- Timestamp:
- Dec 28, 2009, 12:35:27 AM (13 years ago)
- File:
-
- 1 edited
-
branches/1.7x/libtransmission/metainfo.c (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/1.7x/libtransmission/metainfo.c
r8889 r9829 137 137 138 138 static tr_bool 139 getfile( char ** setme, 140 const char * root, 141 tr_benc * path ) 139 path_is_suspicious( const char * path ) 140 { 141 return ( path == NULL ) 142 || ( strstr( path, "../" ) != NULL ); 143 } 144 145 static tr_bool 146 getfile( char ** setme, const char * root, tr_benc * path ) 142 147 { 143 148 tr_bool success = FALSE; … … 145 150 if( tr_bencIsList( path ) ) 146 151 { 152 int i; 153 const int n = tr_bencListSize( path ); 147 154 struct evbuffer * buf = evbuffer_new( ); 148 int n = tr_bencListSize( path );149 int i;150 155 151 156 evbuffer_add( buf, root, strlen( root ) ); … … 153 158 { 154 159 const char * str; 155 if( tr_bencGetStr( tr_bencListChild( path, i ), &str ) 156 && strcmp( str, ".." ) ) 160 if( tr_bencGetStr( tr_bencListChild( path, i ), &str ) ) 157 161 { 158 162 evbuffer_add( buf, TR_PATH_DELIMITER_STR, 1 ); … … 167 171 } 168 172 173 if( ( *setme != NULL ) && path_is_suspicious( *setme ) ) 174 { 175 tr_free( *setme ); 176 *setme = NULL; 177 success = FALSE; 178 } 179 169 180 return success; 170 181 } … … 212 223 else if( tr_bencGetInt( length, &len ) ) /* single-file mode */ 213 224 { 225 if( path_is_suspicious( inf->name ) ) 226 return "path"; 227 214 228 inf->isMultifile = 0; 215 229 inf->fileCount = 1;
Note: See TracChangeset
for help on using the changeset viewer.
