From 1ee08155dac77fb5a28f64e94df4dd6f7a7d3f3b Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Fri, 22 Jul 2016 19:50:51 -0400 Subject: [PATCH] lib: Modify 'banner motd file ' Modify the banner motd file X command to do these things differently: 1) Only allow the file to be in SYSCONFDIR 2) Only allow the user to use a file that exists. Signed-off-by: Donald Sharp Reviewed-by: Dinesh Dutt --- lib/command.c | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/lib/command.c b/lib/command.c index 34864e9d3f..eea4fc1960 100644 --- a/lib/command.c +++ b/lib/command.c @@ -3912,11 +3912,25 @@ DEFUN (no_config_log_timestamp_precision, int cmd_banner_motd_file (const char *file) { - if (host.motdfile) - XFREE (MTYPE_HOST, host.motdfile); - host.motdfile = XSTRDUP (MTYPE_HOST, file); + int success = CMD_SUCCESS; + char p[PATH_MAX]; + char *rpath; + char *in; + + rpath = realpath (file, p); + if (!rpath) + return CMD_ERR_NO_FILE; + in = strstr (rpath, SYSCONFDIR); + if (in == rpath) + { + if (host.motdfile) + XFREE (MTYPE_HOST, host.motdfile); + host.motdfile = XSTRDUP (MTYPE_HOST, file); + } + else + success = CMD_WARNING; - return CMD_SUCCESS; + return success; } DEFUN (banner_motd_file, @@ -3927,7 +3941,15 @@ DEFUN (banner_motd_file, "Banner from a file\n" "Filename\n") { - return cmd_banner_motd_file (argv[0]); + int cmd = cmd_banner_motd_file (argv[0]); + + if (cmd == CMD_ERR_NO_FILE) + vty_out (vty, "%s does not exist", argv[0]); + else if (cmd == CMD_WARNING) + vty_out (vty, "%s must be in %s", + argv[0], SYSCONFDIR); + + return cmd; } DEFUN (banner_motd_default, -- 2.39.5