Do an explicit "is filename sane" check

Until now, filenames containing '/' or being equal to '..' or '.' where
not handled explicitly, because they are canonicalized later, which
will then fail.

This commit adds an explicit check to make those fail immediately with
a clear, specific error message.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>

2 files changed, 27 insertions, 0 deletions

diff --git a/lib/common/Makemodule.am b/lib/common/Makemodule.am
index db366af..4f4562b 100644
--- a/lib/common/Makemodule.am
+++ b/lib/common/Makemodule.am
@@ -6,5 +6,6 @@ libcommon_a_SOURCES += lib/common/data_writer.c include/common.h
 libcommon_a_SOURCES += lib/common/get_path.c lib/common/io_stdin.c
 libcommon_a_SOURCES += lib/common/writer.c lib/common/perror.c
 libcommon_a_SOURCES += lib/common/dirstack.c lib/common/mkdir_p.c
+libcommon_a_SOURCES += lib/common/filename_sane.c
 
 noinst_LIBRARIES += libcommon.a
diff --git a/lib/common/filename_sane.c b/lib/common/filename_sane.c
new file mode 100644
index 0000000..6b497c3
--- /dev/null
+++ b/lib/common/filename_sane.c
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: GPL-3.0-or-later */
+/*
+ * filename_sane.c
+ *
+ * Copyright (C) 2019 David Oberhollenzer <goliath@infraroot.at>
+ */
+#include "common.h"
+
+bool is_filename_sane(const char *name)
+{
+	if (name[0] == '.') {
+		if (name[1] == '\0')
+			return false;
+
+		if (name[1] == '.' && name[2] == '\0')
+			return false;
+	}
+
+	while (*name != '\0') {
+		if (*name == '/')
+			return false;
+		++name;
+	}
+
+	return true;
+}