Forbid cyclic symlinks

nextcloud · Jan 3, 2021 · 3e5f43e · 3e5f43e
1 parent 7fc952c
commit 3e5f43e
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php
@@ -453,7 +453,9 @@ public function getSourcePath($path) {
 		}
 		$pathToResolve = $fullPath;
 		$realPath = realpath($pathToResolve);
+		$fileExists = true;
 		while ($realPath === false) { // for non existing files check the parent directory
+			$fileExists = false;
 			$currentPath = dirname($currentPath);
 			if ($currentPath === '' || $currentPath === '.') {
 				return $fullPath;
@@ -463,11 +465,14 @@ public function getSourcePath($path) {
 		if ($realPath) {
 			$realPath = $realPath . '/';
 		}
-		if (substr($realPath, 0, $this->dataDirLength) === $this->realDataDir) {
+		if ($fileExists && substr($fullPath, 0, strlen($realPath)) === $realPath) {
+			\OCP\Util::writeLog('core', "Cyclic symlinks are not allowed ('$fullPath' -> '$realPath')", ILogger::ERROR);
+		} else if (substr($realPath, 0, $this->dataDirLength) === $this->realDataDir) {
 			return $fullPath;
+		} else {
+			\OCP\Util::writeLog('core', "Following symlinks is not allowed ('$fullPath' -> '$realPath' not inside '{$this->realDataDir}')", ILogger::ERROR);
 		}
 
-		\OCP\Util::writeLog('core', "Following symlinks is not allowed ('$fullPath' -> '$realPath' not inside '{$this->realDataDir}')", ILogger::ERROR);
 		throw new ForbiddenException('Following symlinks is not allowed', false);
 	}