diff options
| author | Max Kellermann <max@duempel.org> | 2008-10-31 16:48:58 +0100 |
|---|---|---|
| committer | Max Kellermann <max@duempel.org> | 2008-10-31 16:48:58 +0100 |
| commit | f291876772d1283433924518f87e639e17901a17 (patch) | |
| tree | e9ce02c3dde705d62e377f0e590ca0d2fa3b1cb2 /src/mapper.c | |
| parent | a5f8d4386c3d7b59bab15499d5d70f8d2713626f (diff) | |
| download | mpd-f291876772d1283433924518f87e639e17901a17.tar.gz mpd-f291876772d1283433924518f87e639e17901a17.tar.xz mpd-f291876772d1283433924518f87e639e17901a17.zip | |
mapper: check for "." and ".."
Make map_directory_child_fs() refuse the names "." and "..". This is
currently the interface where an attacker may inject a manipulated
path (through the "update" command).
Diffstat (limited to 'src/mapper.c')
| -rw-r--r-- | src/mapper.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/mapper.c b/src/mapper.c index a21b42d92..4510241dc 100644 --- a/src/mapper.c +++ b/src/mapper.c @@ -100,6 +100,11 @@ map_directory_child_fs(const struct directory *directory, const char *name, char buffer2[MPD_PATH_MAX]; const char *parent_fs; + /* check for invalid or unauthorized base names */ + if (*name == 0 || strchr(name, '/') != NULL || + strcmp(name, ".") == 0 || strcmp(name, "..") == 0) + return NULL; + parent_fs = map_directory_fs(directory, buffer2); if (parent_fs == NULL) return NULL; |