Skip to content

Commit 175003d

Browse files
ejohnstownejohnstown
committed
SFTP Paths
1. Modify the SFTP function RecvOpen() to use the same path cleanup function, GetAndCleanPath(), that all the other SFTP functions use. 2. Add a check to GetAndCleanPath() to make sure the default path is still a part of the cleaned path.
1 parent fa648ec commit 175003d

File tree

1 file changed

+21
-11
lines changed

1 file changed

+21
-11
lines changed

src/wolfsftp.c

Lines changed: 21 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1709,13 +1709,25 @@ static int GetAndCleanPath(const char* defaultPath,
17091709
const byte* data, word32 sz, char* s, word32 sSz)
17101710
{
17111711
char r[WOLFSSH_MAX_FILENAME];
1712+
int result = WS_SUCCESS;
17121713

17131714
if (sz >= sizeof r)
1714-
return WS_BUFFER_E;
1715-
WMEMCPY(r, data, sz);
1716-
r[sz] = '\0';
1715+
result = WS_BUFFER_E;
1716+
1717+
if (result == WS_SUCCESS) {
1718+
WMEMCPY(r, data, sz);
1719+
r[sz] = '\0';
1720+
result = wolfSSH_RealPath(defaultPath, r, s, sSz);
1721+
}
1722+
1723+
if (result == WS_SUCCESS && defaultPath != NULL) {
1724+
if (WSTRNCMP(s, defaultPath, WSTRLEN(defaultPath)) != 0) {
1725+
WLOG(WS_LOG_SFTP, "Path not contained in default path: %s", s);
1726+
result = WS_INVALID_PATH_E;
1727+
}
1728+
}
17171729

1718-
return wolfSSH_RealPath(defaultPath, r, s, sSz);
1730+
return result;
17191731
}
17201732

17211733

@@ -2001,7 +2013,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
20012013
{
20022014
WS_SFTP_FILEATRB atr;
20032015
WFD fd;
2004-
word32 sz, dirSz;
2016+
word32 sz;
20052017
char dir[WOLFSSH_MAX_FILENAME];
20062018
word32 reason;
20072019
word32 idx = 0;
@@ -2043,9 +2055,8 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
20432055
return WS_BUFFER_E;
20442056
}
20452057

2046-
dirSz = sizeof(dir);
2047-
if (wolfSSH_GetPath(ssh->sftpDefaultPath, data + idx, sz, dir, &dirSz)
2048-
!= WS_SUCCESS) {
2058+
if (GetAndCleanPath(ssh->sftpDefaultPath,
2059+
data + idx, sz, dir, sizeof(dir)) != WS_SUCCESS) {
20492060
WLOG(WS_LOG_SFTP, "Creating path for file to open failed");
20502061
return WS_FATAL_ERROR;
20512062
}
@@ -2202,7 +2213,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
22022213
{
22032214
/* WS_SFTP_FILEATRB atr;*/
22042215
HANDLE fileHandle;
2205-
word32 sz, dirSz;
2216+
word32 sz;
22062217
char dir[WOLFSSH_MAX_FILENAME];
22072218
word32 reason;
22082219
word32 idx = 0;
@@ -2239,8 +2250,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
22392250
return WS_BUFFER_E;
22402251
}
22412252

2242-
dirSz = sizeof(dir);
2243-
if (wolfSSH_GetPath(ssh->sftpDefaultPath, data + idx, sz, dir, &dirSz)
2253+
if (GetAndCleanPath(ssh->sftpDefaultPath, data + idx, sz, dir, sizeof(dir))
22442254
!= WS_SUCCESS) {
22452255
WLOG(WS_LOG_SFTP, "Creating path for file to open failed");
22462256
return WS_FATAL_ERROR;

0 commit comments

Comments
 (0)