From 8bf842050e83c33ad08789219ea62b8ace33de88 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 19 Apr 2017 16:59:03 +0100 Subject: Support --allow-paths in the CLI --- Changelog.md | 2 ++ docs/using-the-compiler.rst | 2 ++ solc/CommandLineInterface.cpp | 16 +++++++++++++++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index 7142655b..cd985917 100644 --- a/Changelog.md +++ b/Changelog.md @@ -2,6 +2,8 @@ Features: * Support ``interface`` contracts. + * Commandline interface: Support ``--allow-paths`` to define trusted import paths. Note: the + path(s) of the supplied source file(s) is always trusted. Bugfixes: * Type system: Contract inheriting from base with unimplemented constructor should be abstract. diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index e1c63265..1cc1f2b8 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -29,6 +29,8 @@ files reside, so things like ``import "/etc/passwd";`` only work if you add ``=/ If there are multiple matches due to remappings, the one with the longest common prefix is selected. +For security reasons the compiler has restrictions what directories it can access. Paths (and their subdirectories) of source files specified on the commandline and paths defined by remappings are allowed for import statements, but everything else is rejected. Additional paths (and their subdirectories) can be allowed via the ``--allow-paths /sample/path,/another/sample/path`` switch. + If your contracts use :ref:`libraries `, you will notice that the bytecode contains substrings of the form ``__LibraryName______``. You can use ``solc`` as a linker meaning that it will insert the library addresses for you at those points: Either add ``--libraries "Math:0x12345678901234567890 Heap:0xabcdef0123456"`` to your command to provide an address for each library or store the string in a file (one library per line) and run ``solc`` using ``--libraries fileName``. diff --git a/solc/CommandLineInterface.cpp b/solc/CommandLineInterface.cpp index 947a2004..76102b53 100644 --- a/solc/CommandLineInterface.cpp +++ b/solc/CommandLineInterface.cpp @@ -102,6 +102,7 @@ static string const g_strSrcMapRuntime = "srcmap-runtime"; static string const g_strVersion = "version"; static string const g_stdinFileNameStr = ""; static string const g_strMetadataLiteral = "metadata-literal"; +static string const g_strAllowPaths = "allow-paths"; static string const g_argAbi = g_strAbi; static string const g_argAddStandard = g_strAddStandard; @@ -131,6 +132,7 @@ static string const g_argSignatureHashes = g_strSignatureHashes; static string const g_argVersion = g_strVersion; static string const g_stdinFileName = g_stdinFileNameStr; static string const g_argMetadataLiteral = g_strMetadataLiteral; +static string const g_argAllowPaths = g_strAllowPaths; /// Possible arguments to for --combined-json static set const g_combinedJsonArgs{ @@ -533,7 +535,12 @@ Allowed options)", "Switch to linker mode, ignoring all options apart from --libraries " "and modify binaries in place." ) - (g_argMetadataLiteral.c_str(), "Store referenced sources are literal data in the metadata output."); + (g_argMetadataLiteral.c_str(), "Store referenced sources are literal data in the metadata output.") + ( + g_argAllowPaths.c_str(), + po::value()->value_name("path(s)"), + "Allow a given path for imports. A list of paths can be supplied by separating them with a comma." + ); po::options_description outputComponents("Output Components"); outputComponents.add_options() (g_argAst.c_str(), "AST of all source files.") @@ -601,6 +608,13 @@ Allowed options)", bool CommandLineInterface::processInput() { + if (m_args.count(g_argAllowPaths)) + { + vector paths; + for (string const& path: boost::split(paths, m_args[g_argAllowPaths].as(), boost::is_any_of(","))) + m_allowedDirectories.push_back(boost::filesystem::path(path)); + } + readInputFilesAndConfigureRemappings(); if (m_args.count(g_argLibraries)) -- cgit