diff options
| author | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2024-02-20 21:24:17 +0100 |
|---|---|---|
| committer | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2024-02-20 21:24:17 +0100 |
| commit | 8bcf0bf855c1cd7710aa6c04e8bf23c06248c88b (patch) | |
| tree | b83e91db16ac787ca40ab66f318382ce91accc74 | |
| parent | afc5cf0dfcb8c507315e40d71ee305fa130be6db (diff) | |
main.c: Improve relative path detectionv0.2.1-rc4
Otherwise, the following resources would be considered valid:
- /user/../test
- /user/./test
- /user/a/.
- /user/a/./test
| -rw-r--r-- | main.c | 18 |
1 files changed, 12 insertions, 6 deletions
@@ -395,16 +395,22 @@ static bool path_isrel(const char *const path) { if (!strcmp(path, "..") || !strcmp(path, ".") - || !strcmp(path, "./") - || !strcmp(path, "../") + || !strncmp(path, "./", strlen("./")) + || !strncmp(path, "../", strlen("../")) + || strstr(path, "/./") || strstr(path, "/../")) return true; - static const char suffix[] = "/.."; - const size_t n = strlen(path), sn = strlen(suffix); + static const char *const suffixes[] = {"/.", "/.."}; - if (n >= sn && !strcmp(path + n - sn, suffix)) - return true; + for (size_t i = 0; i < sizeof suffixes / sizeof *suffixes; i++) + { + const char *const suffix = suffixes[i]; + const size_t n = strlen(path), sn = strlen(suffix); + + if (n >= sn && !strcmp(path + n - sn, suffix)) + return true; + } return false; } |