aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2020-06-07 16:24:47 +0200
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2020-06-07 17:23:51 +0200
commitb96c4240ae6bddb4c929115cbd7d31698d72a5f7 (patch)
treefdc7ad8430ff533bc6cb0c90dcfdebfa3a3b75cb
parent34c90905d87e8bb9fe017ac2a514cdd33a17ea63 (diff)
Replace assert with propper error handling in rdsquashfs describe
If a SquashFS archive contains file names with '..', '/' or similar nonsense in them, the unpacking code already refuses to process them, but the 'describe' code path simply triggers an assert that might not be there if the binary was compiled with NDEBUG defined. This commit replaces the assert with propper error handling that also reports on why things are failing and adds an additional check in the describe_tree function that tests if the file name is sane. Reported-by: Zachary Dremann <dremann@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
-rw-r--r--CHANGELOG.md2
-rw-r--r--bin/rdsquashfs/describe.c14
2 files changed, 13 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0c9777b..c1d944e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -29,6 +29,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Actually set the ZSTD compression level to something greater than 0
- Only add Selinux compile flags if WITH_SELINUX is set. Fixes Mingw cross build
on Fedora.
+- Make `rdsquashfs` describe mode terminate with an error message if an illegal
+ filename is encountered.
## [0.9.1] - 2020-05-03
### Added
diff --git a/bin/rdsquashfs/describe.c b/bin/rdsquashfs/describe.c
index d30f844..924bedc 100644
--- a/bin/rdsquashfs/describe.c
+++ b/bin/rdsquashfs/describe.c
@@ -9,15 +9,17 @@
static int print_name(const sqfs_tree_node_t *n)
{
char *start, *ptr, *name = sqfs_tree_node_get_path(n);
- int ret;
if (name == NULL) {
perror("Recovering file path of tree node");
return -1;
}
- ret = canonicalize_name(name);
- assert(ret == 0);
+ if (canonicalize_name(name) != 0) {
+ fprintf(stderr, "Error sanitizing file path '%s'\n", name);
+ free(name);
+ return -1;
+ }
if (strchr(name, ' ') == NULL && strchr(name, '"') == NULL) {
fputs(name, stdout);
@@ -70,6 +72,12 @@ int describe_tree(const sqfs_tree_node_t *root, const char *unpack_root)
{
const sqfs_tree_node_t *n;
+ if (!is_filename_sane((const char *)root->name, false)) {
+ fprintf(stderr, "Encountered illegal file name '%s'\n",
+ root->name);
+ return -1;
+ }
+
switch (root->inode->base.mode & S_IFMT) {
case S_IFSOCK:
return print_simple("sock", root, NULL);