drew
/
acadia-newlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* path.cc (normalize_posix_path): Fix long-standing problem which 

allows to access files via ".." using an invalid POSIX path.
This commit is contained in:
Corinna Vinschen 2013-06-12 17:45:42 +00:00
parent bb345ed147
commit 0b8722c2db
3 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,8 @@
2013-06-12 Fedin Pavel <p.fedin@samsung.com>
* path.cc (normalize_posix_path): Fix long-standing problem which
allows to access files via ".." using an invalid POSIX path.
2013-06-11 Corinna Vinschen <corinna@vinschen.de> 2013-06-11 Corinna Vinschen <corinna@vinschen.de>
* winver.rc (FileDescription): Remove (R). * winver.rc (FileDescription): Remove (R).

17
winsup/cygwin/path.cc
View File

@ -240,6 +240,7 @@ normalize_posix_path (const char *src, char *dst, char *&tail)
{ {
const char *in_src = src; const char *in_src = src;
char *dst_start = dst; char *dst_start = dst;
bool check_parent = false;
syscall_printf ("src %s", src); syscall_printf ("src %s", src);
if ((isdrive (src) && isdirsep (src[2])) || *src == '\\') if ((isdrive (src) && isdirsep (src[2])) || *src == '\\')
@ -278,6 +279,7 @@ normalize_posix_path (const char *src, char *dst, char *&tail)
*tail++ = *src++; *tail++ = *src++;
else else
{ {
check_parent = true;
while (*++src) while (*++src)
{ {
if (isslash (*src)) if (isslash (*src))
@ -301,6 +303,21 @@ normalize_posix_path (const char *src, char *dst, char *&tail)
break; break;
else else
{ {
/* According to POSIX semantics all elements of path must
exist. To follow it, we must validate our path before
removing the trailing component. Check_parent is needed
for performance optimization, in order not to verify paths
which are already verified. For example this prevents
double check in case of foo/bar/../.. */
if (check_parent)
{
*tail = 0;
debug_printf ("checking %s before '..'", dst_start);
path_conv head (dst_start);
if (!head.isdir())
return ENOENT;
check_parent = false;
}
while (tail > dst_start && !isslash (*--tail)) while (tail > dst_start && !isslash (*--tail))
continue; continue;
src++; src++;

10
winsup/cygwin/release/1.7.21 Normal file
View File

@ -0,0 +1,10 @@
What's new:
-----------
Bug fixes:
----------
- Fix long-standing problem which allows to access files via ".." using an
invalid POSIX path, for instance, `cd nonexistant/../existing_dir".
Fixes: http://cygwin.com/ml/cygwin/2013-05/msg00222.html