summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--exclude.c2
-rw-r--r--flist.c10
-rw-r--r--main.c4
-rw-r--r--options.c10
-rw-r--r--util.c33
5 files changed, 18 insertions, 41 deletions
diff --git a/exclude.c b/exclude.c
index 467731c4..7d9ea352 100644
--- a/exclude.c
+++ b/exclude.c
@@ -295,7 +295,7 @@ static char *parse_merge_name(const char *merge_file, unsigned int *len_ptr,
strlcpy(to, merge_file, *len_ptr + 1);
merge_file = to;
}
- if (!sanitize_path(fn, merge_file, r, dirbuf_depth, NULL)) {
+ if (!sanitize_path(fn, merge_file, r, dirbuf_depth)) {
rprintf(FERROR, "merge-file name overflows: %s\n",
merge_file);
return NULL;
diff --git a/flist.c b/flist.c
index 5041d699..58ef0c5d 100644
--- a/flist.c
+++ b/flist.c
@@ -671,7 +671,7 @@ static struct file_struct *recv_file_entry(struct file_list *flist,
clean_fname(thisname, 0);
if (sanitize_paths)
- sanitize_path(thisname, thisname, "", 0, NULL);
+ sanitize_path(thisname, thisname, "", 0);
if ((basename = strrchr(thisname, '/')) != NULL) {
int len = basename++ - thisname;
@@ -917,7 +917,7 @@ static struct file_struct *recv_file_entry(struct file_list *flist,
} else
read_sbuf(f, bp, linkname_len - 1);
if (sanitize_paths)
- sanitize_path(bp, bp, "", lastdir_depth, NULL);
+ sanitize_path(bp, bp, "", lastdir_depth);
}
#endif
@@ -1008,7 +1008,7 @@ struct file_struct *make_file(const char *fname, struct file_list *flist,
}
clean_fname(thisname, 0);
if (sanitize_paths)
- sanitize_path(thisname, thisname, "", 0, NULL);
+ sanitize_path(thisname, thisname, "", 0);
if (stp && S_ISDIR(stp->st_mode)) {
st = *stp; /* Needed for "symlink/." with --relative. */
@@ -1804,13 +1804,13 @@ struct file_list *send_file_list(int f, int argc, char *argv[])
if (use_ff_fd) {
if (read_line(filesfrom_fd, fbuf, sizeof fbuf, rl_flags) == 0)
break;
- sanitize_path(fbuf, fbuf, "", 0, NULL);
+ sanitize_path(fbuf, fbuf, "", 0);
} else {
if (argc-- == 0)
break;
strlcpy(fbuf, *argv++, MAXPATHLEN);
if (sanitize_paths)
- sanitize_path(fbuf, fbuf, "", 0, NULL);
+ sanitize_path(fbuf, fbuf, "", 0);
}
len = strlen(fbuf);
diff --git a/main.c b/main.c
index 2fc664c8..304f8be2 100644
--- a/main.c
+++ b/main.c
@@ -926,10 +926,10 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
if (sanitize_paths) {
char **dir;
for (dir = basis_dir; *dir; dir++) {
- *dir = sanitize_path(NULL, *dir, NULL, curr_dir_depth, NULL);
+ *dir = sanitize_path(NULL, *dir, NULL, curr_dir_depth);
}
if (partial_dir) {
- partial_dir = sanitize_path(NULL, partial_dir, NULL, curr_dir_depth, NULL);
+ partial_dir = sanitize_path(NULL, partial_dir, NULL, curr_dir_depth);
}
}
fix_basis_dirs();
diff --git a/options.c b/options.c
index 65fc9c4a..783ca594 100644
--- a/options.c
+++ b/options.c
@@ -1001,7 +1001,7 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain)
case OPT_INCLUDE_FROM:
arg = poptGetOptArg(pc);
if (sanitize_paths)
- arg = sanitize_path(NULL, arg, NULL, 0, NULL);
+ arg = sanitize_path(NULL, arg, NULL, 0);
if (server_filter_list.head) {
int rej;
char *cp = strdup(arg);
@@ -1394,11 +1394,11 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain)
if (sanitize_paths) {
int i;
for (i = argc; i-- > 0; )
- argv[i] = sanitize_path(NULL, argv[i], "", 0, NULL);
+ argv[i] = sanitize_path(NULL, argv[i], "", 0);
if (tmpdir)
- tmpdir = sanitize_path(NULL, tmpdir, NULL, 0, NULL);
+ tmpdir = sanitize_path(NULL, tmpdir, NULL, 0);
if (backup_dir)
- backup_dir = sanitize_path(NULL, backup_dir, NULL, 0, NULL);
+ backup_dir = sanitize_path(NULL, backup_dir, NULL, 0);
}
if (server_filter_list.head && !am_sender) {
struct filter_list_struct *elp = &server_filter_list;
@@ -1602,7 +1602,7 @@ int parse_arguments(int *argc_p, const char ***argv_p, int frommain)
}
} else {
if (sanitize_paths)
- files_from = sanitize_path(NULL, files_from, NULL, 0, NULL);
+ files_from = sanitize_path(NULL, files_from, NULL, 0);
if (server_filter_list.head) {
if (!*files_from)
goto options_rejected;
diff --git a/util.c b/util.c
index 75b6e3fc..e236ca5a 100644
--- a/util.c
+++ b/util.c
@@ -549,7 +549,7 @@ void glob_expand(char *s, char ***argv_ptr, int *argc_ptr, int *maxargs_ptr)
s = ".";
if (sanitize_paths)
- s = sanitize_path(NULL, s, "", 0, NULL);
+ s = sanitize_path(NULL, s, "", 0);
else
s = strdup(s);
if (!s)
@@ -766,8 +766,7 @@ unsigned int clean_fname(char *name, int flags)
* Specify NULL to get the default of "module_dir".
*
* The depth var is a count of how many '..'s to allow at the start of the
- * path. If symlink is set, combine its value with the "p" value to get
- * the target path, and **return NULL if any '..'s try to escape**.
+ * path.
*
* We also clean the path in a manner similar to clean_fname() but with a
* few differences:
@@ -777,17 +776,11 @@ unsigned int clean_fname(char *name, int flags)
* ALWAYS collapses ".." elements (except for those at the start of the
* string up to "depth" deep). If the resulting name would be empty,
* change it into a ".". */
-char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth,
- const char *symlink)
+char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth)
{
- char *start, *sanp, *save_dest = dest;
+ char *start, *sanp;
int rlen = 0, leave_one_dotdir = relative_paths;
- if (symlink && *symlink == '/') {
- p = symlink;
- symlink = "";
- }
-
if (dest != p) {
int plen = strlen(p);
if (*p == '/') {
@@ -810,18 +803,7 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth,
}
start = sanp = dest + rlen;
- while (1) {
- if (*p == '\0') {
- if (!symlink || !*symlink)
- break;
- while (sanp != start && sanp[-1] != '/') {
- /* strip last element */
- sanp--;
- }
- /* Append a relative symlink */
- p = symlink;
- symlink = "";
- }
+ while (*p) {
/* discard leading or extra slashes */
if (*p == '/') {
p++;
@@ -843,11 +825,6 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth,
if (*p == '.' && p[1] == '.' && (p[2] == '/' || p[2] == '\0')) {
/* ".." component followed by slash or end */
if (depth <= 0 || sanp != start) {
- if (symlink && sanp == start) {
- if (!save_dest)
- free(dest);
- return NULL;
- }
p += 2;
if (sanp != start) {
/* back up sanp one level */