From 3407269ba593aec49583d036ff1f8745bde330dc Mon Sep 17 00:00:00 2001 From: Paul Donald Date: Sun, 7 Apr 2024 14:23:57 +0200 Subject: [PATCH] dnsmasq: gate configdir usage behind absolute path check don't use configuration directories which are relative Signed-off-by: Paul Donald Link: https://github.com/openwrt/openwrt/pull/14975 Signed-off-by: Hauke Mehrtens --- .../services/dnsmasq/files/dnsmasq.init | 23 +++++++++++-------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init index 451cb674f8..b864ea9069 100755 --- a/package/network/services/dnsmasq/files/dnsmasq.init +++ b/package/network/services/dnsmasq/files/dnsmasq.init @@ -1147,16 +1147,19 @@ dnsmasq_start() # Create a dnsmasq.d dir for each instance config_get dnsmasqconfdir "$cfg" confdir "/tmp/dnsmasq${cfg:+.$cfg}.d" - xappend "--conf-dir=$dnsmasqconfdir" - dnsmasqconfdir="${dnsmasqconfdir%%,*}" - [ ! -d "$dnsmasqconfdir" ] && mkdir -p "$dnsmasqconfdir" - xappend "--user=dnsmasq" - xappend "--group=dnsmasq" - echo >> "$CONFIGFILE_TMP" - - # EXTRACONFFILE allows new dnsmasq parameters before they are natively handled in this init file - config_get extraconftext "$cfg" extraconftext - [ -n "$extraconftext" ] && echo -e "$extraconftext" > "$dnsmasqconfdir"/"$EXTRACONFFILE" + # Ensure dnsmasqconfdir is an absolute path + [ "${dnsmasqconfdir:0:1}" = '/' ] && { + xappend "--conf-dir=$dnsmasqconfdir" + dnsmasqconfdir="${dnsmasqconfdir%%,*}" + [ ! -d "$dnsmasqconfdir" ] && mkdir -p "$dnsmasqconfdir" + xappend "--user=dnsmasq" + xappend "--group=dnsmasq" + echo >> "$CONFIGFILE_TMP" + + # EXTRACONFFILE allows new dnsmasq parameters before they are natively handled in this init file + config_get extraconftext "$cfg" extraconftext + [ -n "$extraconftext" ] && echo -e "$extraconftext" > "$dnsmasqconfdir"/"$EXTRACONFFILE" + } config_get_bool enable_tftp "$cfg" enable_tftp 0 [ "$enable_tftp" -gt 0 ] && { -- 2.30.2