diff options
| author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2020-06-07 16:24:47 +0200 |
|---|---|---|
| committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2020-06-07 17:23:51 +0200 |
| commit | b96c4240ae6bddb4c929115cbd7d31698d72a5f7 (patch) | |
| tree | fdc7ad8430ff533bc6cb0c90dcfdebfa3a3b75cb | |
| parent | 34c90905d87e8bb9fe017ac2a514cdd33a17ea63 (diff) | |
Replace assert with propper error handling in rdsquashfs describe
If a SquashFS archive contains file names with '..', '/' or similar
nonsense in them, the unpacking code already refuses to process them,
but the 'describe' code path simply triggers an assert that might not
be there if the binary was compiled with NDEBUG defined.
This commit replaces the assert with propper error handling that also
reports on why things are failing and adds an additional check in the
describe_tree function that tests if the file name is sane.
Reported-by: Zachary Dremann <dremann@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
| -rw-r--r-- | CHANGELOG.md | 2 | ||||
| -rw-r--r-- | bin/rdsquashfs/describe.c | 14 |
2 files changed, 13 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0c9777b..c1d944e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,6 +29,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Actually set the ZSTD compression level to something greater than 0 - Only add Selinux compile flags if WITH_SELINUX is set. Fixes Mingw cross build on Fedora. +- Make `rdsquashfs` describe mode terminate with an error message if an illegal + filename is encountered. ## [0.9.1] - 2020-05-03 ### Added diff --git a/bin/rdsquashfs/describe.c b/bin/rdsquashfs/describe.c index d30f844..924bedc 100644 --- a/bin/rdsquashfs/describe.c +++ b/bin/rdsquashfs/describe.c @@ -9,15 +9,17 @@ static int print_name(const sqfs_tree_node_t *n) { char *start, *ptr, *name = sqfs_tree_node_get_path(n); - int ret; if (name == NULL) { perror("Recovering file path of tree node"); return -1; } - ret = canonicalize_name(name); - assert(ret == 0); + if (canonicalize_name(name) != 0) { + fprintf(stderr, "Error sanitizing file path '%s'\n", name); + free(name); + return -1; + } if (strchr(name, ' ') == NULL && strchr(name, '"') == NULL) { fputs(name, stdout); @@ -70,6 +72,12 @@ int describe_tree(const sqfs_tree_node_t *root, const char *unpack_root) { const sqfs_tree_node_t *n; + if (!is_filename_sane((const char *)root->name, false)) { + fprintf(stderr, "Encountered illegal file name '%s'\n", + root->name); + return -1; + } + switch (root->inode->base.mode & S_IFMT) { case S_IFSOCK: return print_simple("sock", root, NULL); |