diff options
author | Max Kellermann <max@duempel.org> | 2014-01-23 00:40:39 +0100 |
---|---|---|
committer | Max Kellermann <max@duempel.org> | 2014-01-23 00:40:39 +0100 |
commit | b52d8fbebe2b0afa7fa2d7dd71c1d1761803662c (patch) | |
tree | 23c8257a1f600f75f8f859aa10aa699584acc172 /src | |
parent | b61a2c722cc0bd2e574984f98490b36353759b3b (diff) | |
download | mpd-b52d8fbebe2b0afa7fa2d7dd71c1d1761803662c.tar.gz mpd-b52d8fbebe2b0afa7fa2d7dd71c1d1761803662c.tar.xz mpd-b52d8fbebe2b0afa7fa2d7dd71c1d1761803662c.zip |
db/upnp: strict vpath checks for the "root" directory
Diffstat (limited to '')
-rw-r--r-- | src/db/UpnpDatabasePlugin.cxx | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/db/UpnpDatabasePlugin.cxx b/src/db/UpnpDatabasePlugin.cxx index 0d6bab2a0..f18dd95d2 100644 --- a/src/db/UpnpDatabasePlugin.cxx +++ b/src/db/UpnpDatabasePlugin.cxx @@ -599,12 +599,32 @@ UpnpDatabase::VisitServer(const ContentDirectoryService &server, because the path is not valid for traversal. Besides, it's just faster to access the target node directly */ if (!vpath.empty() && vpath.front() == rootid) { + switch (vpath.size()) { + case 1: + return true; + + case 2: + break; + + default: + error.Format(db_domain, DB_NOT_FOUND, + "Not found"); + return false; + } + if (visit_song) { UPnPDirObject dirent; if (!ReadNode(server, vpath.back().c_str(), dirent, error)) return false; + if (dirent.type != UPnPDirObject::Type::ITEM || + dirent.item_class != UPnPDirObject::ItemClass::MUSIC) { + error.Format(db_domain, DB_NOT_FOUND, + "Not found"); + return false; + } + std::string path = songPath(server.getFriendlyName(), dirent.m_id); if (!visitSong(std::move(dirent), path.c_str(), |