dnsmasq: gate configdir usage behind absolute path check

don't use configuration directories which are relative

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/14975
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

1 files changed, 13 insertions, 10 deletions

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index 451cb674f8..b864ea9069 100755
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -1147,16 +1147,19 @@ dnsmasq_start()
 
 	# Create a dnsmasq.d dir for each instance
 	config_get dnsmasqconfdir "$cfg" confdir "/tmp/dnsmasq${cfg:+.$cfg}.d"
-	xappend "--conf-dir=$dnsmasqconfdir"
-	dnsmasqconfdir="${dnsmasqconfdir%%,*}"
-	[ ! -d "$dnsmasqconfdir" ] && mkdir -p "$dnsmasqconfdir"
-	xappend "--user=dnsmasq"
-	xappend "--group=dnsmasq"
-	echo >> "$CONFIGFILE_TMP"
-
-	# EXTRACONFFILE allows new dnsmasq parameters before they are natively handled in this init file
-	config_get extraconftext "$cfg" extraconftext
-	[ -n "$extraconftext" ] && echo -e "$extraconftext" > "$dnsmasqconfdir"/"$EXTRACONFFILE"
+	# Ensure dnsmasqconfdir is an absolute path
+	[ "${dnsmasqconfdir:0:1}" = '/' ] && {
+		xappend "--conf-dir=$dnsmasqconfdir"
+		dnsmasqconfdir="${dnsmasqconfdir%%,*}"
+		[ ! -d "$dnsmasqconfdir" ] && mkdir -p "$dnsmasqconfdir"
+		xappend "--user=dnsmasq"
+		xappend "--group=dnsmasq"
+		echo >> "$CONFIGFILE_TMP"
+
+		# EXTRACONFFILE allows new dnsmasq parameters before they are natively handled in this init file
+		config_get extraconftext "$cfg" extraconftext
+		[ -n "$extraconftext" ] && echo -e "$extraconftext" > "$dnsmasqconfdir"/"$EXTRACONFFILE"
+	}
 
 	config_get_bool enable_tftp "$cfg" enable_tftp 0
 	[ "$enable_tftp" -gt 0 ] && {