { return strjoin(prefix, "/", p); } +int safe_getcwd(char **ret) { + char *cwd; + + cwd = get_current_dir_name(); + if (!cwd) + return negative_errno(); + + /* Let's make sure the directory is really absolute, to protect us from the logic behind + * CVE-2018-1000001 */ + if (cwd[0] != '/') { + free(cwd); + return -ENOMEDIUM; + } + + *ret = cwd; + return 0; +} + int path_make_absolute_cwd(const char *p, char **ret) { char *c; diff --git a/src/basic/path-util.h b/src/basic/path-util.h index f79cdf928ec..89c285e0768 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -41,6 +41,7 @@ bool is_path(const char *p) _pure_; int path_split_and_make_absolute(const char *p, char ***ret); bool path_is_absolute(const char *p) _pure_; char* path_make_absolute(const char *p, const char *prefix); +int safe_getcwd(char **ret); int path_make_absolute_cwd(const char *p, char **ret); int path_make_relative(const char *from_dir, const char *to_path, char **_r); char* path_kill_slashes(char *path);