From ed908b9868ced5506e47305b5c331883d19cb49a Mon Sep 17 00:00:00 2001 From: ed Date: Mon, 7 Jul 2025 08:35:41 +0000 Subject: [PATCH] usb-eject: support non-alphanumeric volume names until now, volumes with whitespace and such would fail to unmount also adds a sanchk that the directory to unmount is still below the expected parent after absreal; the path was already passed to gio in a safe manner (assuming gio doesn't have any vulns) but why risk it --- bin/hooks/usb-eject.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/bin/hooks/usb-eject.py b/bin/hooks/usb-eject.py index cc24f0c1..6bfd92a4 100644 --- a/bin/hooks/usb-eject.py +++ b/bin/hooks/usb-eject.py @@ -4,6 +4,7 @@ import os import stat import subprocess as sp import sys +from urllib.parse import unquote_to_bytes as unquote """ @@ -28,14 +29,17 @@ which does the following respectively, """ +MOUNT_BASE = b"/run/media/egon/" + + def main(): try: label = sys.argv[1].split(":usb-eject:")[1].split(":")[0] - mp = "/run/media/egon/" + label + mp = MOUNT_BASE + unquote(label) # print("ejecting [%s]... " % (mp,), end="") - mp = os.path.abspath(os.path.realpath(mp.encode("utf-8"))) + mp = os.path.abspath(os.path.realpath(mp)) st = os.lstat(mp) - if not stat.S_ISDIR(st.st_mode): + if not stat.S_ISDIR(st.st_mode) or not mp.startswith(MOUNT_BASE): raise Exception("not a regular directory") # if you're running copyparty as root (thx for the faith)