diff options
| author | Michi Henning <michi@zeroc.com> | 2005-02-21 01:13:56 +0000 |
|---|---|---|
| committer | Michi Henning <michi@zeroc.com> | 2005-02-21 01:13:56 +0000 |
| commit | 7076bbd87e954834a2f8a44c39d16b30ff04ab1c (patch) | |
| tree | ceb11cc53a522e8d0d2200b154eb2a9f2069fd58 | |
| parent | adding Ice version numbers (diff) | |
| download | ice-7076bbd87e954834a2f8a44c39d16b30ff04ab1c.tar.bz2 ice-7076bbd87e954834a2f8a44c39d16b30ff04ab1c.tar.xz ice-7076bbd87e954834a2f8a44c39d16b30ff04ab1c.zip | |
Added check to server to disallow absolute paths and paths containing "..".
| -rwxr-xr-x | cpp/src/IcePatch2/ClientUtil.cpp | 2 | ||||
| -rw-r--r-- | cpp/src/IcePatch2/FileServerI.cpp | 23 | ||||
| -rw-r--r-- | cpp/src/IcePatch2/Util.cpp | 11 |
3 files changed, 27 insertions, 9 deletions
diff --git a/cpp/src/IcePatch2/ClientUtil.cpp b/cpp/src/IcePatch2/ClientUtil.cpp index aab5dc7aa34..9916404b2bd 100755 --- a/cpp/src/IcePatch2/ClientUtil.cpp +++ b/cpp/src/IcePatch2/ClientUtil.cpp @@ -760,7 +760,7 @@ IcePatch2::Patcher::updateFilesInternal(const FileInfoSeq& files, const Decompre } catch(const FileAccessException& ex) { - throw "server error for `" + p->path + "':" + ex.reason; + throw "server error for `" + p->path + "': " + ex.reason; } if(bytes.empty()) diff --git a/cpp/src/IcePatch2/FileServerI.cpp b/cpp/src/IcePatch2/FileServerI.cpp index ae1099f3e3b..845eac2798f 100644 --- a/cpp/src/IcePatch2/FileServerI.cpp +++ b/cpp/src/IcePatch2/FileServerI.cpp @@ -62,13 +62,28 @@ IcePatch2::FileServerI::getChecksum(const Current&) const ByteSeq IcePatch2::FileServerI::getFileCompressed(const string& pa, Int pos, Int num, const Current&) const { + if(isAbsolute(pa)) + { + FileAccessException ex; + ex.reason = "Illegal absolute path: `" + pa + "'"; + throw ex; + } + string path = simplify(_dataDir + '/' + pa); path += ".bz2"; - // - // TODO: Check if path is allowed, i.e., make sure that it neither - // is absolute, nor that it contains illegal "..". - // + string::size_type slashPos = path.find('/'); + while(slashPos != string::npos) + { + string::size_type endPos = path.find('/', slashPos + 1); + if(path.substr(slashPos + 1, endPos - slashPos - 1) == "..") + { + FileAccessException ex; + ex.reason = "Illegal .. component in path: `" + pa + "'"; + throw ex; + } + slashPos = endPos; + } if(num <= 0 || pos < 0) { diff --git a/cpp/src/IcePatch2/Util.cpp b/cpp/src/IcePatch2/Util.cpp index 885d7fff797..49da0c2edba 100644 --- a/cpp/src/IcePatch2/Util.cpp +++ b/cpp/src/IcePatch2/Util.cpp @@ -263,12 +263,15 @@ IcePatch2::simplify(const string& path) bool IcePatch2::isAbsolute(const string& pa) { - const string path = simplify(pa); - + unsigned i = 0; + while(isspace(pa[i])) + { + ++i; + } #ifdef _WIN32 - return path[0] == '/' || path.size() > 1 && isalpha(path[0]) && path[1] == ':'; + return pa[i] == '\\' || pa[i] == '/' || pa.size() > i + 1 && isalpha(pa[i]) && pa[i + 1] == ':'; #else - return path[0] == '/'; + return pa[i] == '/'; #endif } |