Move file name sanity check to deserialize_fstree

Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
author: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2019-09-09 11:07:18 +0200
committer: David Oberhollenzer <david.oberhollenzer@sigma-star.at> 2019-09-09 11:07:18 +0200
commit: 526fd8b4969b2efe62e0fbc339a7b7dafefb7729 (patch)
tree: 8b5dd9ff968b8c045e555685ca954f5894e25a1c /lib/sqfshelper
parent: 3a851dfe87c88ac1d4dddc2a26cc48b037f852f9 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/lib/sqfshelper/deserialize_fstree.c b/lib/sqfshelper/deserialize_fstree.c
index 37861e6..6c536c3 100644
--- a/lib/sqfshelper/deserialize_fstree.c
+++ b/lib/sqfshelper/deserialize_fstree.c
@@ -78,6 +78,21 @@ static bool node_would_be_own_parent(tree_node_t *root, tree_node_t *n)
 	return false;
 }
 
+static bool is_name_sane(const char *name)
+{
+	if (strchr(name, '/') != NULL || strchr(name, '\\') != NULL)
+		goto fail;
+
+	if (strcmp(name, "..") == 0 || strcmp(name, ".") == 0)
+		goto fail;
+
+	return true;
+fail:
+	fprintf(stderr, "WARNING: Found directory entry named '%s', "
+		"skipping\n", name);
+	return false;
+}
+
 static int fill_dir(sqfs_meta_reader_t *ir, sqfs_meta_reader_t *dr,
 		    tree_node_t *root, sqfs_super_t *super,
 		    sqfs_id_table_t *idtbl,
@@ -126,6 +141,11 @@ static int fill_dir(sqfs_meta_reader_t *ir, sqfs_meta_reader_t *dr,
 				continue;
 			}
 
+			if (!is_name_sane((const char *)ent->name)) {
+				free(ent);
+				continue;
+			}
+
 			err = sqfs_meta_reader_read_inode(ir, super,
 							  hdr.start_block,
 							  ent->offset, &inode);
author	David Oberhollenzer <david.oberhollenzer@sigma-star.at>	2019-09-09 11:07:18 +0200
committer	David Oberhollenzer <david.oberhollenzer@sigma-star.at>	2019-09-09 11:07:18 +0200
commit	526fd8b4969b2efe62e0fbc339a7b7dafefb7729 (patch)
tree	8b5dd9ff968b8c045e555685ca954f5894e25a1c /lib/sqfshelper
parent	3a851dfe87c88ac1d4dddc2a26cc48b037f852f9 (diff)