Menu

Commit [2a5e3d]  Maximize  Restore  History

Security: don't allow FGLogger to overwrite arbitrary files

Since the paths of files overwritten by FGLogger come from the property
tree[1], they must be validated before we decide to write to these
files.

[1] Except for the "empty" case, which uses the default name
'fg_log.csv'. This file is deemed acceptable to overwrite in the
current directory, as the name is completely fixed and clearly
FG-specific.

Florent Rougon Florent Rougon 2017-08-26

changed src/Main/logger.cxx
changed src/Main/logger.hxx
src/Main/logger.cxx Diff Switch to side-by-side view
Loading...
src/Main/logger.hxx Diff Switch to side-by-side view
Loading...