Skip to content

Commit

Permalink
block /data/data/pkg path in sufile
Browse files Browse the repository at this point in the history
  • Loading branch information
DerGoogler committed Aug 18, 2024
1 parent 1f243db commit 6d38bb2
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions src/native/SuFile.ts
Original file line number Diff line number Diff line change
Expand Up @@ -66,18 +66,27 @@ class SuFile extends Native<NativeSuFile> {
public static readonly TYPE_ISSOCKET = 6;
public static readonly TYPE_ISHIDDEN = 7;

private readonly _restrictedPaths = [/(\/data\/data\/(.+)\/?|(\/storage\/emulated\/0|\/sdcard)\/Android\/(data|media|obb)(.+)?)\/?/i];

public constructor(path: string, opt?: SuFileoptions) {
super(window.__sufile__);
this._readDefaultValue = opt?.readDefaultValue || "";

if (typeof path !== "string") throw new TypeError("Path name isn't a string");
if (this._isRestrictedPath(path)) {
throw new Error(`SuFile tried to access "${path}" which has been blocked due security.`);
}

this._path = path;
if (this.isAndroid) {
this._file = this.interface.v2.bind(this.interface)(path);
}
}

private _isRestrictedPath(path: string): boolean {
return this._restrictedPaths.some((restrictedPath) => restrictedPath.test(path));
}

public getPath(): string {
return this._path;
}
Expand Down

0 comments on commit 6d38bb2

Please sign in to comment.