From 024d53f686a3fd1a1f701acba907f2e9682f9d76 Mon Sep 17 00:00:00 2001
From: bergware <bergware@users.noreply.github.com>
Date: Sat, 22 Jan 2022 12:16:22 +0100
Subject: [PATCH] Validate destination of VirtIO ISO downloads

---
 plugins/dynamix.vm.manager/include/VMajax.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/plugins/dynamix.vm.manager/include/VMajax.php b/plugins/dynamix.vm.manager/include/VMajax.php
index 8b2a77e2e..6f70eb2b2 100644
--- a/plugins/dynamix.vm.manager/include/VMajax.php
+++ b/plugins/dynamix.vm.manager/include/VMajax.php
@@ -427,6 +427,8 @@ case 'virtio-win-iso-download':
 		$arrResponse = ['error' => _('Specify a ISO storage path first')];
 	} elseif (!is_dir($_REQUEST['download_path'])) {
 		$arrResponse = ['error' => _("ISO storage path doesn't exist, please create the user share (or empty folder) first")];
+	} elseif (substr(realpath($_REQUEST['download_path'])?:'',0,5) != '/mnt/') {
+		$arrResponse = ['error' => _('Invalid storage path')];
 	} else {
 		@mkdir($_REQUEST['download_path'], 0777, true);
 		$_REQUEST['download_path'] = realpath($_REQUEST['download_path']).'/';