perm check: forbid undefined/empty ACL path

[pve-access-control.git] / src / PVE / RPCEnvironment.pm

diff --git a/src/PVE/RPCEnvironment.pm b/src/PVE/RPCEnvironment.pm
index e03974a4afb6a89abf328bd2f027d8f385018da8..0ee23460bd4ed153e271a32f4cbc401e087647fb 100644 (file)
--- a/src/PVE/RPCEnvironment.pm
+++ b/src/PVE/RPCEnvironment.pm
@@ -140,6 +140,12 @@ sub permissions {
        return { map { $_ => 1 } keys %{$cfg->{roles}->{'Administrator'}} };
     }
 
+    if (!defined($path)) {
+       # this shouldn't happen!
+       warn "internal error: ACL check called for undefined ACL path!\n";
+       return {};
+    }
+
     if (PVE::AccessControl::pve_verify_tokenid($user, 1)) {
        my ($username, $token) = PVE::AccessControl::split_tokenid($user);
        my $cfg = $self->{user_cfg};
@@ -439,8 +445,10 @@ sub exec_api2_perm_check {
            raise_perm_exc();
        }
        my $path = PVE::Tools::template_replace($tmplpath, $param);
-       $path = PVE::AccessControl::normalize_path($path);
-       return $self->check_full($username, $path, $privs, $any, $noerr);
+       my $normpath = PVE::AccessControl::normalize_path($path);
+       warn "Failed to normalize '$path'\n" if !defined($normpath) && defined($path);
+
+       return $self->check_full($username, $normpath, $privs, $any, $noerr);
     } elsif ($test eq 'userid-group') {
        my $userid = $param->{userid};
        my ($t, $privs, %options) = @$check;
@@ -490,6 +498,7 @@ sub exec_api2_perm_check {
        my ($t, $tmplpath) = @$check;
        my $path = PVE::Tools::template_replace($tmplpath, $param);
        $path = PVE::AccessControl::normalize_path($path);
+       return 0 if !defined($path); # should already die in API2::ACL
        return $self->check_perm_modify($username, $path, $noerr);
     } else {
        die "unknown permission test";