diff options
| author | Max Kellermann <max@duempel.org> | 2010-02-27 19:01:17 +0100 |
|---|---|---|
| committer | Max Kellermann <max@duempel.org> | 2010-02-27 19:01:17 +0100 |
| commit | a3645984cdf5a827b93b616acd4bae2d33af728a (patch) | |
| tree | 77ad72d1be863ee6ea21a4eef3969c5697851715 /src/command.c | |
| parent | 43cf4e97b9895e37e7f12fad87f5fa5bb0e83d24 (diff) | |
| download | mpd-a3645984cdf5a827b93b616acd4bae2d33af728a.tar.gz mpd-a3645984cdf5a827b93b616acd4bae2d33af728a.tar.xz mpd-a3645984cdf5a827b93b616acd4bae2d33af728a.zip | |
command: "update" checks if the path is malformed
This is a very basic check, which only ensures that the path does not
begin with a slash, doesn't have double slashes and the special names
"." and ".." are forbidden.
Diffstat (limited to 'src/command.c')
| -rw-r--r-- | src/command.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/src/command.c b/src/command.c index e591d06e3..ab1a7b0a9 100644 --- a/src/command.c +++ b/src/command.c @@ -1055,9 +1055,16 @@ handle_update(struct client *client, G_GNUC_UNUSED int argc, char *argv[]) unsigned ret; assert(argc <= 2); - if (argc == 2) + if (argc == 2) { path = argv[1]; + if (!uri_safe_local(path)) { + command_error(client, ACK_ERROR_ARG, + "Malformed path"); + return COMMAND_RETURN_ERROR; + } + } + ret = update_enqueue(path, false); if (ret > 0) { client_printf(client, "updating_db: %i\n", ret); @@ -1076,9 +1083,16 @@ handle_rescan(struct client *client, G_GNUC_UNUSED int argc, char *argv[]) unsigned ret; assert(argc <= 2); - if (argc == 2) + if (argc == 2) { path = argv[1]; + if (!uri_safe_local(path)) { + command_error(client, ACK_ERROR_ARG, + "Malformed path"); + return COMMAND_RETURN_ERROR; + } + } + ret = update_enqueue(path, true); if (ret > 0) { client_printf(client, "updating_db: %i\n", ret); |