From: k4.rahul <rahul.k4@tataelxsi.co.in>
Date: Fri, 5 May 2023 08:54:31 +0000 (+0530)
Subject: Coverity-CWE 22: Improper Limitation of a Pathname to a Restricted Directory ('Path... 
X-Git-Tag: release-v16.0-start~13
X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;ds=sidebyside;h=443060724b85062cbc1f79d4264db4343953d19a;p=osm%2FLCM.git

Coverity-CWE 22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Coverity fix for 137960 Filesystem path, filename, or URI manipulation

Change-Id: Ieaa291ced268216361d865427100fd48bd39ed5a
Signed-off-by: k4.rahul <rahul.k4@tataelxsi.co.in>
---

diff --git a/osm_lcm/lcm.py b/osm_lcm/lcm.py
index 9b62d82..f8a97ae 100644
--- a/osm_lcm/lcm.py
+++ b/osm_lcm/lcm.py
@@ -21,6 +21,7 @@
 # DEBUG WITH PDB
 import pdb
 
+import os
 import asyncio
 import yaml
 import logging
@@ -880,6 +881,7 @@ if __name__ == "__main__":
                     file=sys.stderr,
                 )
                 exit(1)
+        config_file = os.path.realpath(os.path.normpath(os.path.abspath(config_file)))
         lcm = Lcm(config_file)
         asyncio.run(lcm.start())
     except (LcmException, getopt.GetoptError) as e: