mirror of
https://github.com/samba-team/samba.git
synced 2025-01-18 06:04:06 +03:00
CVE-2023-34968: lib: Move subdir_of() to source3/lib/util_path.c
Make it available for other components Bug: https://bugzilla.samba.org/show_bug.cgi?id=15207 Signed-off-by: Volker Lendecke <vl@samba.org> (backported from commit d905dbddf8d2655e6c91752b750cbe9c15837ee5) [slow@samba.org: subdir_of() didn't exist yet in 4.16 so this just adds it]
This commit is contained in:
parent
5b4353cc60
commit
843ec381de
@ -23,6 +23,8 @@
|
||||
|
||||
#include "replace.h"
|
||||
#include <talloc.h>
|
||||
#include "lib/util/debug.h"
|
||||
#include "lib/util/fault.h"
|
||||
#include "lib/util/samba_util.h"
|
||||
#include "lib/util_path.h"
|
||||
|
||||
@ -210,3 +212,53 @@ char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *pathname_in)
|
||||
*p++ = '\0';
|
||||
return pathname;
|
||||
}
|
||||
|
||||
/*
|
||||
* Take two absolute paths, figure out if "subdir" is a proper
|
||||
* subdirectory of "parent". Return the component relative to the
|
||||
* "parent" without the potential "/". Take care of "parent"
|
||||
* possibly ending in "/".
|
||||
*/
|
||||
bool subdir_of(const char *parent,
|
||||
size_t parent_len,
|
||||
const char *subdir,
|
||||
const char **_relative)
|
||||
{
|
||||
const char *relative = NULL;
|
||||
bool matched;
|
||||
|
||||
SMB_ASSERT(parent[0] == '/');
|
||||
SMB_ASSERT(subdir[0] == '/');
|
||||
|
||||
if (parent_len == 1) {
|
||||
/*
|
||||
* Everything is below "/"
|
||||
*/
|
||||
*_relative = subdir+1;
|
||||
return true;
|
||||
}
|
||||
|
||||
if (parent[parent_len-1] == '/') {
|
||||
parent_len -= 1;
|
||||
}
|
||||
|
||||
matched = (strncmp(subdir, parent, parent_len) == 0);
|
||||
if (!matched) {
|
||||
return false;
|
||||
}
|
||||
|
||||
relative = &subdir[parent_len];
|
||||
|
||||
if (relative[0] == '\0') {
|
||||
*_relative = relative; /* nothing left */
|
||||
return true;
|
||||
}
|
||||
|
||||
if (relative[0] == '/') {
|
||||
/* End of parent must match a '/' in subdir. */
|
||||
*_relative = relative+1;
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
@ -31,5 +31,9 @@ char *lock_path(TALLOC_CTX *mem_ctx, const char *name);
|
||||
char *state_path(TALLOC_CTX *mem_ctx, const char *name);
|
||||
char *cache_path(TALLOC_CTX *mem_ctx, const char *name);
|
||||
char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *abs_path);
|
||||
bool subdir_of(const char *parent,
|
||||
size_t parent_len,
|
||||
const char *subdir,
|
||||
const char **_relative);
|
||||
|
||||
#endif
|
||||
|
Loading…
x
Reference in New Issue
Block a user