From abdd060be59da6ebe6ecf17d229cd9df21acc285 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 20 Mar 2016 09:08:53 -0400
Subject: fixed problem with .asoundrc symbolic link

---
 src/firejail/fs_home.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index 8a3484b06..d4a16da0a 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -162,10 +162,19 @@ static int store_asoundrc(void) {
 		errExit("asprintf");
 	
 	struct stat s;
-	if (stat(src, &s) == 0) {	
+	if (stat(src, &s) == 0) {
 		if (is_link(src)) {
-			fprintf(stderr, "Error: invalid .asoundrc file\n");
-			exit(1);
+			// make sure the real path of the file is inside the home directory
+			char* rp = realpath(src, NULL);
+			if (!rp) {
+				fprintf(stderr, "Error: Cannot access %s\n", src);
+				exit(1);
+			}
+			if (strncmp(rp, cfg.homedir, strlen(cfg.homedir)) != 0) {
+				fprintf(stderr, "Error: .asoundrc is a symbolic link pointing to a file outside home directory\n");
+				exit(1);
+			}
+			free(rp);
 		}
 
 		int rv = copy_file(src, dest);
-- 
cgit v1.2.3-54-g00ecf