diff options
| author |   José Bollo <jose.bollo@iot.bzh> | 2015-12-09 14:22:42 +0100 |
|---|---|---|
| committer | José Bollo <jose.bollo@iot.bzh> | 2015-12-09 14:22:42 +0100 |
| commit | 0270b7281b783cbea5c1f0ebb4440d2be1bd79fa (patch) | |
| tree | c5956a5c1bcc69ecad3e4c5b23b0b1e41adde2c5 | |
| parent | 381842f4c264e5946ad964f43608f7e543fbcb19 (diff) | |
validation of the path
Change-Id: I3ae984e787335264cd7f88f239453ff10c900ee2
| -rw-r--r-- | wgt-rootdir.c | 46 |
1 files changed, 44 insertions, 2 deletions
diff --git a/wgt-rootdir.c b/wgt-rootdir.c index b7d9066..4df1705 100644 --- a/wgt-rootdir.c +++ b/wgt-rootdir.c @@ -18,8 +18,7 @@ #include <unistd.h> #include <fcntl.h> -#include <sys/types.h> -#include <sys/stat.h> +#include <errno.h> #include "wgt.h" @@ -43,13 +42,56 @@ int widget_set_rootdir(const char *pathname) return 0; } +static int validsubpath(const char *subpath) +{ + int l = 0, i = 0; + if (subpath[i] == '/') + return 0; + while(subpath[i]) { + switch(subpath[i++]) { + case '.': + if (!subpath[i]) + break; + if (subpath[i] == '/') { + i++; + break; + } + if (subpath[i++] == '.') { + if (!subpath[i]) { + l--; + break; + } + if (subpath[i++] == '/') { + l--; + break; + } + } + default: + while(subpath[i] && subpath[i] != '/') + i++; + l++; + case '/': + break; + } + } + return l >= 0; +} + int widget_has(const char *filename) { + if (!validsubpath(filename)) { + errno = EINVAL; + return -1; + } return 0 == faccessat(rootfd, filename, F_OK, 0); } int widget_open_read(const char *filename) { + if (!validsubpath(filename)) { + errno = EINVAL; + return -1; + } return openat(rootfd, filename, O_RDONLY); } |