diff options
Diffstat (limited to 'lib/util')
-rw-r--r-- | lib/util/Makemodule.am | 2 | ||||
-rw-r--r-- | lib/util/canonicalize_name.c | 60 | ||||
-rw-r--r-- | lib/util/filename_sane.c | 78 |
3 files changed, 140 insertions, 0 deletions
diff --git a/lib/util/Makemodule.am b/lib/util/Makemodule.am index bc3d618..d37f2b1 100644 --- a/lib/util/Makemodule.am +++ b/lib/util/Makemodule.am @@ -10,6 +10,8 @@ libutil_a_SOURCES += include/util/w32threadwrap.h libutil_a_SOURCES += lib/util/threadpool_serial.c libutil_a_SOURCES += lib/util/is_memory_zero.c libutil_a_SOURCES += lib/util/mkdir_p.c +libutil_a_SOURCES += lib/util/canonicalize_name.c +libutil_a_SOURCES += lib/util/filename_sane.c libutil_a_CFLAGS = $(AM_CFLAGS) libutil_a_CPPFLAGS = $(AM_CPPFLAGS) diff --git a/lib/util/canonicalize_name.c b/lib/util/canonicalize_name.c new file mode 100644 index 0000000..534e89e --- /dev/null +++ b/lib/util/canonicalize_name.c @@ -0,0 +1,60 @@ +/* SPDX-License-Identifier: LGPL-3.0-or-later */ +/* + * canonicalize_name.c + * + * Copyright (C) 2019 David Oberhollenzer <goliath@infraroot.at> + */ +#include "config.h" +#include "util/util.h" + +static void normalize_slashes(char *filename) +{ + char *dst = filename, *src = filename; + + while (*src == '/') + ++src; + + while (*src != '\0') { + if (*src == '/') { + while (*src == '/') + ++src; + if (*src == '\0') + break; + *(dst++) = '/'; + } else { + *(dst++) = *(src++); + } + } + + *dst = '\0'; +} + +int canonicalize_name(char *filename) +{ + char *dst = filename, *src = filename; + + normalize_slashes(filename); + + while (*src != '\0') { + if (src[0] == '.') { + if (src[1] == '\0') + break; + if (src[1] == '/') { + src += 2; + continue; + } + if (src[1] == '.' && (src[2] == '/' || src[2] == '\0')) + return -1; + } + + while (*src != '\0' && *src != '/') + *(dst++) = *(src++); + + if (*src == '/') + *(dst++) = *(src++); + } + + *dst = '\0'; + normalize_slashes(filename); + return 0; +} diff --git a/lib/util/filename_sane.c b/lib/util/filename_sane.c new file mode 100644 index 0000000..b52ce4d --- /dev/null +++ b/lib/util/filename_sane.c @@ -0,0 +1,78 @@ +/* SPDX-License-Identifier: LGPL-3.0-or-later */ +/* + * filename_sane.c + * + * Copyright (C) 2019 David Oberhollenzer <goliath@infraroot.at> + */ +#include "config.h" +#include "util/util.h" + +#include <string.h> + +#if defined(_WIN32) || defined(__WINDOWS__) || defined(TEST_WIN32) +#ifdef _MSC_VER +#define strncasecmp _strnicmp +#define strcasecmp _stricmp +#endif + +static const char *bad_names[] = { + "CON", "PRN", "AUX", "NUL", + "COM1", "COM2", "COM3", "COM4", "COM5", "COM6", "COM7", "COM8", "COM9", + "LPT1", "LPT2", "LPT3", "LPT4", "LPT5", "LPT6", "LPT7", "LPT8", "LPT9", +}; + +static bool is_allowed_by_os(const char *name) +{ + size_t len, i; + + for (i = 0; i < sizeof(bad_names) / sizeof(bad_names[0]); ++i) { + len = strlen(bad_names[i]); + + if (strncasecmp(name, bad_names[i], len) != 0) + continue; + + if (name[len] == '\0') + return false; + + if (name[len] == '.' && strchr(name + len + 1, '.') == NULL) + return false; + } + + return true; +} +#else +static bool is_allowed_by_os(const char *name) +{ + (void)name; + return true; +} +#endif + +bool is_filename_sane(const char *name, bool check_os_specific) +{ + if (strcmp(name, ".") == 0 || strcmp(name, "..") == 0) + return false; + + if (check_os_specific && !is_allowed_by_os(name)) + return false; + + while (*name != '\0') { + if (*name == '/') + return false; + +#if defined(_WIN32) || defined(__WINDOWS__) || defined(TEST_WIN32) + if (check_os_specific) { + if (*name == '<' || *name == '>' || *name == ':') + return false; + if (*name == '"' || *name == '|' || *name == '?') + return false; + if (*name == '*' || *name == '\\' || *name <= 31) + return false; + } +#endif + + ++name; + } + + return true; +} |