diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_whitelist.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index 1092268f9..829636b9c 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -303,7 +303,9 @@ static void whitelist_path(ProfileEntry *entry) { | |||
303 | 303 | ||
304 | // confirm the file was mounted on the right target | 304 | // confirm the file was mounted on the right target |
305 | // strcmp does not work here, because mptr->dir can be a child mount | 305 | // strcmp does not work here, because mptr->dir can be a child mount |
306 | if (strncmp(mptr->dir, path, strlen(path)) != 0) | 306 | size_t path_len = strlen(path); |
307 | if (strncmp(mptr->dir, path, path_len) != 0 || | ||
308 | (*(mptr->dir + path_len) != '\0' && *(mptr->dir + path_len) != '/')) | ||
307 | errLogExit("invalid whitelist mount"); | 309 | errLogExit("invalid whitelist mount"); |
308 | // No mounts are allowed on top level directories. A destination such as "/etc" is very bad! | 310 | // No mounts are allowed on top level directories. A destination such as "/etc" is very bad! |
309 | // - there should be more than one '/' char in dest string | 311 | // - there should be more than one '/' char in dest string |
@@ -326,8 +328,6 @@ static void whitelist_path(ProfileEntry *entry) { | |||
326 | 328 | ||
327 | 329 | ||
328 | void fs_whitelist(void) { | 330 | void fs_whitelist(void) { |
329 | char *homedir = cfg.homedir; | ||
330 | assert(homedir); | ||
331 | ProfileEntry *entry = cfg.profile; | 331 | ProfileEntry *entry = cfg.profile; |
332 | if (!entry) | 332 | if (!entry) |
333 | return; | 333 | return; |