From 7076bbd87e954834a2f8a44c39d16b30ff04ab1c Mon Sep 17 00:00:00 2001
From: Michi Henning <michi@zeroc.com>
Date: Mon, 21 Feb 2005 01:13:56 +0000
Subject: Added check to server to disallow absolute paths and paths containing
 "..".

---
 cpp/src/IcePatch2/FileServerI.cpp | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

(limited to 'cpp/src/IcePatch2/FileServerI.cpp')

diff --git a/cpp/src/IcePatch2/FileServerI.cpp b/cpp/src/IcePatch2/FileServerI.cpp
index ae1099f3e3b..845eac2798f 100644
--- a/cpp/src/IcePatch2/FileServerI.cpp
+++ b/cpp/src/IcePatch2/FileServerI.cpp
@@ -62,13 +62,28 @@ IcePatch2::FileServerI::getChecksum(const Current&) const
 ByteSeq
 IcePatch2::FileServerI::getFileCompressed(const string& pa, Int pos, Int num, const Current&) const
 {
+    if(isAbsolute(pa))
+    {
+	FileAccessException ex;
+	ex.reason = "Illegal absolute path: `" + pa + "'";
+	throw ex;
+    }
+
     string path = simplify(_dataDir + '/' + pa);
     path += ".bz2";
 
-    //
-    // TODO: Check if path is allowed, i.e., make sure that it neither
-    // is absolute, nor that it contains illegal "..".
-    //
+    string::size_type slashPos = path.find('/');
+    while(slashPos != string::npos)
+    {
+        string::size_type endPos = path.find('/', slashPos + 1);
+	if(path.substr(slashPos + 1, endPos - slashPos - 1) == "..")
+	{
+	    FileAccessException ex;
+	    ex.reason = "Illegal .. component in path: `" + pa + "'";
+	    throw ex;
+	}
+	slashPos = endPos;
+    }
 
     if(num <= 0 || pos < 0)
     {
-- 
cgit v1.2.3