aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNils Durner <durner@gnunet.org>2005-12-20 20:21:32 +0000
committerNils Durner <durner@gnunet.org>2005-12-20 20:21:32 +0000
commita42191f9d61a87d374bf125a74732f751d9a2dc4 (patch)
tree5ec332865cab7c1d868834bc703d99a106d11cf4
parent52ee5feb07d1c2ad912ea1963e0142900b3b289e (diff)
downloadgnunet-gtk-a42191f9d61a87d374bf125a74732f751d9a2dc4.tar.gz
gnunet-gtk-a42191f9d61a87d374bf125a74732f751d9a2dc4.zip
avoid directory traversal
-rw-r--r--src/plugins/fs/download.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/plugins/fs/download.c b/src/plugins/fs/download.c
index 2ee8becf..6698b329 100644
--- a/src/plugins/fs/download.c
+++ b/src/plugins/fs/download.c
@@ -420,6 +420,7 @@ void displayDownloadComplete(const struct ECRS_URI * uri,
420 GtkTreePath * path; 420 GtkTreePath * path;
421 struct ECRS_URI * u; 421 struct ECRS_URI * u;
422 char *dirPath; 422 char *dirPath;
423 char *dotdot;
423 424
424 pos = head; 425 pos = head;
425 while (pos != NULL) { 426 while (pos != NULL) {
@@ -527,6 +528,12 @@ void displayDownloadComplete(const struct ECRS_URI * uri,
527 } 528 }
528 fnURL[len] = 0; 529 fnURL[len] = 0;
529 530
531 /* avoid directory traversal */
532 while(dotdot = strstr("../")) {
533 dotdot[0] = '_';
534 dotdot[1] = '_';
535 }
536
530 /* If the file was downloaded before, fnURL is a symlink to 537 /* If the file was downloaded before, fnURL is a symlink to
531 dstFile */ 538 dstFile */
532 if ((READLINK(fnURL, dummy, 1) == -1) && (errno == EINVAL)) { 539 if ((READLINK(fnURL, dummy, 1) == -1) && (errno == EINVAL)) {