Guard against bad link destinations.

This commit is contained in:
Vreixo Formoso 2008-01-08 20:05:01 +01:00
parent 1459801134
commit 2464455fea
4 changed files with 70 additions and 6 deletions

View File

@ -819,8 +819,10 @@ const char *iso_symlink_get_dest(const IsoSymlink *link);
* @param dest * @param dest
* New destination for the link. It must be a non-empty string, otherwise * New destination for the link. It must be a non-empty string, otherwise
* this function doesn't modify previous destination. * this function doesn't modify previous destination.
* @return
* 1 on success, < 0 on error
*/ */
void iso_symlink_set_dest(IsoSymlink *link, const char *dest); int iso_symlink_set_dest(IsoSymlink *link, const char *dest);
/** /**
* Sets the order in which a node will be written on image. High weihted files * Sets the order in which a node will be written on image. High weihted files

View File

@ -14,6 +14,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#include <limits.h>
/** /**
* Increments the reference counting of the given node. * Increments the reference counting of the given node.
@ -541,15 +542,20 @@ const char *iso_symlink_get_dest(const IsoSymlink *link)
/** /**
* Set the destination of a link. * Set the destination of a link.
*/ */
void iso_symlink_set_dest(IsoSymlink *link, const char *dest) int iso_symlink_set_dest(IsoSymlink *link, const char *dest)
{ {
// TODO guard against bad destinations, such as components bigger than 255 char *d;
if (dest == NULL || dest[0] == '\0') { if (!iso_node_is_valid_link_dest(dest)) {
/* guard against null or empty dest */ /* guard against null or empty dest */
return; return ISO_WRONG_ARG_VALUE;
}
d = strdup(dest);
if (d == NULL) {
return ISO_MEM_ERROR;
} }
free(link->dest); free(link->dest);
link->dest = strdup(dest); link->dest = d;
return ISO_SUCCESS;
} }
/** /**
@ -615,6 +621,48 @@ int iso_node_is_valid_name(const char *name)
return 1; return 1;
} }
int iso_node_is_valid_link_dest(const char *dest)
{
int ret;
char *ptr, *brk_info, *component;
/* a dest can't be NULL */
if (dest == NULL) {
return 0;
}
/* guard against the empty string or big dest... */
if (dest[0] == '\0' || strlen(dest) > PATH_MAX) {
return 0;
}
/* check that all components are valid */
if (!strcmp(dest, "/")) {
/* "/" is a valid component */
return 1;
}
ptr = strdup(dest);
if (ptr == NULL) {
return 0;
}
ret = 1;
component = strtok_r(ptr, "/", &brk_info);
while (component) {
if (strcmp(component, ".") && strcmp(component, "..")) {
ret = iso_node_is_valid_name(component);
if (ret == 0) {
break;
}
}
component = strtok_r(NULL, "/", &brk_info);
}
free(ptr);
return ret;
}
int iso_node_new_root(IsoDir **root) int iso_node_new_root(IsoDir **root)
{ {
IsoDir *dir; IsoDir *dir;

View File

@ -115,4 +115,12 @@ int iso_node_new_root(IsoDir **root);
*/ */
int iso_node_is_valid_name(const char *name); int iso_node_is_valid_name(const char *name);
/**
* Check if a given path is valid for the destination of a link.
*
* @return
* 1 if yes, 0 if not
*/
int iso_node_is_valid_link_dest(const char *dest);
#endif /*LIBISO_NODE_H_*/ #endif /*LIBISO_NODE_H_*/

View File

@ -150,6 +150,12 @@ int iso_tree_add_new_symlink(IsoDir *parent, const char *name,
if (!iso_node_is_valid_name(name)) { if (!iso_node_is_valid_name(name)) {
return ISO_WRONG_ARG_VALUE; return ISO_WRONG_ARG_VALUE;
} }
/* check if destination is valid */
if (!iso_node_is_valid_link_dest(dest)) {
/* guard against null or empty dest */
return ISO_WRONG_ARG_VALUE;
}
/* find place where to insert */ /* find place where to insert */
pos = &(parent->children); pos = &(parent->children);