summaryrefslogtreecommitdiffstats
path: root/wgt-rootdir.c
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2015-12-09 14:22:42 +0100
committerJosé Bollo <jose.bollo@iot.bzh>2015-12-09 14:22:42 +0100
commit0270b7281b783cbea5c1f0ebb4440d2be1bd79fa (patch)
treec5956a5c1bcc69ecad3e4c5b23b0b1e41adde2c5 /wgt-rootdir.c
parent381842f4c264e5946ad964f43608f7e543fbcb19 (diff)
validation of the path
Change-Id: I3ae984e787335264cd7f88f239453ff10c900ee2
Diffstat (limited to 'wgt-rootdir.c')
-rw-r--r--wgt-rootdir.c46
1 files changed, 44 insertions, 2 deletions
diff --git a/wgt-rootdir.c b/wgt-rootdir.c
index b7d9066..4df1705 100644
--- a/wgt-rootdir.c
+++ b/wgt-rootdir.c
@@ -18,8 +18,7 @@
#include <unistd.h>
#include <fcntl.h>
-#include <sys/types.h>
-#include <sys/stat.h>
+#include <errno.h>
#include "wgt.h"
@@ -43,13 +42,56 @@ int widget_set_rootdir(const char *pathname)
return 0;
}
+static int validsubpath(const char *subpath)
+{
+ int l = 0, i = 0;
+ if (subpath[i] == '/')
+ return 0;
+ while(subpath[i]) {
+ switch(subpath[i++]) {
+ case '.':
+ if (!subpath[i])
+ break;
+ if (subpath[i] == '/') {
+ i++;
+ break;
+ }
+ if (subpath[i++] == '.') {
+ if (!subpath[i]) {
+ l--;
+ break;
+ }
+ if (subpath[i++] == '/') {
+ l--;
+ break;
+ }
+ }
+ default:
+ while(subpath[i] && subpath[i] != '/')
+ i++;
+ l++;
+ case '/':
+ break;
+ }
+ }
+ return l >= 0;
+}
+
int widget_has(const char *filename)
{
+ if (!validsubpath(filename)) {
+ errno = EINVAL;
+ return -1;
+ }
return 0 == faccessat(rootfd, filename, F_OK, 0);
}
int widget_open_read(const char *filename)
{
+ if (!validsubpath(filename)) {
+ errno = EINVAL;
+ return -1;
+ }
return openat(rootfd, filename, O_RDONLY);
}