diff options
| author | Jeremy Allison <jra@samba.org> | 2004-04-02 19:05:57 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2004-04-02 19:05:57 +0000 |
| commit | ff469fb2b26e4edb52dd808e9d07c6cd51d2aab9 (patch) | |
| tree | a06b5ea3a8ae925deb67fe0bd43af66fbb45b022 /source3/smbd/reply.c | |
| parent | 722aa118c66b020c2b9f2b595e1af50429f13986 (diff) | |
| download | samba-ff469fb2b26e4edb52dd808e9d07c6cd51d2aab9.tar.gz samba-ff469fb2b26e4edb52dd808e9d07c6cd51d2aab9.tar.bz2 samba-ff469fb2b26e4edb52dd808e9d07c6cd51d2aab9.zip | |
check_path improvements found by samba4 raw-checkpath tests.
Jeremy.
(This used to be commit 4081f7ce514635f3500d29a73a44bff2661b76b1)
Diffstat (limited to 'source3/smbd/reply.c')
| -rw-r--r-- | source3/smbd/reply.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fde4ee627f..3a11f162d2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -61,6 +61,10 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) while (IS_DIRECTORY_SEP(*s)) { s++; } + if ((s[0] == '.') && (s[1] == '\0')) { + ret = NT_STATUS_OBJECT_NAME_INVALID; + break; + } if ((d != destname) && (*s != '\0')) { /* We only care about non-leading or trailing '/' or '\\' */ *d++ = '/'; @@ -84,7 +88,8 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } /* Are we at the start ? Can't go back further if so. */ if (d == destname) { - return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + break; } /* Go back one level... */ /* We know this is safe as '/' cannot be part of a mb sequence. */ @@ -95,7 +100,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) d--; } s += 3; - } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { + } else if ((s[0] == '.') && (IS_DIRECTORY_SEP(s[1]) || s[2] == '\0')) { /* * No mb char starts with '.' so we're safe checking the directory separator here. @@ -105,11 +110,14 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) if (s == srcname) { ret = NT_STATUS_OBJECT_NAME_INVALID; + break; } else { - if (s[2] == '\0') { - return NT_STATUS_INVALID_PARAMETER; + if (s[1] != '\0' && s[2] == '\0') { + ret = NT_STATUS_INVALID_PARAMETER; + break; } ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + break; } s++; } else { @@ -128,6 +136,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) break; default: DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); + *d = '\0'; return NT_STATUS_INVALID_PARAMETER; } } |