aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2019-10-07 15:54:41 +0200
committerDavid Oberhollenzer <david.oberhollenzer@sigma-star.at>2019-10-07 15:59:07 +0200
commite21bf0b60c1b9d67fe7553105b6440c3fce7c0bb (patch)
tree168f84bbf1d741e624a339074debcde441b2e2eb /lib
parentc973bcc1039b64ec00acaf8e8d61b9f5229da56f (diff)
Do an explicit "is filename sane" check
Until now, filenames containing '/' or being equal to '..' or '.' where not handled explicitly, because they are canonicalized later, which will then fail. This commit adds an explicit check to make those fail immediately with a clear, specific error message. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'lib')
-rw-r--r--lib/common/Makemodule.am1
-rw-r--r--lib/common/filename_sane.c26
2 files changed, 27 insertions, 0 deletions
diff --git a/lib/common/Makemodule.am b/lib/common/Makemodule.am
index db366af..4f4562b 100644
--- a/lib/common/Makemodule.am
+++ b/lib/common/Makemodule.am
@@ -6,5 +6,6 @@ libcommon_a_SOURCES += lib/common/data_writer.c include/common.h
libcommon_a_SOURCES += lib/common/get_path.c lib/common/io_stdin.c
libcommon_a_SOURCES += lib/common/writer.c lib/common/perror.c
libcommon_a_SOURCES += lib/common/dirstack.c lib/common/mkdir_p.c
+libcommon_a_SOURCES += lib/common/filename_sane.c
noinst_LIBRARIES += libcommon.a
diff --git a/lib/common/filename_sane.c b/lib/common/filename_sane.c
new file mode 100644
index 0000000..6b497c3
--- /dev/null
+++ b/lib/common/filename_sane.c
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: GPL-3.0-or-later */
+/*
+ * filename_sane.c
+ *
+ * Copyright (C) 2019 David Oberhollenzer <goliath@infraroot.at>
+ */
+#include "common.h"
+
+bool is_filename_sane(const char *name)
+{
+ if (name[0] == '.') {
+ if (name[1] == '\0')
+ return false;
+
+ if (name[1] == '.' && name[2] == '\0')
+ return false;
+ }
+
+ while (*name != '\0') {
+ if (*name == '/')
+ return false;
+ ++name;
+ }
+
+ return true;
+}