X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Ffile_ops.c;h=098554cd90d57b741768dca26bde49862349c935;hb=43edf552b83666922ebfd007bcc1449554e7aaad;hp=207a4b19010bb254845a280e3632d22fe7897842;hpb=57b37d4ed168b176d594bc149e5d16a1b9f0517a;p=citadel.git diff --git a/citadel/file_ops.c b/citadel/file_ops.c index 207a4b190..098554cd9 100644 --- a/citadel/file_ops.c +++ b/citadel/file_ops.c @@ -37,67 +37,9 @@ #include "msgbase.h" #include "citserver.h" #include "threads.h" - -#ifndef HAVE_SNPRINTF -#include "snprintf.h" -#endif - #include "ctdl_module.h" #include "user_ops.h" -/* - * network_talking_to() -- concurrency checker - */ -static HashList *nttlist = NULL; -int network_talking_to(const char *nodename, long len, int operation) { - - int retval = 0; - HashPos *Pos = NULL; - void *vdata; - - begin_critical_section(S_NTTLIST); - - switch(operation) { - - case NTT_ADD: - if (nttlist == NULL) - nttlist = NewHash(1, NULL); - Put(nttlist, nodename, len, NewStrBufPlain(nodename, len), HFreeStrBuf); - syslog(LOG_DEBUG, "nttlist: added <%s>\n", nodename); - break; - case NTT_REMOVE: - if ((nttlist == NULL) || - (GetCount(nttlist) == 0)) - break; - Pos = GetNewHashPos(nttlist, 1); - if (GetHashPosFromKey (nttlist, nodename, len, Pos)) - DeleteEntryFromHash(nttlist, Pos); - DeleteHashPos(&Pos); - syslog(LOG_DEBUG, "nttlist: removed <%s>\n", nodename); - - break; - - case NTT_CHECK: - if ((nttlist == NULL) || - (GetCount(nttlist) == 0)) - break; - if (!GetHash(nttlist, nodename, len, &vdata)) - retval ++; - syslog(LOG_DEBUG, "nttlist: have [%d] <%s>\n", retval, nodename); - break; - } - - end_critical_section(S_NTTLIST); - return(retval); -} - -void cleanup_nttlist(void) -{ - begin_critical_section(S_NTTLIST); - DeleteHash(&nttlist); - end_critical_section(S_NTTLIST); -} - /* @@ -261,6 +203,12 @@ void cmd_open(char *cmdbuf) ERROR + FILE_NOT_FOUND); return; } + if (strstr(filename, "../") != NULL) + { + cprintf("%d syntax error.\n", + ERROR + ILLEGAL_VALUE); + return; + } if (CC->download_fp != NULL) { cprintf("%d You already have a download file open.\n", @@ -342,6 +290,13 @@ void cmd_oimg(char *cmdbuf) filename[a] = '_'; } } + if (strstr(filename, "../") != NULL) + { + cprintf("%d syntax error.\n", + ERROR + ILLEGAL_VALUE); + return; + } + snprintf(pathname, sizeof pathname, "%s/%s", ctdl_image_dir, @@ -590,6 +545,8 @@ void cmd_ucls(char *cmd) ); if (link(CC->upl_path, final_filename) == 0) { + syslog(LOG_INFO, "UCLS: updoaded %s\n", + final_filename); unlink(CC->upl_path); } else { @@ -597,6 +554,7 @@ void cmd_ucls(char *cmd) CC->upl_path, final_filename, strerror(errno) ); } + /* FIXME ... here we need to trigger a network run */ } @@ -641,10 +599,15 @@ void cmd_read(char *cmdbuf) long start_pos; size_t bytes; char buf[SIZ]; + int rc; /* The client will transmit its requested offset and byte count */ start_pos = extract_long(cmdbuf, 0); bytes = extract_int(cmdbuf, 1); + if ((start_pos < 0) || (bytes <= 0)) { + cprintf("%d you have to specify a value > 0.\n", ERROR + ILLEGAL_VALUE); + return; + } if (CC->download_fp == NULL) { cprintf("%d You don't have a download file open.\n", @@ -657,7 +620,16 @@ void cmd_read(char *cmdbuf) bytes = sizeof(buf); } - fseek(CC->download_fp, start_pos, 0); + rc = fseek(CC->download_fp, start_pos, 0); + if (rc < 0) { + cprintf("%d your file is smaller then %ld.\n", ERROR + ILLEGAL_VALUE, start_pos); + syslog(LOG_ALERT, "your file %s is smaller then %ld. [%s]\n", + CC->upl_path, + start_pos, + strerror(errno)); + + return; + } bytes = fread(buf, 1, bytes, CC->download_fp); if (bytes > 0) { /* Tell the client the actual byte count and transmit it */ @@ -687,11 +659,13 @@ void cmd_writ(char *cmdbuf) cprintf("%d You don't have an upload file open.\n", ERROR + RESOURCE_NOT_OPEN); return; } + if (bytes <= 0) { + cprintf("%d you have to specify a value > 0.\n", ERROR + ILLEGAL_VALUE); + return; + } if (bytes > 100000) { - cprintf("%d You may not write more than 100000 bytes.\n", - ERROR + TOO_BIG); - return; + bytes = 100000; } cprintf("%d %d\n", SEND_BINARY, bytes); @@ -813,6 +787,7 @@ void cmd_nuop(char *cmdbuf) CTDL_MODULE_INIT(file_ops) { if (!threading) { + CtdlRegisterProtoHook(cmd_delf, "DELF", "Delete a file"); CtdlRegisterProtoHook(cmd_movf, "MOVF", "Move a file"); CtdlRegisterProtoHook(cmd_open, "OPEN", "Open a download file transfer"); @@ -825,7 +800,6 @@ CTDL_MODULE_INIT(file_ops) CtdlRegisterProtoHook(cmd_nuop, "NUOP", "Open a network spool file for upload"); CtdlRegisterProtoHook(cmd_oimg, "OIMG", "Open an image file for download"); CtdlRegisterProtoHook(cmd_uimg, "UIMG", "Upload an image file"); - CtdlRegisterCleanupHook(cleanup_nttlist); } /* return our Subversion id for the Log */ return "file_ops";