diff --git a/obexd/plugins/filesystem.c b/obexd/plugins/filesystem.c
index 8d1d74b..b05dc3a 100644
--- a/obexd/plugins/filesystem.c
+++ b/obexd/plugins/filesystem.c
return TRUE;
}
+int verify_path(const char *path)
+{
+ char *t;
+ int ret = 0;
+
+ if (obex_option_symlinks())
+ return 0;
+
+ t = realpath(path, NULL);
+
+ if (t == NULL)
+ return -errno;
+
+ if (!g_str_has_prefix(t, obex_option_root_folder()))
+ ret = -EPERM;
+
+ free(t);
+
+ return ret;
+}
+
static char *file_stat_line(char *filename, struct stat *fstat,
struct stat *dstat, gboolean root,
gboolean pcsuite)
{
struct stat stats;
struct statvfs buf;
- const char *root_folder;
- char *folder;
- gboolean root;
int fd = open(name, oflag, mode);
uint64_t avail;
+ int ret;
if (fd < 0) {
if (err)
goto failed;
}
- root_folder = obex_option_root_folder();
- folder = g_path_get_dirname(name);
- root = g_strcmp0(folder, root_folder);
-
- g_free(folder);
-
- if (!root || obex_option_symlinks()) {
- if (S_ISLNK(stats.st_mode)) {
- if (err)
- *err = -EPERM;
- goto failed;
- }
-
+ ret = verify_path(name);
+ if (ret < 0) {
+ if (err)
+ *err = ret;
+ goto failed;
}
if (oflag == O_RDONLY) {
struct stat fstat, dstat;
struct dirent *ep;
DIR *dp;
- gboolean root, symlinks;
+ gboolean root;
int ret;
root = g_str_equal(name, obex_option_root_folder());
goto failed;
}
- symlinks = obex_option_symlinks();
- if (root && symlinks)
- ret = stat(name, &dstat);
- else {
+ if (root)
object = g_string_append(object, FL_PARENT_FOLDER_ELEMENT);
- ret = lstat(name, &dstat);
+
+ ret = verify_path(name);
+ if (ret < 0) {
+ *err = ret;
+ goto failed;
}
+ ret = stat(name, &dstat);
+
if (ret < 0) {
if (err)
*err = -errno;
fullname = g_build_filename(name, ep->d_name, NULL);
- if (root && symlinks)
- ret = stat(fullname, &fstat);
- else
- ret = lstat(fullname, &fstat);
+ ret = stat(fullname, &fstat);
if (ret < 0) {
- DBG("%s: %s(%d)", root ? "stat" : "lstat",
- strerror(errno), errno);
+ DBG("stat: %s(%d)", strerror(errno), errno);
g_free(filename);
g_free(fullname);
continue;
diff --git a/obexd/plugins/filesystem.h b/obexd/plugins/filesystem.h
index 3c6d2c1..f95773b 100644
--- a/obexd/plugins/filesystem.h
+++ b/obexd/plugins/filesystem.h
ssize_t string_read(void *object, void *buf, size_t count);
gboolean is_filename(const char *name);
+int verify_path(const char *path);
diff --git a/obexd/plugins/ftp.c b/obexd/plugins/ftp.c
index b0ef540..e191339 100644
--- a/obexd/plugins/ftp.c
+++ b/obexd/plugins/ftp.c
DBG("Fullname: %s", fullname);
- if (root && obex_get_symlinks(os))
- err = stat(fullname, &dstat);
- else
- err = lstat(fullname, &dstat);
+ err = verify_path(fullname);
+
+ if (err < 0)
+ goto done;
+
+ err = stat(fullname, &dstat);
if (err < 0) {
err = -errno;
if (err == -ENOENT)
goto not_found;
- DBG("%s: %s(%d)", root ? "stat" : "lstat",
- strerror(-err), -err);
+ DBG("stat: %s(%d)", strerror(-err), -err);
goto done;
}
diff --git a/obexd/src/main.c b/obexd/src/main.c
index bf966f4..52ab11c 100644
--- a/obexd/src/main.c
+++ b/obexd/src/main.c
{ "root-setup", 'S', 0, G_OPTION_ARG_STRING, &option_root_setup,
"Root folder setup script", "SCRIPT" },
{ "symlinks", 'l', 0, G_OPTION_ARG_NONE, &option_symlinks,
- "Enable symlinks on root folder" },
+ "Allow symlinks leading outside of the root "
+ "folder" },
{ "capability", 'c', 0, G_OPTION_ARG_STRING, &option_capability,
"Specify capability file, use '!' mark for "
"scripts", "FILE" },