diff options
Diffstat (limited to 'src/plugins/fs/download.c')
-rw-r--r-- | src/plugins/fs/download.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/plugins/fs/download.c b/src/plugins/fs/download.c index 2ee8becf..6698b329 100644 --- a/src/plugins/fs/download.c +++ b/src/plugins/fs/download.c | |||
@@ -420,6 +420,7 @@ void displayDownloadComplete(const struct ECRS_URI * uri, | |||
420 | GtkTreePath * path; | 420 | GtkTreePath * path; |
421 | struct ECRS_URI * u; | 421 | struct ECRS_URI * u; |
422 | char *dirPath; | 422 | char *dirPath; |
423 | char *dotdot; | ||
423 | 424 | ||
424 | pos = head; | 425 | pos = head; |
425 | while (pos != NULL) { | 426 | while (pos != NULL) { |
@@ -527,6 +528,12 @@ void displayDownloadComplete(const struct ECRS_URI * uri, | |||
527 | } | 528 | } |
528 | fnURL[len] = 0; | 529 | fnURL[len] = 0; |
529 | 530 | ||
531 | /* avoid directory traversal */ | ||
532 | while(dotdot = strstr("../")) { | ||
533 | dotdot[0] = '_'; | ||
534 | dotdot[1] = '_'; | ||
535 | } | ||
536 | |||
530 | /* If the file was downloaded before, fnURL is a symlink to | 537 | /* If the file was downloaded before, fnURL is a symlink to |
531 | dstFile */ | 538 | dstFile */ |
532 | if ((READLINK(fnURL, dummy, 1) == -1) && (errno == EINVAL)) { | 539 | if ((READLINK(fnURL, dummy, 1) == -1) && (errno == EINVAL)) { |