From 7ba2bd4e252da0bd3337056edc46b7ef8404d476 Mon Sep 17 00:00:00 2001 From: Alex Kenion Date: Tue, 5 Dec 2023 08:24:50 -0500 Subject: [PATCH 1/2] Fixed issue where symlink loop detection considered all symlinks to be loops --- wordfence/scanning/scanner.py | 4 ++-- wordfence/util/io.py | 25 ++++++++++++++++++++++++- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/wordfence/scanning/scanner.py b/wordfence/scanning/scanner.py index c227f5ba..ddd57c15 100644 --- a/wordfence/scanning/scanner.py +++ b/wordfence/scanning/scanner.py @@ -13,7 +13,7 @@ from .matching import Matcher, RegexMatcher from .filtering import FileFilter, filter_any from ..util import timing -from ..util.io import StreamReader +from ..util.io import StreamReader, is_same_file from ..util.pcre import PcreOptions, PCRE_DEFAULT_OPTIONS, PcreJitStack from ..util.units import scale_byte_unit from ..intel.signatures import SignatureSet @@ -140,7 +140,7 @@ def __init__( def _is_loop(self, path: str, parents: Optional[List[str]] = None) -> bool: realpath = os.path.realpath(path) try: - if os.path.samefile(path, realpath): + if is_same_file(path, realpath): log.warning( f'Symlink pointing to itself detected at {path}' ) diff --git a/wordfence/util/io.py b/wordfence/util/io.py index 13d9b420..fba9ed70 100644 --- a/wordfence/util/io.py +++ b/wordfence/util/io.py @@ -1,7 +1,7 @@ import fcntl import os from typing import Optional, IO, TextIO, Generator -from enum import IntEnum +from enum import Enum, IntEnum class IoException(Exception): @@ -112,3 +112,26 @@ def ensure_file_is_writable( return path else: return ensure_directory_is_writable(os.path.dirname(path)) + + +class PathType(Enum): + FILE = 'file', + DIRECTORY = 'directory', + LINK = 'link' + + +def get_path_type(path: str) -> PathType: + if os.path.islink(path): + return PathType.LINK + elif os.path.isdir(path): + return PathType.DIRECTORY + else: + return PathType.FILE + + +def is_same_file(path: str, other: str) -> bool: + type = get_path_type(path) + other_type = get_path_type(other) + if type is not other_type: + return False + return os.path.samefile(path, other) From a50688a24f8f40c6bd0cff9811e24ee1662db351 Mon Sep 17 00:00:00 2001 From: Alex Kenion Date: Tue, 5 Dec 2023 08:28:14 -0500 Subject: [PATCH 2/2] Corrected indentation --- wordfence/util/io.py | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/wordfence/util/io.py b/wordfence/util/io.py index fba9ed70..27ae6ec5 100644 --- a/wordfence/util/io.py +++ b/wordfence/util/io.py @@ -115,23 +115,23 @@ def ensure_file_is_writable( class PathType(Enum): - FILE = 'file', - DIRECTORY = 'directory', - LINK = 'link' + FILE = 'file', + DIRECTORY = 'directory', + LINK = 'link' def get_path_type(path: str) -> PathType: - if os.path.islink(path): - return PathType.LINK - elif os.path.isdir(path): - return PathType.DIRECTORY - else: - return PathType.FILE + if os.path.islink(path): + return PathType.LINK + elif os.path.isdir(path): + return PathType.DIRECTORY + else: + return PathType.FILE def is_same_file(path: str, other: str) -> bool: - type = get_path_type(path) - other_type = get_path_type(other) - if type is not other_type: - return False - return os.path.samefile(path, other) + type = get_path_type(path) + other_type = get_path_type(other) + if type is not other_type: + return False + return os.path.samefile(path, other)